2018 Guide to Effective Proxies

2.16 Risk oversight | 225 6 TH EDITION | GUIDE TO EFFECTIVE PROXIES NORDSON CORPORATION Meetings of the Boardof Directors The Board held nine meetings during fiscal year 2017. In addition, there were a total of 17 meetings of our committees. Nordson’s policy is to require attendance and active participation by directors at Board and committee meetings. Each director attended at least 75% of the total number of meetings of the Board and the committees on which the director served during fiscal year 2017. Directors are encouraged to attend the AnnualMeeting. Allof Nordson’sdirectors attended the 2017AnnualMeeting of Shareholdersheldon February 28, 2017. ExecutiveSessionsof IndependentDirectors Pursuant to our Governance Guidelines, independent directors meet in regularly scheduled executive sessions without management. The Chairman of the Board of Directors (or, when our Chairman is not an independent director, the Presiding Director) chairs all regularly scheduled executive sessions of the Board, and also has authority to convene meetings of the independent directors at any time with appropriatenotice. Oversight of Risk The Board plays an active role, both as a whole and also at the committee level, in overseeing management of the Company’s risks. Management is responsible for the Company’s day-to-day risk management activities. The Company has established an enterprise risk framework for identifying, aggregating, and evaluating risk across the enterprise. The risk framework is integrated with the Company’sannualplanning,auditscoping,andcontrol evaluationmanagement by its internalauditor. The involvement of the Board in assessing our business strategy at least annually is a key part of its oversight of risk management, its assessment of management’s appetite for risk, and its determination of what constitutes an appropriate level of risk for Nordson. The Board regularly receives updates from management andoutsideadvisorsregardingthis oversight responsibility. In addition, our Board committees each oversee certain aspects of risk management as presented below: AuditCommittee CompensationCommittee Governance&Nominating Committee Risksassociatedwithfinancial matters,particularlyfinancial reporting,accounting,disclosure,and internalcontrols. Risksassociatedwiththe establishmentandadministrationof executivecompensationand equity-basedcompensation programsandperformance managementofofficers. RisksassociatedwithBoard independence,effectivenessand organization,corporategovernance matters,anddirectorsuccession planning. Senior management attends Board and Board committee meetings at the invitation of the Board or its committees and is available to address any questions or concerns raised by the Board on risk management andany other matters. The Audit Committee and Compensation Committees rely also on the advice and counsel of our independent auditors and independent compensation consultant, respectively, to raise awareness of any risk issues that may arise during their regular reviews of our financial statements, audit work and executive compensation policies and practices. The Board is kept abreast of its Committees’ risk oversight andother activitiesviameeting reports of the Committee Chairpersonsto the fullBoard. Review of Transactionswith Related Persons The Board has adopted a written policy regarding the review and approval of transactions between the Company and its subsidiaries and certain persons that are required to be disclosed in proxy statements, which are commonly referred to as “related persons transactions.” Relatedpersons include NordsonCorporation–2018ProxyStatement | 19 ORACLE Every fiscal quarter, the Governance Committee and the Compensation Committee review Mr. Ellison’s pledging arrangements fromariskmanagementperspectiveandprovideareporttotheBoardonthearrangements. InreviewingMr.Ellison’spledging arrangements,theBoardandthecommitteesconsider: • historicalinformationandtrendsregardingMr.Ellison’spledgingarrangements; • thekeytermsoftheloansunderwhichsharesofOraclecommonstockhavebeenpledgedascollateral; • themagnitudeoftheaggregatenumberofsharesofOraclecommonstockthatarepledgedinrelationto: • thetotalnumberofsharesofOraclecommonstockoutstanding;and • thetotalnumberofsharesofOraclecommonstockownedbyMr.Ellison; • themarketvalueofOraclecommonstock; • Mr.Ellison’sindependentabilitytorepayanyloanswithoutrecoursetothealready-pledgedshares;and • anyotherrelevantfactors. In addition, the Governance Committee and the Compensation Committee periodically seek outside advice and counsel in connectionwiththeiroversightofMr.Ellison’spledgingarrangements.Inthisregard,theGovernanceCommitteeandtheChair oftheCompensationCommitteemetwithindependentadvisorsinJuly2017toreviewtheCommittee’spoliciesandprocedures withregardtopledging. BoardLeadershipStructure The roles of Chairman of the Board and CEO are currently filled by separate individuals. Since September 2014, Mr. Ellison has served as our Chairman, and Ms. Catz and Mr. Hurd have served as our CEOs. Previously, Mr. Henley served as Chairman and Mr.EllisonservedasCEO. TheBoardbelievesthattheseparationoftheofficesoftheChairmanandCEOsisappropriateatthistimebecauseitallowsour CEOstofocusprimarilyonOracle’sbusinessstrategy,operationsandcorporatevision.However,asdescribedinfurtherdetailin our Guidelines, the Board does not have a policy mandating the separation of the roles of Chairman and CEO. Our Board elects ourChairmanandourCEOs,andeachofthesepositionsmaybeheldbythesamepersonorbydifferentpeople.Webelieveitis important that the Board retain flexibility to determine whether these roles should be separate or combined based upon the Board’sassessmentofthecompany’sneedsandOracle’sleadershipatagivenpointintime. We believe that independent and effective oversight of Oracle’s business and affairs is maintained through the composition of our Board, the leadership of our independent directors and Board committees and our governance structures and processes already in place. The Board consists of a substantial majority of independent directors, and the Board’s Compensation, F&A, GovernanceandIndependenceCommitteesarecomposedsolelyofindependentdirectors. While we currently do not have a policy mandating an independent lead director, the Board believes that a number of non- employee directors fulfill the lead independent director role at various times, including during executive sessions, depending upontheparticularissuesinvolved.AssetforthinourGuidelines,onanannualrotatingbasis,thechairsoftheF&ACommittee, the Governance Committee and the Compensation Committee serve as the lead independent director at executive sessions of theBoard.Theleadindependentdirectorservesasaliaisonbetweenourindependentdirectorsandourexecutivedirectorsand performssuchadditionaldutiesasourBoarddetermines. Currently,Dr.Boskinservesastheleadindependentdirector. Board’sRoleinRiskOversight While management is responsible for assessing and managing risks to Oracle, our Board is responsible for overseeing management’s efforts to assess and managerisk.TheBoard’sriskoversightareasinclude,butarenotlimitedto: • leadership structure and succession planning for management and the Board; • strategic and operational planning, including with respect to significant acquisitions, the evaluation of our capital structure and long-term debt financing,andOracle’slong-termgrowth; • informationtechnologyandcybersecurity;and • legalandregulatorycompliance. CybersecurityRiskOversight Cybersecurity risk oversight is a top priority for our Board. Oracle’s head of Global Information Security and its Chief Privacy Officer regularly brief the F&A Committee on Oracle’s information securityprogramanditsrelatedpriorities andcontrols.Inturn,theF&ACommittee reports to the full Board regarding the committee’s cybersecurity risk oversight activities. 20 2017AnnualMeetingofStockholders Total of 02 pages in section PHILIP MORRIS INTERNATIONAL, INC. BOARD OPERATIONS AND GOVERNANCE BoardRiskOversight Risk oversight is conducted both by the Committees of the Board with respect to their areas of responsibility as well as by the full Board. Management has identified and prioritized key enterprise risks based on four risk dimensions: the impact a risk could have on the organization if it occurs, the likelihood a risk will occur, the velocity with which a risk would affect the organization if it occurs, and the interconnectivity of a risk with other risks. As part of the risk management process, the Company has established a Corporate Risk Governance Committee (“CRGC”) comprising the Chief Operating Officer, the CFO, the Vice President and Controller, the Vice President, Corporate Audit, and the Vice President, Chief Ethics & Compliance Officer. Ownership of each of the prioritized risks is assigned to a member of senior management, and oversight of the management of each risk is assigned to a particular Board Committee or to the full Board. Management reports on these risks to the appropriate Committee and to the full Board throughout the year. The risk management oversight by each Committee is indicatedin the chart on pages 9 and 10. The full Board oversees the management of risks relatingto theCompany’sbusinessplanandlitigation,anditreceivesreports onriskmanagementbyeachCommittee.The rolesofthevariouscomponentsofriskassessment,managementandoversightareshownbelow. PMIRiskAssessment,ManagementandOversight Board of Directors AuditCommittee SeniorManagementTeam (SMT) OtherBoard Committees CorporateRiskGovernanceCommittee (CRGC) MarketLeadershipTeams andGlobalFunctions Responsible foroversightof riskmanagementprocesses Allocatesoversightofmanagementof specific risks to the appropriate BoardCommittee Providesoversightby reviewingCRGCprocessand results Provideoversightofmanagementofspecific risks fallingwithin each Committee’ssphereof expertise Assesses risk appetite Alignson key strategicenterprise risksannually Assignsownershipofstrategicenterprise risks to individualSMT members Integrates riskassessmentandmanagement into long-rangeplan and budget reviewprocess Drivesdesired riskmanagement culture throughstandard measurement and terminology CoordinatesSMTstrategic enterprise risk assessment Coordinates integrated riskassessment for InternalControls, Compliance,CorporateAudit andother functions Integrates key risks into InternalControlsChartofControlsprocess Own riskassessment andmanagement foraffiliateor function Drive sustainability through integrationof riskmanagement into existingbusinessprocesses BoardofDirectorsResponsibleforoversightofriskmanagementprocessesAllocatesoversightofmanagementofspecificriskstotheappropriateBoardCommitteeAuditCommitteeProvidesoversightbyreviewingCRGCprocessandresultsAssessesriskappetiteOtherBoardCommitteesProvideoversightofmanagementofspecificrisksfallingwithineachCommittee’ssphereofexpertiseSeniorManagementteam(SMT)AlignsonkeystrategicenterpriserisksannuallyAssignsownershipofstrategicenterpriseriskstoindividualSMTmembersIntegratesriskassessmentandmanagementintolong-rangeplanand budgetreviewprocessCorporateRiskGovernanceCommittee(CRGC)DrivesdesiredriskmanagementculturethroughstandardmeasurementandterminologyCoordinatesSMTstrategicenterpriseriskassessmentCoordinatesintegratedriskassessmentforInternalControls,Compliance,CorporateAuditandotherfunctionsIntegrateskeyrisksintoInternalControlsChartofControlsprocessMarketLeadershipTeamsandGlobalFunctionsOwnriskassessmentandmanagementforaffiliateorfunctionDrivesustainabilitythroughintegrationofriskmanagementintoexistingbusinessprocesses PMI2018ProxyStatement •11 PROLOGIS BOARDOFDIRECTORSANDCORPORATEGOVERNANCE Other Governance Matters Board’s role in risk oversight Riskawarenessisembeddedthroughoutouroperations,underpinnedbyan integratedframeworkforidentifying,assessingandmanagingrisk. TheBoardhastheprimaryresponsibilityforoverseeingriskmanagementofthe company.Oversightforcertainspecificrisksfallsundertheresponsibilitiesofour Boardcommittees. TheAuditCommitteefocusesonfinancialandcybersecurityrisksrelating tothecompany. TheCompensationCommitteefocusesonrisksrelatingtotalentretention andremunerationofourofficersandemployees. TheGovernanceCommitteefocusesonreputationalandcorporate governancerisksandESG. ThesecommitteesregularlyadvisethefullBoardoftheirriskoversightactivities. Criticalcomponentsofourriskoversightframeworkincluderegular communicationamongtheBoard,ourmanagementexecutivecommitteeand ourriskmanagementinfrastructuretoidentify,assessandmanagerisk. RISKOVERSIGHT FRAMEWORK Board Oversight Management Executive CommitteeOversight RiskManagement Framework Dynamic Risk Oversight Process Identifying,ManagingandAssessingRisks Ourriskoversightframeworkincludes: Boardengagementwithexecutiveandriskmanagementteamsincluding multi-dimensionalriskreviews,riskassessmentmappingandone-on-one interviewsbetweeneachdirectorandourriskmanagementteam Executivemanagementcommitteemeetingsfocusedonstrategicrisks Astructuredapproachtocapitaldeploymentvettedthroughweekly investmentcommitteemeetings I 24