Corporate Security Councils and Working Groups

Working for a new company I am in the process of establishing our
Information Assurance Council and Information Assurance Working Group.

The council is being formed of the Chief Risk Officer, Business Unit
VP's, the Heads of Legal and HR, etc., but may be subsumed by an
existing body made up of the same people - not too concerned either
way as long as there is a formal decision making body that can help
prioritize and support our information assurance activities.  

My question is more about the working group.  I've set up a few of
these in the past, so I am no stranger to the process.  At the same
time though, I have a new opportunity and would like to get an update
on how other companies assemble and manage these working groups.  The
one I've assembled is made up of key contributors from IT, the
business units, legal, HR, compliance, etc.  Its about 15 to 20 people
in all.  The goal is to have a formalized network of personnel with
day to day operational responsibility for their areas (i.e. actually
getting the work done).  I consider these people to be my primary
touch points into the areas that they represent.     

What kind of things do your working groups engage in and how do you
manage and report on their ongoing activities?   What about charters
for the group and for the individual functions that are represented
within the group (roles and responsibilities)?  What about actually
managing the meetings themselves (considering the size and interests
of the group)?  

Any lessons learned or other advise would be greatly appreciated.   

Thanks,
Brad Bemis, CISSP, CISA