Page last updated on July 16, 2024
APPIAN CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-15 15:24:53 EST.
Filings
10-K filed on 2024-02-15
APPIAN CORP filed a 10-K at 2024-02-15 15:24:53 EST
Accession Number: 0001441683-24-000016
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Cybersecurity Risk Management As part of our overall risk management system, we have established certain procedures to assess, identify, and manage material risks from cybersecurity threats. Our cybersecurity risk management system is designed to align with industry best practices, including International Organization for Standardization, or ISO, standards, provide a framework for handling cybersecurity threats and incidents, and facilitate coordination across different departments of our company. As part of this system, we have a formally documented information security management program and conduct regular tabletop exercises that include participation from executive officers. In addition, we engage consultants and other third parties who are experts in the cybersecurity risk management field to review and provide testing services as well as general incident management services. These engagements directly contribute to industry certifications and attestations that demonstrate our dedication to protecting the data that we are entrusted with by customers. Our Governance, Risk and Compliance team within the information security management program oversees and identifies material cybersecurity risks associated with our use of these third-party service providers through a formal vendor security risk management program. Board Governance Disclosure One of the Board’s key functions is informed oversight of our risk management process, which includes responsibility for ensuring management has processes in place designed to identify, evaluate, manage, and mitigate cybersecurity risks to which it is exposed. The Board receives regular updates, on at least a quarterly basis, from our senior management team on such cybersecurity risks, developments in cybersecurity, and updates to the Company’s information security management program. The Board is also involved in strategic decisions related to the impact of these risks on our business. Management Governance Disclosure Our senior management team, which includes our Chief Information Security Officer, or CISO, is responsible for identifying, assessing, and managing material risks from cybersecurity threats, as well as for establishing processes to ensure such risks are monitored and mitigated, with the CISO taking the lead on such matters. Our CISO, who joined Appian in May 2021, brings over 17 years’ experience in security and compliance initiatives, including experience in the software-as-a-service and platform-as-a-service cloud industries. We have documented the framework and process for when and by whom senior management is informed and when such information will be reported to the other parties in our Incident Response Guide, which is regularly reviewed and updated by the information security team.
Company Information
Name | APPIAN CORP |
CIK | 0001441683 |
SIC Description | Services-Prepackaged Software |
Ticker | APPN - Nasdaq |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 30 |