Page last updated on July 16, 2024
FOX FACTORY HOLDING CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-22 18:38:36 EST.
Filings
10-K filed on 2024-02-22
FOX FACTORY HOLDING CORP filed a 10-K at 2024-02-22 18:38:36 EST
Accession Number: 0001424929-24-000006
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY We developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program is integrated into our overall enterprise risk management program and shares common methodologies, reporting channels, and governance processes that apply across other legal, strategic, operational, and financial risk areas. Risk Management and Strategy Our cybersecurity risk management program includes: - policies, process, and tools designed to identify, assess, and mitigate cyber risks across all aspects of our operations; - a cybersecurity team principally responsible for managing our cybersecurity risk assessment processes, our security controls, and our response to cybersecurity incidents; - the use of external service providers, where appropriate, to assess, test, monitor, or otherwise assist with aspects of our security controls; - cybersecurity awareness training for our employees and contractors; and - a Cybersecurity Incident Response Plan that includes procedures for responding to cybersecurity incidents. Governance Our Board of Directors has ultimate oversight of cybersecurity risk, which it manages as part of our enterprise risk management program while our executive officers are responsible for the day-to-day management of the material risks we face. Our Board of Directors administers its cybersecurity risk oversight function directly, as well as through the Audit Committee of the Board of Directors, and receives regular updates on relevant information regarding cybersecurity. The Audit Committee receives regular reports from management on our company’s cybersecurity risks and activities, including but not limited to any recent cybersecurity incidents and related responses, and any cybersecurity systems testing. In addition, management updates the Audit Committee, as necessary, regarding any material cybersecurity incidents, as well as any incidents with lesser potential impact. Our Chief Information Officer, who oversees our cybersecurity team, is responsible for assessing and managing our material risks from cybersecurity threats. The Chief Information Officer and our cybersecurity team has primary responsibility for our overall cybersecurity risk management program and supervises both our internal personnel dedicated to cybersecurity as well as our engaged and retained external cybersecurity consultants. Our cybersecurity team is supported by the information technology department as well as our engaged third parties and our retained service providers and, in addition, is informed about policies and processes to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our Chief Information Officer has over 20 years of experience in managing large-scale information technology infrastructure and associated technologies and other members of our cybersecurity team have experience and certifications relevant to cybersecurity. In addition, all personnel involved in cybersecurity engage in regular training on cybersecurity matters. Breaches We have not identified any risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. Notwithstanding the extensive approach we take to cybersecurity, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us. While we maintain cybersecurity insurance, the costs related to cybersecurity threats or disruptions may not be fully insured. For more information on our cybersecurity related risks, see Item 1A . Risk Factors of this Annual Report on Form 10-K.
Company Information
Name | FOX FACTORY HOLDING CORP |
CIK | 0001424929 |
SIC Description | Motorcycles, Bicycles & Parts |
Ticker | FOXF - Nasdaq |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 28 |