Page last updated on July 16, 2024
POOL CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-27 15:25:31 EST.
Filings
10-K filed on 2024-02-27
POOL CORP filed a 10-K at 2024-02-27 15:25:31 EST
Accession Number: 0000945841-24-000021
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Governance Our Board of Directors (Board) is responsible for oversight of our risk management programs and assisting management in addressing specific risks, including cybersecurity risks. The Audit Committee assists our Board in reviewing cybersecurity and other information technology risks, controls and procedures, including our plans to mitigate cybersecurity risks and to respond to data breaches. The Audit Committee also helps in reviewing with management any specific cybersecurity issues that could have a material impact on us. Our Chief Information Officer (CIO) provides the Board with updates on cybersecurity risks at regularly scheduled board meetings at least twice a year. These updates include the results of any third-party reviews and related remediation items. Primary responsibility for assessing, monitoring and managing our cybersecurity risks rests with our CIO who has held that role since 2019 and has been employed by the company since 2004. With almost 20 years of experience in cybersecurity, our CIO has extensive cybersecurity expertise and in-depth knowledge and experience instrumental in developing and executing our cybersecurity strategies. Our CIO oversees our cyber governance programs, evaluates our compliance with applicable standards and remediates known risks. Our CIO also oversees our internal phishing tests, leads our employee cyber training program and seeks to promote company-wide awareness of cybersecurity risk through broad-based communications and educational initiatives. At the day-to-day operational level, our CIO manages an information security team tasked with executing our cybersecurity program. This team includes a director of network security, technical director of enterprise architecture, system architects and network security staff. Members of our information technology (IT) management group, led by our CIO, have extensive years of combined experience in defending large, complex corporate environments. Our CIO, IT management group, architects and network security team members receive briefings and annual training on cybersecurity threats and response methods that provide real world threat scenarios to measure the effectiveness of our programs and technologies in protecting our systems. Our team of professionals also monitors our compliance with laws governing privacy rights, data protection and cybersecurity. Our incident response policy outlines our protocols for assessing, managing and responding to cyber incidents. This policy guides the response of our global IT team, which, depending on the significance of the incident, includes activating response plans from third-party partners, escalating the issue to executive management, notifying one or more members of our Board, maintaining communication with users and notifying law enforcement and other agencies if warranted. We may also receive assistance from a third-party security operations center (SOC) and other industry-leading third-party providers. 22
Company Information
Name | POOL CORP |
CIK | 0000945841 |
SIC Description | Wholesale-Misc Durable Goods |
Ticker | POOL - Nasdaq |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 30 |