PERMIAN BASIN ROYALTY TRUST 10-K Cybersecurity GRC - 2024-02-29

Page last updated on July 16, 2024

PERMIAN BASIN ROYALTY TRUST reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-29 14:56:57 EST.

Filings

10-K filed on 2024-02-29

PERMIAN BASIN ROYALTY TRUST filed a 10-K at 2024-02-29 14:56:57 EST
Accession Number: 0001193125-24-053153

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. The Trust does not have a board of directors so the Trustee is responsible for oversight of the Trust’s risks from cybersecurity threats. The Trustee has dedicated personnel responsible for assessing and managing the Trust’s cyber risk management program, informing senior management of the Trustee regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents and supervising such efforts. The Trustee’s information technology team has decades of experience selecting, deploying, and operating cybersecurity technologies, initiatives, and processes, and relies on threat intelligence as well as other information obtained from governmental, public or private sources, including external consultants engaged by the Trustee to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. External partners are a key part of the Trustee’s cybersecurity protocols and policies. The Trustee works with leading firms in the cybersecurity industry, leveraging their technology and expertise to monitor and maintain the performance and effectiveness of products and services that are used by the Trustee. The Trustee maintains a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats, which processes are integrated into the Trustee’s overall risk management process. The Trustee maintains robust cybersecurity protocols including, but not limited to technological capabilities that prevent and detect disruptions; computer workstations and programs protected with passwords and passphrases, as well as employee training throughout the year on financial regulations and cybersecurity followed up by testing of that knowledge. The protocols are based on recognized best practices and standards for cybersecurity and information technology. The Trustee has an annual assessment, performed by a third party vendor, of the Trustee’s cyber risk management program. Other non-technical protocols include securing of documents and work areas that could contain personal, non-public information and independent verification of information changes by outside vendors. The Trust faces risks from cybersecurity threats that could have a material adverse effect on its business, financial condition, results of operations, cash flows or reputation. The Trustee has experienced, and will continue to experience, cyber incidents in the normal course of its business. However, prior cybersecurity incidents have not had a material adverse effect on the Trust’s business, financial condition, results of operations, or cash flows. See “Risk Factors - Business and Operational Risks - The Trustee may be subject to attempted cybersecurity disruptions from a variety of sources including state-sponsored actors.”


Company Information

NamePERMIAN BASIN ROYALTY TRUST
CIK0000319654
SIC DescriptionOil Royalty Traders
TickerPBT - NYSE
Website
Category
Fiscal Year EndDecember 30