Corbus Pharmaceuticals Holdings, Inc. 10-K Cybersecurity GRC - 2024-03-12

Page last updated on July 16, 2024

Corbus Pharmaceuticals Holdings, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-12 17:19:13 EDT.

Filings

10-K filed on 2024-03-12

Corbus Pharmaceuticals Holdings, Inc. filed a 10-K at 2024-03-12 17:19:13 EDT
Accession Number: 0000950170-24-030133

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY We have certain processes for assessing, identifying and managing cybersecurity risks, which are built into our overall information technology and cybersecurity functions. By fully outsourcing our IT environment and placing it within expert third-party software-as-a-service, human resource, and clinical providers our primary means of avoiding cyber risk is not having sensitive data within our enterprise. All third parties are managed by our team, and we review our vendors to ensure that they have risk management procedures in place, including physical, procedural, and technical safeguards (such as: response plans, regular tests on the systems, third-party auditing, incident simulations and routine review of appropriate policies and procedures to identify risks and refine security practices). Our Director of IT Operations and Security is responsible for vendor management regarding our vendor risk experience and reports directly to our Chief Financial Officer. We track security risk as a company and review it annually at the senior management level. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition. As needed, the Audit Committee of our Board of Directors provides oversight over cybersecurity risk and provides updates to the Board of Directors regarding such oversight. The Audit Committee receives periodic updates from management regarding cybersecurity matters and is notified between such updates regarding significant new cybersecurity threats or incidents. To deter and detect cyber threats, we annually provide our employees, including part-time and temporary employees, with a data protection, cybersecurity and incident response and prevention training and compliance program, which covers timely and relevant topics, such as social engineering, phishing, password protection, confidential data protection, asset use and mobile security, and educates employees on the importance of reporting security incidents immediately. We also use technology-based tools that are designed to mitigate cybersecurity risks and to bolster our employee-based cybersecurity programs.


Company Information

NameCorbus Pharmaceuticals Holdings, Inc.
CIK0001595097
SIC DescriptionPharmaceutical Preparations
TickerCRBP - Nasdaq
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30