AEI INCOME & GROWTH FUND 25 LLC 10-K Cybersecurity GRC - 2024-03-25

Page last updated on July 16, 2024

AEI INCOME & GROWTH FUND 25 LLC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-25 12:46:52 EDT.

Filings

10-K filed on 2024-03-25

AEI INCOME & GROWTH FUND 25 LLC filed a 10-K at 2024-03-25 12:46:52 EDT
Accession Number: 0001185198-24-000003

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. In the past two years and with the guidance of a qualified third-party, the Management Company has made improvements in the cybersecurity program across the Entity, and has developed processes for deterring, detecting, evaluating, and responding to potential cybersecurity incidents. In doing so, the Management Company focuses on its employees, networks, applications and data with a cybersecurity plan, informed by nationally recognized frameworks. The Management Company’s third-party advisor has performed cybersecurity risk assessments of its information technology security processes and implemented technologies to lessen risk. Using third party services, the Management Company monitors, scans, assesses, audits, and remediates identified vulnerabilities across its networks, as appropriate. Furthermore, recognizing that the Management Company’s employees are an essential line of defense in cybersecurity, it requires employees to participate in training and testing programs through which it provides education on the risk of potential cybersecurity incidents, methods for identification of such incidents and appropriate responses. The Management Company’s policies and processes are informed by industry standard practices regarding application security, access management, device protection, network management, and data loss prevention and recovery. The Management Company’s cybersecurity incident response plan includes retention of external experts for prompt assistance following discovery of any material incident. This cybersecurity incident response plan is part of its ongoing cybersecurity vulnerability management, and it endeavors to maintain appropriate controls to identify, monitor, analyze and address potential cybersecurity incidents, including potential unauthorized access to its networks and applications, along with detection of potential unusual activity within its networks or applications. Any potential cybersecurity incident is immediately reported to the President and Chief Financial Officer, and the Audit Committee or the full Board, as appropriate. The Audit Committee of the Board of Directors oversees the Management Company’s cybersecurity posture and the steps taken by management to monitor, identify, and mitigate cybersecurity risks. The Information Technology team briefs the Audit Committee on the effectiveness of the Entity’s cyber risk management program, typically on an annual basis. There have been no cybersecurity incidents which have materially affected the Management Company to date, including its business strategy, results of operations or financial condition. However, any future potential risks from cybersecurity threats, including but not limited to exploitation of vulnerabilities, ransomware, denial of service, supply chain attacks, or other similar threats may materially affect the Management Company, including its execution of business strategy, reputation, results of operations and/or financial condition. 5


Company Information

NameAEI INCOME & GROWTH FUND 25 LLC
CIK0001185198
SIC DescriptionReal Estate
Ticker
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30