Aprea Therapeutics, Inc. 10-K Cybersecurity GRC - 2024-03-26

Page last updated on July 16, 2024

Aprea Therapeutics, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-26 07:45:45 EDT.

Filings

10-K filed on 2024-03-26

Aprea Therapeutics, Inc. filed a 10-K at 2024-03-26 07:45:45 EDT
Accession Number: 0001558370-24-003886

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We are a clinical-stage biopharmaceutical company and we are solely focused on developing novel synthetic lethality-based cancer therapeutics that target DNA damage response pathways. Therefore, we do not consider that we face significant cybersecurity risk and have not adopted a formal cybersecurity risk management program or process for assessing cybersecurity risk currently. We assess material risks from cybersecurity threats on an ongoing basis, including any potential unauthorized access to or occurrence on or conducted through our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems or any information residing therein. To this end, we utilize an outsourced information technology consultant, who we believe has sufficient experience and expertise with regard to cybersecurity matters, to implement systems and procedures designed to reduce, respond to and monitor for cybersecurity threats and vulnerabilities . Our outsourced information technology consultant conducts proactive patching and monitoring of all of our existing systems and has implemented systems and procedures to mitigate cybersecurity risks that we believe are appropriate for a company of our size, stage of growth and financial condition. In addition, we carry insurance with coverage for cyber events that we believe is suitable for a company of our size, stage of growth and financial condition. As of the date of this Annual Report on Form 10-K, we are not aware of any cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected us, including our business strategy, results of operations or financial condition. However, as discussed under “Risk Factors” in Part I, Item 1A of this Annual Report, cybersecurity threats pose multiple risks to us, including potentially to our results of operations and financial condition. For additional information concerning risks related to cybersecurity, see Item 1.A. Risk Factors: “Our business and operations would suffer in the event of IT system failures, cybersecurity attacks, data breaches, or vulnerabilities in our or our third-party vendors’ information security program or defenses. " Governance Management is responsible for the day-to-day management of the risks we face, while our Board of Directors as a whole has responsibility for the oversight of risk management, including as to material risks from cybersecurity threats. In its risk oversight role, our Board of Directors has the responsibility to satisfy itself that the risk management processes designed and implemented by management are appropriate and functioning as designed. The Board of Directors has delegated to the Audit Committee of the Board of Directors the responsibility for the oversight of information technology (including cybersecurity) risks. In general, we seek to address cybersecurity risks through a cross-functional approach that is focused on preserving the confidentiality, integrity, and availability of the information that we collect and store by identifying, preventing, and mitigating cybersecurity threats and effectively responding to cybersecurity incidents when they occur.


Company Information

NameAprea Therapeutics, Inc.
CIK0001781983
SIC DescriptionPharmaceutical Preparations
TickerAPRE - Nasdaq
Website
Category
Emerging growth company
Fiscal Year EndDecember 30