ISUN, INC. 10-K Cybersecurity GRC - 2024-04-16

Page last updated on July 16, 2024

ISUN, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-16 17:31:25 EDT.

Filings

10-K filed on 2024-04-16

ISUN, INC. filed a 10-K at 2024-04-16 17:31:25 EDT
Accession Number: 0001493152-24-014892

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity & Governance Cybersecurity Risk Management We, like other companies in our industry, face several cybersecurity risks in connection with our business. Our business strategy, results of operations, and financial condition have not, to date, been affected by risks from cybersecurity threats. During the reporting period, we have not experienced any material cyber incidents, nor have we experienced a series of immaterial incidents, which would require disclosure. In the ordinary course of our business, we use, store and process a bare minimum of data. To effectively prevent, detect, and respond to cybersecurity threats, we maintain a cyber risk management program, which is comprised of data segregation, penetration testing, and training. The cyber risk management program falls under the responsibility of a third party IT consultant, who has cross-functional expertise in IT management, cybersecurity, and engineering with more than 30 years of experience (the “IT Consultant”), who reports directly to our Chief Financial Officer. Under the guidance of the IT Consultant, we have minimized our data footprint to keep our cyber risk low. We have implemented a cybersecurity risk management program that is designed to limit and mitigate risks from cybersecurity threats. Our cybersecurity risk management program incorporates several components, including employee training, periodic penetration tests, and multifactor authentications. Governance Under the ultimate direction of our CFO, with oversight from the Board, we maintain a security governance structure to evaluate and address cyber risk. Our Board is responsible for the oversight of cybersecurity risk management. The Board delegates oversight of the cybersecurity risk management program to the Audit Committee. On a quarterly and as-needed basis, the CFO reports to the Audit Committee on our cybersecurity risk management program, including any critical cybersecurity risks, ongoing cybersecurity initiatives and strategies, and applicable regulatory requirements and industry standards. The CFO also provides updates to the Audit Committee of any cybersecurity incidents (suspected or actual) and provides updates on the incidents as well as cybersecurity risk mitigation activities as appropriate.


Company Information

NameISUN, INC.
CIK0001634447
SIC DescriptionSemiconductors & Related Devices
TickerISUN - Nasdaq
Website
Category
Emerging growth company
Fiscal Year EndDecember 30