MESABI TRUST 10-K Cybersecurity GRC - 2024-04-24

Page last updated on July 16, 2024

MESABI TRUST reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-24 16:15:59 EDT.

Filings

10-K filed on 2024-04-24

MESABI TRUST filed a 10-K at 2024-04-24 16:15:59 EDT
Accession Number: 0001558370-24-005598

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY . Mesabi Trust does not have any directors, officers or employees. The Corporate Trustee is responsible for oversight of Mesabi Trust’s risks from cybersecurity threats as it relates to financial record keeping, cash and investment management, administration and reporting. The Corporate Trustee also serves as registrar and transfer agent for the Trust. The Corporate Trustee has dedicated personnel responsible for assessing and managing Mesabi Trust’s cyber risk management efforts, informing senior management of the Corporate Trustee regarding the prevention, detection, mitigation and remediation of cybersecurity incidents and supervising such efforts. The Corporate Trustee’s information technology team has significant experience selecting, deploying and operating cybersecurity technologies, initiatives and processes and relies on threat intelligence as well as other information obtained from governmental, public or private sources, including external consultants engaged by the Corporate Trustee to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. The Corporate Trustee works with leading firms in the cybersecurity industry, leveraging their technology and expertise to monitor and maintain the performance and effectiveness of products and services that are used by the Corporate Trustee. The Corporate Trustee maintains a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats, which processes are integrated into the Corporate Trustee’s overall risk management process. The Corporate Trustee maintains robust cybersecurity protocols including, but not limited to technological capabilities that prevent and detect disruptions, computer workstations and programs protected with passwords and passphrases, as well as employee training throughout the year on financial regulations and cybersecurity followed up by testing of that knowledge. The protocols are based on recognized best practices and standards for cybersecurity and information technology. The Corporate Trustee has an annual assessment, performed by a third-party vendor, of the Corporate Trustee’s cyber risk management program. Other non-technical protocols include securing of documents and work areas that could contain non-public information and independent verification of information changes by outside vendors. Mesabi Trust faces risks from cybersecurity threats that could have a material adverse effect on its financial condition, results of operations, cash flows or reputation. The Corporate Trustee has experienced, and will continue to experience, cyber incidents in the normal course of its business. However, prior cybersecurity incidents have not had a material adverse effect on Mesabi Trust’s financial condition, results of operations, or cash flows. See “Risk Factors - General Risk Factors - The Trust faces risks from cybersecurity threats that could have a material adverse effect on its financial condition, financial record keeping, investment management, reporting, results of operations, cash flows or reputation.”


Company Information

NameMESABI TRUST
CIK0000065172
SIC DescriptionMineral Royalty Traders
TickerMSB - NYSE
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndJanuary 30