First Choice Healthcare Solutions, Inc. 10-K Cybersecurity GRC - 2024-05-13

Page last updated on July 16, 2024

First Choice Healthcare Solutions, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-05-13 10:17:47 EDT.

Filings

10-K filed on 2024-05-13

First Choice Healthcare Solutions, Inc. filed a 10-K at 2024-05-13 10:17:47 EDT
Accession Number: 0001493152-24-018817

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk Management and Strategy We review cybersecurity risk as part of our overall enterprise risk management program. This ensures that cybersecurity risk management remains a top priority in our business strategy and operations. 21 Our risk management strategy includes, among other elements: Identification: We aim to proactively identify sources of risk, areas of impact, and relevant events that could give rise to cybersecurity risks, such as changes to our infrastructure, service providers, or personnel. Assessment: We conduct periodic risk assessments to identify cybersecurity threats. We also conduct likelihood and impact assessments with the goal of identifying reasonably foreseeable internal and external risks, the likelihood and potential damage that could result from such risks, and the sufficiency of existing policies, procedures, systems, and safeguards in place to manage such risks. Management: Following our risk assessments, we design and implement reasonable safeguards to address any identified gaps in our existing processes and procedures. We have processes in place to identify, review and evaluate cybersecurity risks associated with our use of third-party service providers. These reviews are conducted at onboarding and periodically throughout the tenure of the service provider based on risk tier rating of each service provider. We believe these processes enable us to evaluate a third-party service provider’s security posture, identify risks that may arise out of our use of the third party’s service, and make decisions regarding acceptable levels of risk and risk mitigation. Governance The Board of Directors is aware of the critical nature of managing risks associated with cybersecurity threats. The Board has established robust oversight mechanisms to ensure effective governance in managing risks associated with cybersecurity threats because we recognize the significance of these threats to our operational integrity and stakeholder confidence. Board of Directors Oversight The Audit Committee is central to the Board’s oversight of cybersecurity risks and bears the primary responsibility for this domain. On a periodic basis, our Board of Directors reviews the adequacy of our computer systems controls, cybersecurity risk management and related governance and incident disclosures. Management’s Role Managing Risk Our Chief Financial Officer plays a pivotal role in informing the Board of Directors on cybersecurity risks and provides briefings to the Board of Directors on a regular basis, with a minimum frequency of once per year. These briefings encompass a broad range of topics, including: ● Current cybersecurity landscape and emerging threats; ● Status of ongoing cybersecurity initiatives and strategies; ● Incident reports and learnings from any cybersecurity events; and ● Compliance with regulatory requirements and industry standards. Risk Management Personnel Primary responsibility for assessing, monitoring and managing our cybersecurity risks rests with our information technology provider, who leads testing of our compliance with standards, remediation of known risks, and our employee training program. 22 Monitor Cybersecurity Incidents Our information technology providers lead our implementation and oversight of processes for the regular monitoring of our information systems. Reporting to Board of Directors Our information technology providers regularly inform the COO and CFO about matters related to cybersecurity risks and incidents. Together, our COO and CFO then update our Board on significant cybersecurity matters, and strategic risk management.

Company Information