SHOREPOWER TECHNOLOGIES INC. 10-K Cybersecurity GRC - 2024-06-13

Page last updated on July 16, 2024

SHOREPOWER TECHNOLOGIES INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-06-13 17:16:36 EDT.

Filings

10-K filed on 2024-06-13

SHOREPOWER TECHNOLOGIES INC. filed a 10-K at 2024-06-13 17:16:36 EDT
Accession Number: 0001493152-24-023724

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY We use, store and process data for and about our customers, employees, partners and suppliers. We have implemented a cybersecurity risk management program that is designed to identify, assess, and mitigate risks from cybersecurity threats to this data, our systems and business operations. Cyber Risk Management and Strategy Under the oversight of the Board of Directors since we do not currently have an Audit Committee, we have implemented and maintain a risk management program that includes processes for the systematic identification, assessment, management, and treatment of cybersecurity risks. Our cybersecurity oversight and operational processes are integrated into our overall risk management processes, and cybersecurity is one of our designated risk categories. We implement a risk-based approach to the management of cyber threats, supported by cybersecurity technologies, including automated tools, designed to monitor, identify, and address cybersecurity risks. In support of this approach, our IT security team implements processes to assess, identify, and manage security risks to the company, including in the pillar areas of security and compliance, application security, infrastructure security, and data privacy. This process includes regular compliance and critical system access reviews. In addition, we conduct application security assessments, vulnerability management, penetration testing, security audits, and ongoing risk assessments as part of our risk management process. We also maintain an incident response plan to guide our processes in the event of an incident. We utilize third parties and consultants to assist in the identification and assessment of risks, including to support tabletop exercises and to conduct security testing. We utilize well-known cloud-based technologies and service providers such as Amazon AWS, Microsoft Office, and Google enterprise to provide protection against cybersecurity threats. We have a special email encryption from Google that protect against cyberthreats. Further, we have processes in place to evaluate potential risks from cybersecurity threats associated with our use of third-party service providers that will have access to our data, including a review process for such providers’ cybersecurity practices, risk assessments, contractual requirement, and system monitoring. 32 We continue to evaluate and enhance our systems, controls, and processes where possible, including in response to actual or perceived threats specific to us or experienced by other companies. Risks from cybersecurity threats have to date not materially affected us, our business strategy, results of operations or financial condition. For more information, please see Item 1A. Risk Factors, the section titled “Risk Factors- Risks Related to Our Company and Our Business- Computer malware, viruses, ransomware, hacking, phishing attacks and similar disruptions could result in security and privacy breaches and interruption in service, which could harm our business .

Company Information