SCIENTIFIC INDUSTRIES INC 10-K Cybersecurity GRC - 2024-07-18

Page last updated on July 18, 2024

SCIENTIFIC INDUSTRIES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-07-18 16:44:51 EDT.

Filings

10-K filed on 2024-07-18

SCIENTIFIC INDUSTRIES INC filed a 10-K at 2024-07-18 16:44:51 EDT
Accession Number: 0001654954-24-009114

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. In addition, as required by Rule 12b-15 of the Securities and Exchange Act of 1934, as amended (the “Exchange Act”), new certifications by the Company’s principal executive officer and principal financial officer are filed herewith as exhibits to this Amendment No. 1, under Item 15 hereof. Except as described above, no other portion of the Form 10-K is being amended and this Amendment does not reflect any events occurring after the filing of the Form 10-K. Accordingly, this Amendment No. 1 should be read together with the Original Report and the Company’s other filings with the SEC. SCIENTIFIC INDUSTRIES, INC. Table of Contents PART I Item 1. BUSINESS 3 Item 1A. RISK FACTORS 6 Item 1B. UNRESOLVED STAFF COMMENTS 13 Item 1C. CYBERSECURITY 13
Item 1C. Cybersecurity. Risk Management and Strategy In accordance with the Securities Exchange Commission (“SEC”) rules, the Company is required to assess, identify, and manage material risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K. These risks include, among other things, operational disruption, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy or security laws and other litigation and legal risks, and reputational risks. We have developed, implemented, and maintain certain cybersecurity processes and controls intended to safeguard our information systems and protect the confidentiality, integrity, and availability of our data, based on material risks identified. We have strategically integrated cybersecurity risk management into our broader risk management framework to promote a company-wide culture of cybersecurity risk management and as part of our decision-making processes. We have implemented and maintain various information security processes designed to identify, assess and manage material risks from cybersecurity threats to our critical computer networks, third-party hosted services, communications systems, hardware and software, and our critical data, including but not limited to regular network and endpoint monitoring, vulnerability assessments, various system backups of all information, and through policy and procedure inform and train employees on the Company’s underlying practices, and annual assessment and testing of such controls. Our information security function is responsible for identifying, assessing and managing cybersecurity threats and risks and works to monitor and evaluate our threat environment and risk profile. As of and for the year ended December 31, 2023, we did not identify any cybersecurity threats or incidents that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. However, we cannot provide assurance that they will not be materially affected in the future by such risks or any future material incidents. Governance Our Board of Directors addresses cybersecurity risk management as part of its general oversight function and delegates cybersecurity risk management oversight to our Audit Committee. Our management team is responsible for assessing and managing our material risks from cybersecurity threats and provides updates to the Audit Committee on major developments regarding cybersecurity matters. The Audit Committee has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks, and reports any findings and recommendations, as appropriate, to the Board of Directors for consideration.

Company Information