Page last updated on August 30, 2024
KOSS CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-08-29 17:58:31 EDT.
Filings
10-K filed on 2024-08-29
KOSS CORP filed a 10-K at 2024-08-29 17:58:31 EDT
Accession Number: 0000056701-24-000028
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBER SECURITY Risk Management and Strategy The Company maintains policies and processes for assessing, identifying, and managing material risk from cybersecurity threats, and has integrated these processes into the overall risk management processes. The Company has programs in place intended to address and mitigate the cybersecurity risks that could adversely impact customers and/or reputation and lead to financial losses from remediation actions, loss of business, production downtimes and operational delays. These programs include regular monitoring of outside threats, continuous updating of software to mitigate risk, education of employees to the risks of external threats, a simplification of infrastructure to minimize servers and migration of business-critical systems, including the Company’s ERP system, to Tier-1 cloud service providers. Annual vulnerability assessments and penetration testing, as well as periodic web application scanning, is performed by third party service providers as directed by the Company’s Managed Service Provider (“MSP”). The results of these tests are shared with the CFO by the MSP. We have processes in place to evaluate the potential risks from cybersecurity threats associated with our use of third-party service providers that have access to our data, including a review process for such providers’ cybersecurity practices, risk assessments, contractual requirement and system monitoring. The Company also recently partnered with a breach protection platform to provide security and phishing training to its employees. The Company has not been impacted by any previous cybersecurity incidents that would materially affect business operations or financial conditions. Governance The Company’s MSP is responsible for identifying and assessing risks on an ongoing basis to ensure that the Company’s policies and procedures are functioning as designed to protect the Company’s information systems from potential cybersecurity threats. Management is provided regular updates on the Company’s cybersecurity programs and material cybersecurity risk and mitigation strategies, along with any necessary enhancements to those programs. Cybersecurity policies and processes are reviewed annually with the Board of Directors, which serves in an oversight role as a whole. In addition, the Audit Committee and the Board consider risk-related matters on an ongoing basis in connection with deliberations regarding specific transactions and issues and would be notified immediately of any cybersecurity incidents.
Company Information
| Name | KOSS CORP |
| CIK | 0000056701 |
| SIC Description | Household Audio & Video Equipment |
| Ticker | KOSS - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | June 29 |