Ispire Technology Inc. 10-K Cybersecurity GRC - 2024-09-26

Page last updated on September 27, 2024

Ispire Technology Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-26 20:58:46 EDT.

Filings

10-K filed on 2024-09-26

Ispire Technology Inc. filed a 10-K at 2024-09-26 20:58:46 EDT
Accession Number: 0001213900-24-082378

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. Cybersecurity Cyberattacks are a growing geopolitical risk, becoming larger, more frequent, more intricate and more relentless. These attacks represent a significant threat to individual organizations and their ability to conduct daily operations. We rely on accounting, financial, and operational management information systems to conduct our operations. Any disruption in these systems could adversely affect our ability to conduct our business. Furthermore, as part of our normal business activities, we collect and store common confidential information about customers, employees, vendors, and suppliers. This information is entitled to protection under a number of regulatory regimes. Any failure to maintain the security of the data, including the penetration of our network security and the misappropriation of confidential and personal information, could result in business disruption, damage to our reputation, financial obligations to third parties, fines, penalties, regulatory proceedings and private litigation with potentially large costs. This scenario may also result in a deterioration of customer confidence in us and potentially other competitive disadvantages. As such, a cyberattack could have a material adverse impact on our financial condition and results of operations. 42 While we devote resources to implement and maintain security measures to protect our systems and data, these measures cannot provide absolute security against a cyberattack. In such an event, the insurance coverage we maintain may be inadequate to cover claims, costs, and liabilities relating to cybersecurity incidents. While we have not been subject to cyberattacks and other cyber incidents, we take cybersecurity preparedness seriously. Our risk management framework considers cybersecurity risk alongside other company risks as part of our overall risk assessment process. We have plans to implement cybersecurity training for all employees upon onboarding, and then annual follow-up training courses to ensure that all employees understand the risk and implications of a cyber event. We plan to implement a Cybersecurity Committee which will be responsible for the day-to-day management of cybersecurity risks, and which will meet bi-monthly to review our practices related to cyber events and risk management. The Committee will be composed of the Chief Financial Officer, Chief Legal Officer, Controller, and Head of Human Resources. The Committee will develop and implement cybersecurity risk mitigation strategies and activities, including the management of comprehensive incident response plans, oversee the cybersecurity risks posed by third-party vendors, ensure policies and procedures are current and followed, and receive regular updates on cybersecurity-related matters. Further, the Committee will engage subject matter experts such as consultants and auditors to assist us in establishing processes to assess, identify, and manage potential and actual cybersecurity threats, to actively monitor our systems internally using widely accepted digital applications, processes, and controls, and to provide forensic assistance to facilitate system recovery in the case of an incident. The Audit Committee of our Board of Directors oversees our policies and practices with respect to risk assessment and risk management, including the review, in coordination with our management, of our management of cybersecurity. The Audit Committee will receive regular updates from the Cybersecurity Committee on the state of cybersecurity risks we face. This will include briefings on any significant cyber incidents and ongoing risk management efforts. These updates will enable the Audit Committee to provide informed reports on cybersecurity matters to the full Board. As of the date of this Annual Report on Form 10-K, we are not aware of any risks from cybersecurity threats that have materially affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition.


Company Information

NameIspire Technology Inc.
CIK0001948455
SIC DescriptionCigarettes
TickerISPR - Nasdaq
Website
Category
Emerging growth company
Fiscal Year EndJune 29