Page last updated on November 26, 2024
World Gold Trust reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-11-25 15:53:35 EST.
Filings
10-K filed on 2024-11-25
World Gold Trust filed a 10-K at 2024-11-25 15:53:35 EST
Accession Number: 0001437749-24-036162
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity GLDM does not have any officers, directors or employees. The Sponsor is responsible for the oversight and overall management of GLDM. The Sponsor is an indirect wholly owned subsidiary of the World Gold Council and relies on the World Gold Council’s cybersecurity program for its own risk management. GLDM also relies on the cybersecurity programs of its service providers. The Board of Directors of the Sponsor (the “Board of Directors”) receives reports from the Sponsor detailing the Sponsor’s cybersecurity review processes, any potential risks and any incidents which could impact GLDM. The Board of Directors also periodically receives, and reviews reports from the World Gold Council and GLDM’s service providers regarding their cybersecurity programs. As of the date of this report, the Sponsor has not identified any risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected, or that the Sponsor believes are reasonably likely to materially affect, GLDM, including its operations, results of operations, or financial condition. See “Risk Factors” in Part I, Item 1A of this Annual Report for a discussion of the risks related to cybersecurity. Cybersecurity Program Overview The World Gold Council has a comprehensive cybersecurity program built around the National Institute of Standards and Technology’s Cybersecurity Framework which is overseen by the World Gold Council’s Global Head of IT. The program incorporates a variety of strategies and measures aimed at identifying, protecting, detecting, responding to and recovering from cyber incidents. The program’s key components include risk assessment and management, where the Operational Risk Committe of the World Gold Council, of which the Principal Financial and Accounting Officer of the Sponsor is a member, identifies potential threats and vulnerabilities and implements appropriate controls to mitigate those vulnerabilities. As part of the program, the World Gold Council (1) develops and enforces security policies and procedures, providing guidelines for safe and secure operations, (2) prioritizes employee training and awareness, as human error is often a significant factor in security breaches, (3) conducts regular security audits and assessments to ensure that the program remains effective and up to date with evolving threats, and (4) incorporates advanced technologies such as identify management, encryption, firewalls, anti-malware and intrusion detection systems to provide multiple layers of defense against cyber-attacks. The World Gold Council has an incident response plan (“IRP”) which (1) identifies the incident response team and the roles and responsibilities of the team members, (2) details the incident response lifecycle, including preparation, detection, response and recovery, and (3) outlines the internal and external communications plan. The IRP requires any cybersecurity incidents which could impact GLDM to be reported to the Principal Financial and Accounting Officer of the Sponsor. GLDM also relies on its other service providers, including the Administrator and the Custodians, to implement cybersecurity programs and engage external experts, including cybersecurity assessors, risk management and information technology professionals, attorneys, consultants and auditors to evaluate their cybersecurity measures and risk management processes. Management ’ s Role in Cybersecurity Risk Management The Sponsor conducts annual due diligence on GLDM’s service providers, including the Administrator and Custodians, which includes a revise of the relevant service provider’s operational and cybersecurity controls. The Sponsor reviews and reports to the Board of Directors, the results of this annual review and any incidents or perceived risks. Board Oversight of Cybersecurity Risks The Board of Directors receives a report from the Sponsor detailing the Sponsor’s annual due diligence on GLDM’s service providers, including a summary of any potential operational or cybersecurity risks and any incidents which could impact GLDM. The Board of Directors also periodically receives reports from World Gold Council and GLDM’s service providers regarding their cybersecurity programs.
Company Information
Name | World Gold Trust |
CIK | 0001618181 |
SIC Description | Commodity Contracts Brokers & Dealers |
Ticker | GLDM - NYSE |
Website | |
Category | Large accelerated filer |
Fiscal Year End | September 29 |