ANAVEX LIFE SCIENCES CORP. 10-K Cybersecurity GRC - 2024-12-23

Page last updated on December 24, 2024

ANAVEX LIFE SCIENCES CORP. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-23 16:30:33 EST.

Filings

10-K filed on 2024-12-23

ANAVEX LIFE SCIENCES CORP. filed a 10-K at 2024-12-23 16:30:33 EST
Accession Number: 0001731122-24-002041

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk management and strategy We have implemented and maintain various information security processes designed to identify, assess and manage material risks from cybersecurity threats to our cloud networks, third party hosted services, communications systems, hardware and software, and our critical data, including intellectual property, confidential information that is proprietary, strategic or competitive in nature, and data related to our clinical trials and products. We have processes designed to protect our information systems, data, assets, infrastructure, and computing environments from cybersecurity threats and risks. Our cybersecurity strategy includes the use of third-party IT professionals to assess the effectiveness of our cybersecurity practices for possible cybersecurity threats and to manage our IT systems to mitigate these threats. We also use multi-factor authentication, maintain logical, physical and technical controls designed to deter, prevent, mitigate and respond to cybersecurity threats. Further, we provide periodical cybersecurity reminders to our employees to emphasize the importance of adherence to our security policies. We also carry a separate cybersecurity commercial insurance policy covering the potential financial losses that may occur in the event we experience a cybersecurity incident. Our assessment and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes. We conduct organizational risk assessments commensurate with our size and complexity of our operations. We are in a continuous process of reviewing and implementing incremental information technology strategies to mitigate cybersecurity risks as new risks arise and as our operations evolve. This has led us to engage third party professionals to assist in the implementation of processes to manage these risks. We also use third-party service providers across a variety of functions throughout our business, such as application providers, hosting companies, contract research organizations, contract manufacturing organizations, distributors, and supply chain resources. We have a vendor management process to help manage cybersecurity risks associated with our use of certain of these providers. For certain vendors, these processes include a comprehensive vendor audit process. As of the date of this Annual Report, we do not believe that any past cybersecurity incidents that have been detected have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition. See " Risk Factors - Risks Related to Our Business and Operations " for additional information about the risks to our business associated with cybersecurity or a breach or compromise to our information security systems. 62 Governance Our board of directors addresses the Company’s cybersecurity risk management as part of its general oversight function. The audit committee of the board of directors is responsible for overseeing the Company’s cybersecurity risk management processes, including oversight of mitigation of risks from cybersecurity threats. The audit committee receives periodic reports from senior management concerning the Company’s significant cybersecurity threats and risk and the processes the Company has implemented to address them. Currently we have two cybersecurity experts on our Audit Committee

Company Information