Page last updated on December 27, 2024
Outlook Therapeutics, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-27 16:30:27 EST.
Filings
10-K filed on 2024-12-27
Outlook Therapeutics, Inc. filed a 10-K at 2024-12-27 16:30:27 EST
Accession Number: 0001558370-24-016491
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecuri ty Risk management and strategy We depend on the functioning, availability and security of our information systems, including financial, data processing, communications and operating systems. Several information systems, such as software applications and cloud platforms, are provided by third parties. Our cybersecurirty risk framework is designed to allow us to identify, assess and manage the cybersecurity risks we face in relation to, our systems and the information we process. As part of our framework, we maintain certain processes defined to assess, identify and manage risks. For example, we have an incident management and response process under which we communicate the details of certain threats and incidents to management and the board as may be appropriate; use manual and automated processes that are designed to monitor relevant information systems for vulnerabilities, threats and incidents; manage and take certain actions designed to address incidents that may occur; and take actions designed to remediate certain vulnerabilities identified in relevant enviornements. We employ an array of data security technologies, processes, and methods across our infrastructure designed to protect our systems and sensitive information from unauthorized access. We work with information technology consultants who provide advice and expertise on monitoring evolving industry practices. Our assessment and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes. For example, certain management executives, including our Executive VP and Chief Financial Officer evaluates material risks from cybersecurity threats in connection with our overall business objectives and reports such evaluations to the audit committee of the board of directors as appropriate, which then evaluates our overall enterprise risks. In addition to the third parties above, we use additional third-party service providers to perform a variety of functions throughout our business, such as enterprise and employee management platforms, labs, contract research organizations, contract manufacturing organizations, and supply chain resources. Depending on the nature of the services provided, the sensitivity of the information systems and data at issue, and the identity of the provider, we take steps designed to address cybersecurity risks that such service providers may present to us, such as conducting diligence into such service providers’ cybersecurity practices and risk profiles. . For a description of the risks from cybersecurity threats that may materially affect the Company and how they may do so, see our risk factors under Part I. Item 1A. Risk Factors in this Annual Report on Form 10-K, including If our information technology systems or those of third parties with whom we work, or our data are or were compromised, we could experience adverse consequences resulting from such compromise, including but not limited to regulatory investigations or actions; litigation; fines and penalties; disruptions of our business operations; reputational harm; loss of revenue or profits; and other adverse consequences . Governance Our cybersecurity risk assessment and management processes are implemented and maintained by certain management, including our Director of Information Technology, who has more than two decades of information technology and information technology leadership experience. Our Director of Information Technology, under the supervision of our Executive VP and Chief Financial Officer, manages and monitors our cybersecurity risk (including that presented by our information technology service providers). Our Director of Information Technology is responsible for informing our Executive VP and Chief Financial Officer of relevant cybersecurity risks including, as relevant, the prevent, detection, mitigation and remediation of cybersecurity incidents. Our Executive VP and Chief Financial Officer has over two decades of management experience, including oversight over information technology and cybersecurity matters. Our Board of Directors, with the assistance of the Audit Committee, has oversight for the cybersecurity risks facing us and for our processes designed to identify, prioritize, assess, manage, and mitigate those risks. As part of its oversight responsibilities, the Audit Committee receives periodic updates on cybersecurity and information technology matters and related risk exposures (including, as relevant, those stemming from certain cybersecurity incidents) from our Executive VP and Chief Financial Officer.
Company Information
| Name | Outlook Therapeutics, Inc. |
| CIK | 0001649989 |
| SIC Description | Biological Products, (No Diagnostic Substances) |
| Ticker | OTLK - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | September 29 |