AUDDIA INC. 10-K Cybersecurity GRC - 2025-03-05

Page last updated on March 5, 2025

AUDDIA INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-05 16:30:32 EST.

Filings

10-K filed on 2025-03-05

AUDDIA INC. filed a 10-K at 2025-03-05 16:30:32 EST
Accession Number: 0001683168-25-001357

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity We recognize the importance of securing our data and information systems and have a process for assessing, mitigating, overseeing and managing cybersecurity and related risks. This process is supported by both management and our Board of Directors. The Chief Technology Officer (“CTO”), who reports to the CEO, leads our cybersecurity function and is responsible for managing our cybersecurity risk and the protection of our networks, systems, and data. The CTO uses both internal and external resources to execute this process including security tools that help prevent, identify, escalate, investigate and resolve security incidents in a timely manner and tools that help prevent unauthorized access. The majority of the Company’s employees have a background in technology and engineering and are intensely aware of cyber threats . Additionally, the Company has less than 20 employees and contractors, therefore, the small size helps with rapid communication and response on any potential threats. The Company’s aggressive prevention and response protocols consist of the following: · Password management - employees are encouraged to maintain strong passwords and are educated on the risks around passwords; · Network administration - the Company maintains a single, small-scale network which is configured to prevent external penetrations and is secured with limited administrative access and strong passwords; · Firewall - configured to prevent unauthorized external access; · Virtual Private Networks - closely and carefully managed following industry best practices; · Training and communication - the Company monitors various types of threats, routinely educates employees on high risk threats, and communicates any potential identified threats to all employees and related third parties. Our Board of Directors is responsible for overseeing our enterprise risk management activities . The Board of Directors receives an update on the Company’s risk management process and the risk trends related to cybersecurity at least annually. Additionally, on a quarterly basis, the Audit Committee will receive updates from Management on cybersecurity. Any material threat that may arise will be communicated to the Board of Directors and Audit Committee upon identification. While the Company has not, as of the date of this Form 10-K, identified a cybersecurity threat or incident that resulted in a material adverse impact to its business, results of operations or financial condition, there can be no guarantee that the Company will not experience such an incident in the future.

Company Information