Lord Abbett Private Credit Fund 10-K Cybersecurity GRC - 2025-03-07

Page last updated on March 7, 2025

Lord Abbett Private Credit Fund reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-07 13:41:19 EST.

Filings

10-K filed on 2025-03-07

Lord Abbett Private Credit Fund filed a 10-K at 2025-03-07 13:41:19 EST
Accession Number: 0000930413-25-000900

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity The Company has processes in place to identify, assess, and manage material risks from cybersecurity threats. The Adviser manages the Company’s day-to-day operations and has implemented Lord Abbett’s information security policy that applies to the Company and its operations. With respect to cybersecurity, the Company and the Adviser rely on the systems of Lord Abbett, its third-party service providers, and the Company’s service providers. Lord Abbett’s cybersecurity risk management processes are integrated into its overall enterprise risk management processes. Lord Abbett has established an Enterprise Risk Management Function, overseen by its Chief Legal Officer. The Chief Legal Officer relies on Lord Abbett’s Chief Information Security Officer (" CISO “), who is responsible for implementing the Information/Cybersecurity Program. The CISO is assisted by a team of Information Security professionals, the Information Technology department, and digital leads with the support of Lord Abbett’s Information Security Council and its Standards and Practices Committee. Employees receive information security training annually on policies and procedures, recent cyber-attacks, the firm’s defense-in-depth controls strategy, incident response reporting, and cybersecurity at home. Lord Abbett conducts e-mail phishing campaigns using a variety of templates geared around topical or seasonal themes to simulate phishing messages and reinforce training. Cybersecurity Program Overview Lord Abbett has instituted an Information/Cybersecurity Program, based on the National Institute of Standards & Technology (NIST) Cybersecurity Framework of controls that is designed to identify, assess, and manage cyber risks applicable to the Company. The Information/Cybersecurity Program involves, inter alia, risk assessments, implementation of security measures, and ongoing monitoring of systems and networks, including networks on which the Company relies. Lord Abbett actively monitors the current threat landscape in an effort to identify material risks arising from new and evolving cybersecurity threats, including material risks faced by the Company. The Company relies on the Adviser and Lord Abbett to engage external experts, including cybersecurity assessors, consultants, and auditors to evaluate cybersecurity measures and enterprise risk management processes, including those applicable to the Company. The Company depends on and engages various third parties , including suppliers, vendors, and service providers, to operate its business. The Company relies on the expertise of enterprise risk management, legal, information technology, and compliance personnel of the Adviser and Lord Abbett, including the CISO, when identifying and overseeing risks from cybersecurity threats associated with our use of such entities. Board Oversight of Cybersecurity Risks The Board provides oversight for the Information/Cybersecurity Program and related matters, including risks associated with cybersecurity threats. The Board receives periodic updates from Lord Abbett’s CISO regarding the overall state of the Adviser’s security program, information on the current threat landscape, and risks from cybersecurity threats and cybersecurity incidents impacting the Company. Management’s Role in Cybersecurity Risk Management Management is responsible for assessing and managing material risks from cybersecurity threats. The Chief Legal Officer oversees the Company’s enterprise risk management function generally and relies on Lord Abbett’s CISO and the Information Security Council to assist with assessing and managing material risks from cybersecurity threats. Currently, the Head of Enterprise Risk Management is serving as the Acting CISO, who has over 10 years of experience in all aspects of risk management, including managing 76 cybersecurity risks and improving information security programs for financial services companies with complex information systems. The Acting CISO is also supported by a third party “virtual CISO” provided by a premiere cybersecurity consulting firm. The Chief Legal Officer has been responsible for this oversight function as Chief Legal Officer to the Company since its inception in 2024 and has worked in the financial services industry for over 28 years, during which the Chief Legal Officer has gained expertise in assessing and managing risk applicable to the Company. The Information Security Council is chaired by the Acting CISO and includes representatives from senior management, including the Company’s Chief Compliance Officer, and is responsible for administering the firm’s Information/Cybersecurity Program including key cybersecurity risks. Management is informed about the monitoring activities performed by the Information/Cybersecurity team for the detection, prevention, mitigation, and remediation of cybersecurity incidents impacting the Company, including through the receipt of notifications from service providers and reliance on communications with enterprise risk management, legal, information technology, and/or compliance personnel of the Adviser and Lord Abbett. Assessment of Cybersecurity Risk The potential impact of risks from cybersecurity threats on the Company are assessed on an ongoing basis, and how such risks could materially affect the Company’s business strategy, operational results, and financial condition are regularly evaluated. An annual assessment of threats and effectiveness of security controls is conducted by an independent third party following the methodologies outlined by the (NIST) Cybersecurity Framework. Additionally, an annual SOC 1 Type II assessment is conducted and reported for the verification of IT and security controls that covers various aspects of the Information/Cybersecurity Program. During the reporting period, the Company has not identified any impact from cybersecurity threats, including as a result of previous cybersecurity incidents, that the Company believes have materially affected , or are reasonably likely to materially affect, the Company, including its business strategy, operational results, and financial condition. Lastly, Lord Abbett maintains cyber insurance coverage to protect against material cybersecurity incidents and liability that arises out of the unauthorized use or access to electronic data or software within the firm’s network or business. Types of incidents covered include data leakage, ransomware, computer theft, spreading a virus or malicious code, and electronic crime. The insurance policy and related coverages are reviewed and renewed on an annual basis.

Company Information