Page last updated on March 14, 2025
Origin Materials, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-13 16:11:17 EDT.
Filings
10-K filed on 2025-03-13
Origin Materials, Inc. filed a 10-K at 2025-03-13 16:11:17 EDT
Accession Number: 0001802457-25-000008
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Risk management and strategy We have implemented and maintain information security processes designed to identify, assess, and manage material risks from cybersecurity threats to our critical computer networks, third-party hosted services, communications systems, hardware and software, and our critical data, including intellectual property and confidential information that is proprietary, strategic, or competitive in nature (“Information Systems and Data”). Our VP of Technology and Director of IT, together with our managed service provider (“MSP”), are responsible for helping to identify, assess and manage the Company’s cybersecurity threats and risks by monitoring and evaluating our threat environment using, among other things, manual processes, automated tools, internal audits, threat and vulnerability assessments, evaluating threats reported to us, evaluating our and our industry’s risk profile, and subscribing to reports and services that identify cybersecurity threats. Depending on the environment, we implement and maintain various technical, physical, and organizational measures, processes, standards, and policies designed to manage and mitigate material risks from cybersecurity threats to our information systems and data. These include, for example, an incident response plan and team, data encryption, risk assessments, network security and access controls, physical security, asset management, tracking, and disposal, systems monitoring, employee training including tabletop exercises and other simulated cybersecurity threats, and cybersecurity insurance. In addition, to oversee and identify any risks associated with our use of third-party service providers, we review Service Organization Controls (“SOC”) reports of such third-party service providers when onboarding the provider and annually thereafter. We also maintain proper essential information sharing and access controls, aiding in the secure exchange of information between us and our third-party service providers. Assessment and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes . For example, the Director of IT coordinates with our VP of Technology and representatives of the Company’s departments and teams to evaluate the Company’s risk profile and identify and mitigate cybersecurity threats. Our General Counsel evaluates material risks from cybersecurity threats and reports to both the Company’s executive management team and the Audit Committee of the Board of Directors. We also use third-party service providers to assist us from time to time to identify, assess, and manage material risks from cybersecurity threats, including for example cybersecurity consultants, data backup and recovery providers, cyber insurers, and legal counsel. 38 For a description of the risks from cybersecurity threats that may materially affect the Company and how they may do so, see our risk factors under Part 1. Item 1A. Risk Factors in this Annual Report on Form 10-K. Governance Our Board of Directors (the “Board”) addresses the Company’s cybersecurity risk management as part of its general oversight function and has delegated to the Audit Committee primary responsibility for monitoring the Company’s cybersecurity risk management processes, including mitigation of cybersecurity threats. Our cybersecurity risk assessment and management processes are implemented and maintained by certain members of the Company’s management . In particular, the VP of Technology and Director of IT are responsible for hiring appropriate personnel and helping to integrate cybersecurity risk considerations into the Company’s overall risk management strategy, and communicating key priorities to relevant personnel, helping prepare for cybersecurity incidents, approving cybersecurity processes and technologies, and reviewing security assessments and other security-related reports . In addition, the General Counsel provides regular reports to the Audit Committee concerning the Company’s cybersecurity posture and significant threats and risks and the processes to address them. Our security incident response plan (“SIRP”) is designed to escalate certain cybersecurity incidents to members of the Company’s executive management team depending on the circumstances. Our VP of Technology, Director of IT, General Counsel, and MSP, along with relevant department heads, work with our incident response team to help the Company mitigate and remediate cybersecurity incidents of which they are notified. The SIRP provides for escalation of potentially material cybersecurity incidents to the Audit Committee.
Company Information
| Name | Origin Materials, Inc. |
| CIK | 0001802457 |
| SIC Description | Industrial Organic Chemicals |
| Ticker | ORGN - NasdaqORGNW - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | December 30 |