Premium Resources Ltd. 10-K Cybersecurity GRC - 2025-03-19

Page last updated on March 20, 2025

Premium Resources Ltd. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-19 20:04:32 EDT.

Filings

10-K filed on 2025-03-19

Premium Resources Ltd. filed a 10-K at 2025-03-19 20:04:32 EDT
Accession Number: 0001641172-25-000043

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY Cybersecurity Risk Management and Strategy We, like other companies in our industry, face several cybersecurity risks in connection with our business. Our business strategy, results of operations, and financial condition have not, to date, been materially affected by risks from cybersecurity incidents or threats. During the reporting period, we have not, to our knowledge, experienced any material cybersecurity threats or incidents. The Company does not currently have processes in place for assessing, identifying or managing material risks from cybersecurity threats, but we intend to implement a formal cybersecurity program in the future. The program will be aimed at safeguarding the confidentiality, integrity, and availability of our essential systems and information, and will be designed to detect and mitigate risks from cybersecurity threats to our data and our systems. Central to our future cybersecurity efforts will be a robust incident response plan designed to address potential cyber incidents swiftly and effectively. In designing and evaluating our cybersecurity program, we intend to adopt the National Institute of Standards and Technology Cybersecurity Framework (" NIST CSF 2.0 “) as a guiding principle. It is important to clarify that our use of the NIST CSF 2.0 will be for guidance purposes to frame our risk identification, assessment and management processes and will not equate to compliance with any specific technical standards or requirements. The key components of our future cybersecurity program are expected to include: ● conducting risk assessments to pinpoint material cybersecurity threats to our critical systems, data, products, services, and overall IT infrastructure; ● a third-party security expert consultant overseeing the risk assessment process, maintenance of security controls, and coordination of responses to cybersecurity incidents; ● engagement with external service providers to evaluate, enhance, or support our security measures; and ● an incident response plan outlining specific procedures for managing cybersecurity incidents. Cybersecurity Governance The governance of cybersecurity risks will be a critical function of our Board, which will have a key role in the oversight of cybersecurity and related technology risks. The Board will be tasked with monitoring the effectiveness of our cybersecurity risk management program, once adopted. -11- The Board will receive regular updates from management on the state of cybersecurity risks facing the Company. This includes briefings on any significant cybersecurity incidents and ongoing cybersecurity risk management efforts. The responsibility for day-to-day management of cybersecurity risks lies with the Chief Financial Officer and Chief Executive Officer, with assistance from other members of management and contracted information technology consultants. The Company’s contracted information technology consultants consist of highly experienced professionals in the areas of network security and disaster recovery. This team will be at the forefront of our cybersecurity initiatives, coordinating both internal and external resources to anticipate, identify, and mitigate cyber threats. Our approach will include regular updates from our third-party security expert consultant, leveraging intelligence from various sources, and utilizing advanced security tools to protect our digital environment.

Company Information