Page last updated on March 21, 2025
Smith Douglas Homes Corp. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-21 16:34:34 EDT.
Filings
10-K filed on 2025-03-21
Smith Douglas Homes Corp. filed a 10-K at 2025-03-21 16:34:34 EDT
Accession Number: 0001982518-25-000007
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy We have developed and implemented several cybersecurity risk management measures intended to protect the confidentiality, integrity, and availability of our critical systems and information. We work to continuously refine, strengthen, and supplement these measures. The Board of Directors and management are committed to enhancing our cybersecurity risk management measures, which are integrated into our enterprise risk management processes and share common methodologies, 66 Table of contents reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas. Our cybersecurity risk management measures include: - risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment; - a security team principally responsible for managing (1) our cybersecurity risk assessment processes, (2) our security controls, and (3) our response to cybersecurity incidents; - cybersecurity awareness training of our employees, incident response personnel, and senior management. In addition to our internal resources, our cybersecurity risk management leverages external service providers who we work with to identify and oversee cybersecurity risks. For example, during 2024, we engaged an independent third-party assessor to assist management in identifying cybersecurity risks and developing ongoing procedures to enhance our cybersecurity risk management measures. In addition, we use our external providers to assist with endpoint monitoring, alerts, and other security management protocols such as regular backups and encryption. We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents such as phishing attacks and other email compromises, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. Cybersecurity Governance Our Board considers cybersecurity risk as part of its risk oversight function and has received briefings from management in the past as appropriate (for example, regarding the results of our previous cybersecurity risk assessment and ongoing enhancement efforts with the involvement of a third-party assessor). Our audit committee oversees management’s implementation of our cybersecurity risk management program. Our management team, including the Vice President of IT and the Chief Financial Officer , is responsible for assessing and managing our material risks from cybersecurity threats. The team has primary responsibility for our overall cybersecurity risk management program and supervises both our internal cybersecurity personnel and our retained external cybersecurity consultants. Our Vice President of IT, Randy Jepsen, oversees infrastructure, procurement, development, and IT support, with over 25 years of experience in the IT industry and 19 years at Smith Douglas and The SMART Builder Solutions designing and enhancing internal enterprise applications. Our Chief Financial Officer, Russell Devendorf, previously oversaw the information technology and risk management functions of a publicly traded homebuilder from 2008 to 2017, overseeing the company’s cybersecurity program and the implementation of an incident response plan and cybersecurity insurance. As a result, our management team’s cybersecurity experience includes previous combined experience of almost 50 years managing and otherwise engaged with IT and internal audit functions at public companies overseeing the development and strengthening of cybersecurity programs inclusive of training, risk assessments, and formal policies and procedures. Our management team supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from external consultants engaged by us, and alerts and reports produced by security tools deployed in the IT environment. Our management team provides regular updates to our audit committee regarding the results of our cybersecurity risk assessment measures and associated enhancement actions.
Company Information
| Name | Smith Douglas Homes Corp. |
| CIK | 0001982518 |
| SIC Description | Operative Builders |
| Ticker | SDHC - NYSE |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | December 30 |