Golden Matrix Group, Inc. 10-K Cybersecurity GRC - 2025-03-24

Page last updated on March 24, 2025

Golden Matrix Group, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-24 07:45:41 EDT.

Filings

10-K filed on 2025-03-24

Golden Matrix Group, Inc. filed a 10-K at 2025-03-24 07:45:41 EDT
Accession Number: 0001477932-25-001897

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. We employ processes for assessing, identifying, and managing material risks from cybersecurity threats that are incorporated into our overall risk management system. These items are designed to help protect our information assets from internal and external threats and protect the integrity and confidentiality of our data. Our system includes procedural and technical safeguards, response plans, and reviews of our policies. We engage various external entities, including consultants, to improve and enhance our cybersecurity oversight. We provide all employees and consultants with cybersecurity and prevention training including timely and relevant topics covering social engineering, phishing, mobile security, and data protection and the need for reporting incidents and suspicious events immediately. With respect to third parties that assist in our cybersecurity oversight, we obtain reports to assess the security of their systems and processes. We engage in ongoing monitoring of all third-party providers to ensure compliance with our cybersecurity standards. Although we develop and maintain systems and controls designed to prevent cybersecurity threats from occurring, and we have a process to identify and mitigate threats, the development and maintenance of these systems, controls and processes is costly and requires ongoing monitoring and updating as technologies change and efforts to overcome security measures become increasingly sophisticated. Moreover, despite our efforts, the possibility of these events occurring cannot be eliminated entirely. As we outsource more of our information systems to vendors, engage in more electronic transactions with service providers and patients, and rely more on cloud-based information systems, the related security risks will increase and we will need to expend additional resources to protect our technology and information systems. In addition, there can be no assurance that our internal information technology systems or those of our third-party contractors, or our consultants’ efforts to implement adequate security and control measures, will be sufficient to protect us against breakdowns, service disruption, data deterioration or loss in the event of a system malfunction, or prevent data from being stolen or corrupted in the event of a cyberattack, security breach, industrial espionage attacks or insider threat attacks which could result in financial, legal, business or reputational harm. We have processes in place to identify, assess and monitor material risks from cybersecurity threats, including the material risks of the Company. These processes are part of our overall enterprise risk management process and have been embedded in our operating procedures, internal controls and information systems. On a regular basis we implement into our operations these cybersecurity processes, technologies, and controls to assess, identify, and manage material risks. Cybersecurity risks related to our business, technical operations, privacy and compliance issues are identified and addressed through a multi-faceted approach including third party assessments, IT security, governance, risk and compliance reviews. To defend, detect and respond to cybersecurity incidents, we, among other things, have developed cybersecurity measures for our technology platform that include a variety of safety measures. Incidents are evaluated to determine materiality as well as operational and business impact, and reviewed for privacy impact. We describe whether and how risks from identified cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition, under the heading " We face cyber security risks that could result in damage to our reputation and/or subject us to fines, payment of damages, lawsuits and restrictions on our use of data " included as part of our risk factor disclosures at Item 1A of this Annual Report on Form 10-K. Cybersecurity is an important part of our risk management processes and an area of focus for our Board and management. Our Information Technology department is responsible for the oversight of risks from cybersecurity threats. The Board receives information and updates periodically with respect to the effectiveness of our cybersecurity and information security framework, data privacy and risk management. The Board will also be provided updates on any material incidents relating to information systems security and cybersecurity incidents. As of and for the year ended December 31, 2024, there have been no cybersecurity incidents that have materially affected the Company’s business strategy, results of operations, or financial condition. Although we have designed our cybersecurity program and governance procedures discussed above to mitigate cybersecurity risks, we have experienced, and we may in the future experience cybersecurity risks, threats and attacks. To date, these risks, threats or attacks have not had a material impact on our operations, business strategy or financial results, but we cannot provide assurance that they will not have a material impact in the future. See the section entitled " Risk Factors " included elsewhere in this Annual Report for further information. We continuously work to enhance our cybersecurity risk management program.

Company Information