Resolute Holdings Management, Inc. 10-K Cybersecurity GRC - 2025-03-31

Page last updated on March 31, 2025

Resolute Holdings Management, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-31 17:16:08 EDT.

Filings

10-K filed on 2025-03-31

Resolute Holdings Management, Inc. filed a 10-K at 2025-03-31 17:16:08 EDT
Accession Number: 0001410578-25-000595

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We are developing an information security program designed to assess, identify, and manage risks from cybersecurity threats. As part of this program, we plan to conduct periodic assessments of our assets to evaluate the effectiveness of applicable security controls. We expect that these assessments will be informed by industry standard frameworks and include a review of our information security controls to assess cybersecurity maturity compared to our peers and other security awareness trainings. We engage an external information technology consulting firm to assist with detecting potential threats to our information assets. In addition, we have implemented a cybersecurity third-party risk management process to assess mission and business critical third parties for cyber risks and to assist the business in making risk-informed technology product and services decisions. Our practice is to perform due diligence on third parties who maintain material data or information to help us evaluate and verify third party information security capabilities. Our process is designed to detect and respond to cybersecurity incidents that may represent a threat to the confidentiality, integrity or availability of our information assets is based on industry standards and practices of peer companies. Our technology, procedures and key vendors with security responsibilities are designed to help contain, eradicate and recover from cybersecurity incidents in a timely manner. Senior management will be informed about incidents that may have a significant impact on the business. Incidents will be reviewed once they are resolved, and policies and controls will be updated to help mitigate gaps. We have not identified risks from known cybersecurity threats or past incidents that have materially affected or are reasonably likely to materially affect us. For a description of the risks from cybersecurity threats that may materially affect the Company and how they may do so, see “Item 1A. Risk Factors.” Governance Management is responsible for the day-to-day management of risks we face, while our Board , as a whole and through its committees, has responsibility for the oversight of risk management , including risks from cybersecurity threats. Our Audit Committee has specific oversight of risk management, including risks from cybersecurity threats. We have engaged an external information technology managed services provider to assist us in day-to-day IT support and strengthening our cybersecurity preventative measures. The firm reports to our Chief Financial Officer and provides periodic cybersecurity updates to the Audit Committee of our Board of Directors on at least an annual basis. Our incident response process contemplates that the executive team will notify the Audit Committee of our Board of Directors of any material cybersecurity incident.

Company Information