GIVEMEPOWER CORP 10-K Cybersecurity GRC - 2025-04-15

Page last updated on April 15, 2025

GIVEMEPOWER CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-04-15 17:10:40 EDT.

Filings

10-K filed on 2025-04-15

GIVEMEPOWER CORP filed a 10-K at 2025-04-15 17:10:40 EDT
Accession Number: 0001641172-25-004864

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk Management and Strategy Our operations are dependent upon information systems that support our business processes. In the ordinary course of our business, we collect and store certain confidential information such as information about our business partners, investors, contractors, vendors, and suppliers. Cyber intrusions could seriously compromise our networks and the information stored therein could be accessed, publicly disclosed, misused, lost, or stolen. As such, we have established information security processes and policies using principles from industry recognized cybersecurity frameworks focused on: (i) developing organizational understanding to manage cybersecurity risks; (ii) applying safeguards to protect our systems; (iii) detecting the occurrence of a cybersecurity incident; (iv) responding to a cybersecurity incident; and (v) recovering from a cybersecurity incident. Where appropriate, these processes and policies are integrated into our overall risk management systems and processes. 82 Information technology and data security, particularly cybersecurity, are areas of focus for our management. We employ a ready-made security model that we acquired from well-known vendors for risk-based controls with a focus on protecting our data. We follow a cloud-first approach to enable scaling, business continuity, and access to technology innovations and updates. Our cybersecurity risk management program aims to protect and preserve the confidentiality, integrity , and continued availability of our data and includes controls and procedures for the identification, containment, and remediation of cyber threats. Our cybersecurity risk management program includes, among other key features: ● regular cybersecurity risk assessments; ● detection and reporting of any cybersecurity events; ● periodic update processes for cybersecurity system exercises; ● information security training program that includes annual information security training; and ● cyber incident response plan that provides controls and procedures for timely and accurate reporting of any material cybersecurity incident to management. We assess our cybersecurity risk management program at least annually and regularly review our cyber incident response plan. Our processes and policies also include the identification of those third-party relationships which have the greatest potential to expose us to cybersecurity threats. We expect that our cybersecurity risk management processes and strategy will continue to evolve as the cybersecurity threat landscape evolves. Like other businesses, we have been, and expect to continue to be, subject to attempts at unauthorized access, mishandling or misuse, computer viruses or malware, cyber-attacks and intrusions, and other events of varying degrees. To date, we have not experienced a material security breach, nor are we aware of any third-party outside service providers that have experienced a cybersecurity breach. As a result, we have not incurred any significant expenses from information security breaches or any penalties or settlements related to the same. As of December 31, 2024, we do not believe that any risks from any cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, our results of operations, or our financial condition. 83 Governance Since January 2020, our President and CEO who has more than 20 years of experience in the Business Finance and Audit management industry has led our information security team in assessing and managing cybersecurity programs. He reports directly to our Board of Directors on the Company’s cybersecurity programs, including strategy, application, infrastructure, information security, support, and execution. Our Board of Directors on a quarterly basis, reviews the processes and performance indicators related to prevention, detection, mitigation, and remediation of cybersecurity incidents that could adversely impact business operations. The purpose of those reviews is to help the Company to maintain a cyber incident response plan with defined roles, responsibilities, and reporting protocols, which focuses on responding to and recovering from any significant breach as well as mitigating any impact to our business. As part of its overall risk oversight activities, with respect to cybersecurity risk management, the Board of Directors: ● oversees the quality and effectiveness of our policies and procedures with respect to our information technology and network systems; ● provides oversight on our policies and procedures in preparation for responding to any material data security incidents ; and ● oversees management of internal and external risks related to our information technology systems and processes. \

Company Information