Piedmont Lithium Inc. 10-K Cybersecurity GRC - 2024-02-28

Page last updated on April 11, 2024

Piedmont Lithium Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-28 17:33:08 EST.

Filings

10-K filed on 2024-02-28

Piedmont Lithium Inc. filed an 10-K at 2024-02-28 17:33:08 EST
Accession Number: 0001728205-24-000034

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY. Cybersecurity Risk Management and Strategy We recognize the importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. As a result, we have integrated cybersecurity risk management into our broader risk management framework to promote a holistic approach toward assessing, identifying, and managing material risks associated with cybersecurity threats. This integration ensures that cybersecurity considerations are an integral part of the decision-making processes at every level of our organization. Recognizing the complexity and evolving nature of cybersecurity threats, we have partnered with third-party cybersecurity agencies to leverage specialized knowledge and insights, ensuring our cybersecurity strategies and processes remain at the forefront of industry best practices. Our cybersecurity partners work to continuously scan and monitor our networks for threats and vulnerabilities and provide access to a 24/7 incident response team. Further, through our partnerships, we conduct annual security risk assessments, which are designed in alignment with the National Institute of Standards and Technology Cybersecurity Framework and perform annual penetration tests and breach and attack simulations to validate security controls. These partnerships are actively managed by members of our management team, together with our information technology department, to ensure effective implementation. 31 Table of Contents Additionally, to best position Piedmont Lithium to avoid cybersecurity incidents, we, among other things, conduct employee trainings and, where appropriate, utilize a coordinated procurement process to bring consistency, compliance, and interoperability to the hardware, software, and services we obtain from vendors and other business partners. This coordinated procurement process includes, in addition to other safeguards, review by our information technology and legal departments to address any security concerns before any vendor or business partner is granted access to our information systems. As of the date of this Annual Report, we have not identified risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. While we continually work to safeguard the information systems we use, and the proprietary, confidential and personal information residing therein, and mitigate potential risks, there can be no assurance that such actions will be sufficient to prevent cybersecurity incidents or mitigate all potential risks to such systems, networks and data or those of our third-party providers. For additional information, refer to Part I, Item 1A, Risk Factors Our business is subject to cybersecurity risks . Governance Cybersecurity is an important part of our risk management processes and an area of focus for our Board and management team. Our Audit Committee is responsible for the Board-level oversight of risks from cybersecurity threats. Members of our Audit Committee receive updates from our management team regarding Company practices, programs, and other developments related to cybersecurity throughout the year, including quarterly updates from our Chief Legal Officer on cyber threats and our cybersecurity risk management and strategy program. Our Audit Committee is comprised of Board members with diverse expertise, including risk management and strategy, equipping each member to oversee cybersecurity risks effectively. We maintain a Cybersecurity Incident Response Team composed of professionals across various functions, including information technology, legal, finance, accounting, and risk. This team is trained in managing cybersecurity incidents and is comprised of individuals with experience in various roles involving information technology, including, security, auditing, compliance, systems, and programming.

Company Information