SunOpta Inc. 10-K Cybersecurity GRC - 2024-02-28

Page last updated on July 16, 2024

SunOpta Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-28 17:08:11 EST.


10-K filed on 2024-02-28

SunOpta Inc. filed a 10-K at 2024-02-28 17:08:11 EST
Accession Number: 0001062993-24-004783

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Our cybersecurity program is strategically crafted to achieve the paramount goals of identifying, protecting, detecting, and responding to all potential risks and threats. Employing a defense-in-depth strategy, we proactively identify, investigate, and resolve vulnerabilities and security incidents in a timely manner. Continuous improvement is integral to our cybersecurity approach. Regular assessments, conducted with the expertise of external security firms against international standards, allow us to quantify our program’s effectiveness. The insights gained from these assessments serve as a foundation for continuous improvement efforts. Outcomes are reported to our Audit Committee for transparency and accountability. We rely on services from a variety of third-party providers to supply things such as cloud storage and networks. On an annual basis, we review these providers to assess their risk profiles. We rely on these third parties to have their own cybersecurity programs commensurate with their risk, and we cannot ensure in all circumstances that their efforts will be successful. SUNOPTA INC. 17 December 30, 2023 Form 10-K Despite facing directed attacks, our systems have withstood such challenges without material interruptions to our business operations. Recognizing the potential impact of significant disruptions, we remain steadfast in our commitment to fortify our systems against evolving threats. Any significant disruption to our ability to transact business could adversely affect our business performance as well as our reputation. Refer to Item 1A “Risk Factors - Our business operations could be disrupted if our information technology systems fail to perform adequately or are breached.” Heading our cybersecurity program is our Chief Information Officer (“CIO”). Our CIO has over 30 years of experience in Software Engineering and Information Technology/Cybersecurity and is supported by skilled professionals from our Information Technology team. This seasoned team provides regular updates to our Enterprise Risk Management Steering Committee (the “ERM”), composed of our Chief Executive Officer, Chief Financial Officer, Chief Administrative Officer, and other members of our senior leadership. Our Audit Committee and Board of Directors receive regular reports from the ERM, as well as directly from our CIO on a quarterly basis. These reports cover various cybersecurity matters, including risk assessments, mitigation strategies, areas of emerging risks, incidents and industry trends, and other areas of importance. Furthermore, our Board of Directors takes a proactive stance in overseeing our annual enterprise risk assessment. This comprehensive evaluation encompasses key risks, including those associated with security, technology, and cybersecurity threats, demonstrating our commitment to robust governance and risk management.

Company Information

NameSunOpta Inc.
SIC DescriptionWholesale-Farm Product Raw Materials
TickerSTKL - Nasdaq
CategoryLarge accelerated filer
Fiscal Year EndDecember 29