Arcadium Lithium plc 10-K Cybersecurity GRC - 2024-02-29

Page last updated on April 11, 2024

Arcadium Lithium plc reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-29 16:53:59 EST.

Filings

10-K filed on 2024-02-29

Arcadium Lithium plc filed an 10-K at 2024-02-29 16:53:59 EST
Accession Number: 0001977303-24-000008

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Cybersecurity Risks Cybersecurity Risk Management and Strategy Arcadium Lithium is committed to protecting its information systems and data from unauthorized access, use, disruption, and destruction. Our cybersecurity risk management strategy is designed to detect, assess, and manage cybersecurity risks in an organized and effective manner with active involvement from the board of directors and management. We also endeavor to actively maintain and monitor our cybersecurity program to stay ahead of the emerging cybersecurity threat landscape. Our cybersecurity program includes the following key elements: Enterprise Risk Management (“ERM”) process to identify and prioritize cybersecurity risks. Strong cybersecurity program that conforms to the National Institute of Standards and Technology framework, including a zero-trust model, monitoring, and threat intelligence. Cybersecurity awareness training program to educate employees about risks and how to detect malicious attack attempts. Cybersecurity Incident Response plan that is tightly integrated with the Global Crisis Management Plan to effectively respond and recover from material incidents. Risk-based security architecture designed to protect our most critical assets from the most common threats. Maintenance of a cybersecurity insurance policy. Our ERM program is maintained and overseen by a cross-functional team of business leaders from across the organization. The program incorporates regular sessions to review the Company’s overall risk posture, identify new risks and develop mitigation strategies. ERM matters are reviewed with the Risk Council Review Committee and are ultimately overseen by the Audit Committee of the Board of Directors, which regularly meets with and receives guidance and support from the Board of Directors. Board of Directors Oversight of Cybersecurity Risks The Board of Directors is responsible for overseeing Arcadium Lithium’s Enterprise Risk Management, which includes cybersecurity reporting. The process includes: Receipt of regular updates from the Audit Committee of the Board of Directors on the latest cybersecurity risk posture and overall effectiveness of the Company’s cybersecurity program. Independent reviews of the Company’s cybersecurity program through the SOX audit process. Regular discussions about cybersecurity risks at meetings of the board of directors. 47 Table of Contents Management’s Role in Assessing and Managing Material Risks from Cybersecurity Threats Our management team has a comprehensive understanding of the Company’s cybersecurity posture and associated risks. The team possesses significant expertise and experience to develop, implement and maintain appropriate cybersecurity controls to reduce risk and seek to keep the Company safe from malicious attacks. Furthermore: Management regularly assesses company risk posture using internal reporting and monitoring tools. Management develops and implements mitigation strategies that are based on industry best practice. Management monitors and maintains the effectiveness of the cybersecurity program through penetration testing and regular assessments. The management team also works with external advisors, partners, and auditors for expert guidance on all cybersecurity-related matters. To date, no cyber threats have materially adversely affected the Company.

Company Information