PureCycle Technologies, Inc. 10-K Cybersecurity GRC - 2024-03-05

Page last updated on April 11, 2024

PureCycle Technologies, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-05 21:15:14 EST.

Filings

10-K filed on 2024-03-05

PureCycle Technologies, Inc. filed an 10-K at 2024-03-05 21:15:14 EST
Accession Number: 0001830033-24-000029

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Information about cybersecurity risks and PCT s risk management processes is collected, analyzed and considered as part of PCT s overall enterprise risk management program. PCT has a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of PCT s information systems and data by assessing, identifying, and managing material risks from cybersecurity threats. 23 Table of Contents PCT s cybersecurity risk management program includes: risk assessments designed to help identify cybersecurity risks to PCT s information systems, data, services, and its broader enterprise IT environment; a security team principally responsible for managing PCT s cybersecurity risk assessment processes, PCT s security controls, and PCT s response to cybersecurity incidents; the use of certain external service providers, where appropriate, to assess, test or otherwise assist with aspects of PCT s security processes; cybersecurity awareness training of PCT s employees, incident response personnel and senior management; a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and a third-party cyber risk management process for third-parties that interact with our systems and data including, among other things, a security assessment and contracting program for such third-parties based on their risk profile. As of the date of this Form 10-K, PCT has not identified risks as a result of prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect, PCT s operations, business strategy, results of operations, or financial condition. PCT faces certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect PCT, including PCT s operations, business strategy, results of operations, or financial condition. See Risk Factors Cybersecurity incidents and the failure to maintain the integrity of PCT s systems or infrastructure, or those of third parties with which PCT does business, could have a material adverse effect on PCT s business, financial condition, results of operations and prospects. Cybersecurity Governance PCT s Board considers cybersecurity risk as part of its risk oversight. Oversight of cybersecurity and other information technology risks, as well as management s implementation of PCT s cybersecurity risk management program, is the responsibility of the Board. While the Board has delegated to the Audit and Finance Committee the responsibility to discuss with management and the independent auditors PCT s underlying policies and guidelines with respect to risk assessment and risk management, including with respect to cybersecurity, data privacy, data security and continuity, not less than once annually, the full Board receives a briefing from management on PCT s cybersecurity risk management program and ongoing initiatives and strategies to address and monitor specific cybersecurity risks. Presentations on cybersecurity matters are provided to the Board by PCT s information technology ( IT ) leadership. In addition, management updates the Audit and Finance Committee and the Board, as necessary, regarding any significant cybersecurity incidents, to the extent any occur. PCT s Director of IT has over 20 years of experience in cybersecurity management and information systems. Management along with third-party assistance from a recognized expert in unified cyber security and compliance expertise, monitors, manages, and assesses PCT s risks from cybersecurity threats.

Company Information