Runway Growth Finance Corp. 10-K Cybersecurity GRC - 2024-03-07

Page last updated on April 11, 2024

Runway Growth Finance Corp. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-07 16:04:11 EST.

Filings

10-K filed on 2024-03-07

Runway Growth Finance Corp. filed an 10-K at 2024-03-07 16:04:11 EST
Accession Number: 0000950170-24-027913

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We have processes in place for assessing, identifying, and managing material risks from potential unauthorized occurrences on or through our electronic information systems that could negatively impact the confidentiality, integrity, or availability of our information systems or the information held on such systems. These processes include controls, procedures, systems and tools that are designed to prevent, detect, or mitigate data loss, theft, misuse, unauthorized access, or other security incidents or vulnerabilities affecting the data. Such processes are set forth in our joint Cybersecurity Policy and Disaster Recovery Plan (collectively, the Cybersecurity Policy ). The Cybersecurity Policy sets forth the role of the Information Security Committee in preparing, implementing, and maintaining incident response procedures in consultation with senior management of the Adviser and Administrator. Our Information Security Committee is responsible for the development and implementation of policies and technical measures to reasonably prevent security incidents. The Information Security Committee includes our Chief Financial Officer and Chief Compliance Officer. At times we may also engage assessors, consultants, or other third parties to assist with assessing, identifying and managing cybersecurity risk. As part of our risk management process, we conduct assessment and penetration testing, including regular trainings completed by employees of RGC who provide services to us pursuant to the Advisory Agreement and Administration Agreement. Material Impact of Cybersecurity Risks As of the date of this annual report on Form 10-K, we are not aware of any material risks from cybersecurity threats that have materially affected, or are reasonably likely to materially affect, the Company, including our business strategy, results of operations, or financial condition. However, future incidents could have a material impact on our business. Additional information about the cybersecurity risks that we face is discussed in Item 1A of Part I, Risk Factors in this Annual Report on Form 10-K under the heading Cybersecurity risks and cyber incidents may adversely affect our business by causing a disruption to our operations, a compromise or corruption of our confidential information and/or damage to our business relationships, all of which could negatively impact our business, results of operations or financial condition. 58 Table of Contents Oversight of Cybersecurity Risks Our cybersecurity risks and associated mitigation strategies are evaluated by our management and the Information Security Committee as needed, but no less frequently than annually. On at least a quarterly basis, management and the Information Security Committee report to our Board of Directors on developments to cybersecurity risks we face. Such reports include, among other things, an overview of the controls and procedures related to assessing, identifying, and managing risks related to cybersecurity threats, oversight of third-party service providers and related cybersecurity threats, and management s evaluation of cybersecurity risks that are material to us.

Company Information