PREFORMED LINE PRODUCTS CO 10-K Cybersecurity GRC - 2024-03-08

Page last updated on April 11, 2024

PREFORMED LINE PRODUCTS CO reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-08 15:59:38 EST.

Filings

10-K filed on 2024-03-08

PREFORMED LINE PRODUCTS CO filed an 10-K at 2024-03-08 15:59:38 EST
Accession Number: 0000950170-24-028605

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy The Company has implemented information security programs to, among other actions, assess, identify and manage material risks from cybersecurity threats. These programs include periodic risk assessments, firmwide testing initiatives, periodic phishing tests and annual audits. As the Company assesses its risks and determines how to implement risk management programs, the following factors, among others, are considered: likelihood and severity of risk, impact on the Company and others if a risk materializes, feasibility and cost of controls, and impact of controls on operations and others. The Company also utilizes an independent cybersecurity advisor to provide periodic objective assessments of the Company s capabilities and to conduct advanced attack simulations. Further, as of part of the Company s overall information security program, the Company conducts a security awareness program, which includes training that reinforces the Company s security management policies, standards, and practices, as well as the expectation that employees comply with these policies, standards and practices. The Company s security awareness program engages personnel through mandatory periodic training on identifying potential cybersecurity risks and protecting the Company s resources and information. The Company also annually engages third parties (as well as its internal audit department) to audit the Company s information security programs. The Company uses a variety of processes to address cybersecurity threats related to the use of third-party technology and services, including pre-acquisition diligence, imposition of contractual obligations, and ongoing monitoring. To date, there has not been any previous cybersecurity incident that has materially affected the Company’s business strategy, results of operations or financial condition. See Item 1A. Risk Factors under the heading of The Company employs information technology systems to support its business, and any material breach, interruption or failure may adversely impact the Company s business. for additional information on cybersecurity threats that could have a material impact on the Company. The Risk Factors section should be read in conjunction with this Item 1C. Cybersecurity Risk Governance and Oversight The Company s Board of Directors maintains an active role in the Company s overall enterprise risk oversight to identify and mitigate broader systemic risks. The Audit Committee is responsible for overseeing and reviewing the Company s information security programs, including cybersecurity. The Director of Global Information Systems, who manages information security training and awareness program, updates the Audit Committee periodically regarding information security matters. The findings from the Company s annual third-party and internal information security audits also are reported to the Audit Committee. The Company also actively engages with key vendors and industry participants as part of its efforts, which are reported to the Audit Committee. In addition to the Audit Committee s oversight, the full Board of Directors receives periodic updates relating to information security and cyber security risks. The Board of Directors receives an annual report from its independent cybersecurity advisor. The Director of Global Information Systems has had oversight responsibilities for PLP s information systems and cyber security for 15 years. He attends regular education programs regarding enterprise cybersecurity and supporting technologies. The Director of Global Information Systems reports to the CFO and coordinates with the IT resources across all subsidiary operations to discuss risk management initiatives, testing and training, recent trends and technological developments, and periodic reviews of third-party providers.
Item 1C. Cybersecurity Risk Governance and Oversight The Company s Board of Directors maintains an active role in the Company s overall enterprise risk oversight to identify and mitigate broader systemic risks. The Audit Committee is responsible for overseeing and reviewing the Company s information security programs, including cybersecurity. The Director of Global Information Systems, who manages information security training and awareness program, updates the Audit Committee periodically regarding information security matters. The findings from the Company s annual third-party and internal information security audits also are reported to the Audit Committee. The Company also actively engages with key vendors and industry participants as part of its efforts, which are reported to the Audit Committee. In addition to the Audit Committee s oversight, the full Board of Directors receives periodic updates relating to information security and cyber security risks. The Board of Directors receives an annual report from its independent cybersecurity advisor. The Director of Global Information Systems has had oversight responsibilities for PLP s information systems and cyber security for 15 years. He attends regular education programs regarding enterprise cybersecurity and supporting technologies. The Director of Global Information Systems reports to the CFO and coordinates with the IT resources across all subsidiary operations to discuss risk management initiatives, testing and training, recent trends and technological developments, and periodic reviews of third-party providers.

Company Information