Monte Rosa Therapeutics, Inc. 10-K Cybersecurity GRC - 2024-03-14

Page last updated on July 16, 2024

Monte Rosa Therapeutics, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-14 07:44:53 EDT.


10-K filed on 2024-03-14

Monte Rosa Therapeutics, Inc. filed a 10-K at 2024-03-14 07:44:53 EDT
Accession Number: 0000950170-24-031150

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy We have implemented a cybersecurity risk management program, in accordance with our risk profile and business size, that is designed to detect, identify, assess, and respond to current and emerging cybersecurity threats. Our cybersecurity risk management program is supported by third-party information technologies and vendors, including a managed services provider that assists us with, among other things, information technology system monitoring, detection, and response support services. We also leverage third-party information technology service providers to monitor and evaluate our cybersecurity posture through vulnerability scans, penetration tests, and cybersecurity risk reviews and assessments. Our cybersecurity risk assessments are informed by industry standards and frameworks and incorporate elements of the same, including elements of the National Institute of Standards and Technology (NIST) cybersecurity framework. We have adopted an incident response plan designed to coordinate the steps to identify, contain, eradicate, and recover from cybersecurity incidents. We also have a process for newly-hired employees to participate in security awareness training, and we conduct periodic phishing email simulations . We also have a process to review certain third-party information technology service providers and vendors, including through contractual requirements and proactive threat intelligence monitoring, as appropriate. To date, we have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition, however, like other companies in our industry, we and our third-party information technology service providers and vendors have from time to time experienced threats that could affect our information or systems. For more information, please refer to Item 1A, “Risk Factors,” in this annual report on Form 10-K. Governance Our Head of Information Technology (“IT”), with the support of our third-party information technology service providers and a team of IT professionals, is responsible for the strategic leadership and day-to-day management of our cybersecurity program. The individual serving as Head of IT has more than twenty-five years of experience in information technology and information security. Our Board of Directors has delegated oversight of our cybersecurity risk management program to our Audit Committee, per the Audit Committee Charter. Our Head of IT provides quarterly updates to the Audit Committee regarding our cybersecurity risk management program, including information about cybersecurity risk management governance, and provides the Audit Committee with status updates on various projects intended to enhance the overall cybersecurity posture of the Company, as applicable.

Company Information

NameMonte Rosa Therapeutics, Inc.
SIC DescriptionBiological Products, (No Diagnostic Substances)
TickerGLUE - Nasdaq
Emerging growth company
Fiscal Year EndDecember 30