Brightwood Capital Corp I 10-K Cybersecurity GRC - 2024-03-21

Page last updated on April 11, 2024

Brightwood Capital Corp I reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-21 16:47:31 EDT.

Filings

10-K filed on 2024-03-21

Brightwood Capital Corp I filed an 10-K at 2024-03-21 16:47:31 EDT
Accession Number: 0001410578-24-000262

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY The Company has processes in place to assess, identify, and manage material risks from cybersecurity threats. The Company s business is dependent on the communications and information systems of the Investment Adviser and other third-party service providers. The Investment Adviser manages the Company s day-to-day operations and has implemented a cybersecurity program that applies to the Company and its operations. Cybersecurity Program Overview The Investment Adviser has engaged a managed service provider to provide comprehensive information technology services (the IT MSP ), including services related to cybersecurity. The Investment Adviser, in conjunction with IT MSP, has instituted a cybersecurity program designed to identify, assess, and mitigate cyber risks applicable to the Company. The cyber risk management program involves risk assessments, implementation of security measures, and ongoing monitoring of systems and networks, including networks on which 51 Table of Contents the Company relies. The Investment Adviser, in conjunction with IT MSP, actively monitors the current threat landscape in an effort to identify material risks arising from new and evolving cybersecurity threats, including material risks faced by the Company. The Company relies on the Investment Adviser to engage external experts, including the IT MSP and cybersecurity consultants, to evaluate cybersecurity measures, including those applicable to the Company. The Company relies on the Investment Adviser s risk management program and processes, which include cyber risk assessments. The Company depends on and engages various third parties, including suppliers, vendors, and service providers, to operate its business. The Company relies on the expertise of risk management, legal, information technology, and compliance personnel of the Investment Adviser when identifying and overseeing risks from cybersecurity threats associated with our use of such entities. Board Oversight of Cybersecurity Risks The Board provides strategic oversight on cybersecurity matters, including risks associated with cybersecurity threats. The Board receives updates from the Company s Chief Compliance Officer ( CCO ) regarding the overall state of the Investment Adviser s cybersecurity program and cybersecurity incidents impacting the Company, if any. Management’s Role in Cybersecurity Risk Management The Company relies on the Investment Adviser and IT MSP to assess and manage material risks from cybersecurity threats. Management of the Company is informed about and monitors the prevention, detection, mitigation, and remediation of cybersecurity risks and incidents, if any, impacting the Company, including through the receipt of notifications from service providers and reliance on communications with risk management, legal, information technology, and/or compliance personnel of the Investment Adviser. Assessment of Cybersecurity Risk The potential impact of risks from cybersecurity threats on the Company are assessed on an ongoing basis, and how such risks could materially affect the Company s business strategy, operational results, and financial condition are regularly evaluated. During the reporting period, the Company has not identified any risks from cybersecurity threats that the Company believes have materially affected, or are reasonably likely to materially affect, the Company, including its business strategy, operational results, and financial condition.

Company Information