Societal CDMO, Inc. 10-K Cybersecurity GRC - 2024-03-22

Page last updated on July 16, 2024

Societal CDMO, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-22 17:12:53 EDT.


10-K filed on 2024-03-22

Societal CDMO, Inc. filed a 10-K at 2024-03-22 17:12:53 EDT
Accession Number: 0000950170-24-035480

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy We rely on information systems and the data stored on them to conduct our operations. As such, we have implemented processes designed to mitigate risks posed by cybersecurity threats. Our approach to cybersecurity risk management is multi-faceted and includes, but is not limited to, engaging third-party information technology and cybersecurity providers and consultants for support as appropriate, including to conduct annual penetration testing and cybersecurity risk assessments, as well as other vulnerability analyses on a periodic basis. We also utilize a third-party to implement and manage automated tools designed to conduct ongoing monitoring for potential critical risks from cybersecurity threats. Additionally, we have implemented an employee education and training program, offered during onboarding and on an ongoing, periodic basis thereafter, that is designed to raise awareness of cybersecurity threats. As part of this employee training, we engage in periodic phishing simulations designed to raise employee awareness of such risks. 35 We maintain processes to inform and update management and, as needed, the audit committee, regarding security incidents that may pose a significant risk for the business, as applicable. We have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition; however, like other companies in our industry, we and our third-party vendors have experienced threats and security incidents relating to our and our third-party vendors’ information systems. For more information, please see “Item 1A, Risk Factors.” Governance Our Director of Information Technology, who reports directly to our Chief Financial Officer, is responsible for the day-to-day management of our cybersecurity risk management processes. The Director of Information Technology role is currently held by an individual who has thirty years of information technology and cybersecurity experience. Our audit committee is responsible for overseeing our cybersecurity risk management program. Our Director of Information Technology and/or Chief Financial Officer periodically update the audit committee on cybersecurity risks and mitigation strategies and related cyber matters. In the event of a cybersecurity incident, we have implemented processes for the Director of Information Technology and/or the Chief Financial Officer to discuss incident response strategies with the audit committee. The Director of Information Technology and/or the audit committee update the full board of directors on matters relating to cybersecurity risk management and critical cybersecurity risks as appropriate.

Company Information

NameSocietal CDMO, Inc.
SIC DescriptionPharmaceutical Preparations
TickerSCTL - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30