PGIM Private Credit Fund 10-K Cybersecurity GRC - 2024-03-25

Page last updated on April 11, 2024

PGIM Private Credit Fund reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-25 17:31:39 EDT.

Filings

10-K filed on 2024-03-25

PGIM Private Credit Fund filed an 10-K at 2024-03-25 17:31:39 EDT
Accession Number: 0001410578-24-000295

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We rely on Prudential, of which both the Manager and Subadviser are subsidiaries, for assessing, identifying and managing material risks to our business from cybersecurity threats. Below are details Prudential has provided to us regarding its cybersecurity program that are relevant to us. 59 Table of Contents Because of the size and scope of Prudential s business, Prudential, the Manager, their affiliates and the Company are subject to numerous and evolving cybersecurity risks, any of which, if it materializes, could affect our business strategy, results of operations, or financial condition. See Item 1A. Risk Factors Risks Related to Market Events and Regulatory Developments We may face a breach of our cyber security, which could result in adverse consequences to our operations and exposure of confidential information for a discussion of such risks. Cybersecurity risk management is integrated within Prudential s risk management framework. Prudential conducts risk identification through several processes at the business unit, corporate, senior management, and board levels. This framework includes escalation points to Prudential s risk committees, allowing cyber risk and control matters to be elevated to Prudential s board of directors or its audit committee for oversight. In order to respond to the threat of security breaches and cyber-attacks, Prudential has developed an information security program designed to protect and preserve the confidentiality, integrity, and continued availability of information owned by, or in the care of, Prudential, including information related to the Company s operations and investments. This information security program provides for the coordination of various corporate functions and governance groups, including global technology, risk, legal, compliance and corporate audit, and serves as a framework for the execution of responsibilities across businesses and operational roles. Among other things, the information security program establishes security standards for Prudential s, the Manager s, their affiliates and the Company s technological resources and includes training for employees, contractors and third parties. Employees of Prudential, as well as employees of the Manager and Subadviser, with access to Prudential s or its affiliates systems are subject to comprehensive annual training on responsible information security, data security, and cybersecurity practices and how to protect data against cyber threats. As part of the information security program, Prudential conducts periodic exercises with independent outside advisers to assess the effectiveness of its program and it internal response preparedness. Prudential regularly engages with the broader security community and monitors cyber threat information. To address risks associated with third-parties, Prudential has established an enterprise-wide Third-Party Risk Management Program. This program s features include, among other things, identifying, assessing and managing cybersecurity risks throughout the life of our third-party relationships. Prudential also maintains an incident response plan, which specifies escalation and evaluation processes for cyber events. This plan is executed in close coordination with Prudential s corporate functions, including a dedicated cyber and privacy law function, external affairs, and risk management, and is designed to ensure, among other things, appropriate and timely reporting and disclosure. During the period covered by this Annual Report, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. See Item 1A. Risk Factors Risks Related to Market Events and Regulatory Developments We may face a breach of our cyber security, which could result in adverse consequences to our operations and exposure of confidential information for a discussion of risks related to cybersecurity. Governance Prudential s information security program is overseen by its Chief Information Security Officer ( CISO ) and Information Security Office, as well as the Chief Information Officer ( CIO ), Stacey Goodman. Each of Prudential, the Manager, their affiliates and the Company believes that Prudential s employees and the employees of the Manager, Subadviser and their affiliates who provide services to the Company, respectively, responsible for managing cybersecurity risk have the skills and knowledge to assess and manage material risks from cybersecurity threats, and their qualifications include degrees and certifications typical for cybersecurity professionals. Prudential expects these employees to, among other things, understand computer systems, networks, and security technologies and be proficient in a variety of security tools and techniques, including intrusion detection, malware analysis and penetration testing. Prudential s CISO has served in various roles in information technology and information security for over 25 years, including serving as the head of information technology risk at two large public companies. Prudential s CISO holds a graduate degree in technology management and has attained the professional certifications of Certified Information Systems Security Professional and Certified Information Privacy Professional. Ms. Goodman, our CIO, was elected Executive Vice President and Chief Information Officer of Prudential Financial and Prudential Insurance Company of America in July 2019. Previously, she served as the Chief Information Officer at Freddie Mac, where she was responsible for the technology division, and served as a member of the Senior Operating Committee. Prior to Freddie Mac, Ms. Goodman was Executive Vice President and Chief Information and Operations Officer for CIT Group, Inc., where she was a member of the Executive Management Committee. Previously, Ms. Goodman was the Divisional Chief Information Officer of Global Technology and Operations at Bank of America. She also held global leadership positions at UBS and PaineWebber. Ms. Goodman began her career at Salomon Brothers. 60 Table of Contents The Board is responsible for understanding the primary risks to our business. The Board is responsible for reviewing periodically our and the Manager s and the Subadviser s information technology security controls and related compliance matters, with the Company s management. The Board receives periodic updates from Prudential s CISO, CIO and/or Operational Risk Management, or their designees, throughout the year. At least annually, the Board, or a committee thereof, also receives updates on cybersecurity matters, including risks facing the Company, the Manager and the Subadviser and, as applicable, certain incidents. In addition to such periodic updates, the Board or a committee thereof may receive updates from management as to our and the Manager s cybersecurity risks and Prudential cybersecurity program developments.

Company Information