PALISADE BIO, INC. 10-K Cybersecurity GRC - 2024-03-26

Page last updated on April 11, 2024

PALISADE BIO, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-26 16:06:46 EDT.

Filings

10-K filed on 2024-03-26

PALISADE BIO, INC. filed an 10-K at 2024-03-26 16:06:46 EDT
Accession Number: 0000950170-24-036402

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity . In the ordinary course of our business, we may process proprietary, confidential, and sensitive data, including personal data (such as health-related patient data), intellectual property, and trade secrets (collectively, “sensitive information”). We rely upon third-party service providers and technologies to operate critical business systems to process sensitive information in a variety of contexts, including, without limitation, third-party providers of cloud-based infrastructure, employee email, CROs, and other functions. The secure maintenance of this sensitive information and our information technology systems is important to our operations. To this end, we have processes designed to assess, identify, and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing therein. These processes are managed and monitored by our third-party information technology consultants and include mechanisms, controls, technologies, systems, and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the data and maintain a stable information technology environment. We are planning to establish an appropriate confidentiality framework and document management system in order to safeguard sensitive information in addition to the safeguards provided by our third-party service providers. Such confidentiality framework may include the use of third-party information technology experts to manage and oversee our sensitive information and to work directly with our management in overseeing cybersecurity risks and appropriate responses thereto. In addition, we plan to consult with outside advisors and experts, when appropriate, to assist with assessing and identifying cybersecurity risks, including to anticipate future threats and trends, and their impact on our risk environment. In the last fiscal year, we have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, but we face certain ongoing cybersecurity risks threats that, if realized, are reasonably likely to materially affect us. Additional information on cybersecurity risks faced by us are discussed in Part I, Item 1A, Risk Factors, under the headings If our information systems or data, or those of third parties upon which we rely, are or were compromised, we could experience adverse consequences resulting from such compromise, including but not limited to regulatory investigations or actions litigation fines and penalties disruptions of our business operations reputational harm loss of revenue or profits loss of customers or sales and other adverse consequences and Our business and operations would suffer in the event of system failures, cyber-attacks or a deficiency in our cybersecurity. Our Board, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit Committee, which is comprised solely of independent directors, has been designated by our Board to oversee cybersecurity risks. The Audit Committee receives updates, as needed, on cybersecurity and information technology matters and related risk exposures.

Company Information