ORAGENICS INC 10-K Cybersecurity GRC - 2024-03-29

Page last updated on July 2, 2024

ORAGENICS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-29 16:16:06 EDT.


10-K filed on 2024-03-29

ORAGENICS INC filed an 10-K at 2024-03-29 16:16:06 EDT
Accession Number: 0001493152-24-011979

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Cybersecurity Risk Management and Strategy Our management recognizes the impact that cybersecurity threats could have on our business operations, our compliance with regulations and our reputation. We have identified cybersecurity as a critical business risk as part of our overall risk management strategy, which our board of directors oversees. We have implemented an information security management system in accordance with our risk profile and business that is designed to protect the Company, our employees, and our shareholders from cybersecurity threats. We have also developed an incident response policy and procedure designed to facilitate the handling of cybersecurity incidents. Our cybersecurity risk management program aims to identify risks from cybersecurity threats. Our cybersecurity risk management program includes a number of components, including informal self-assessments. Our managed security services provider helps us implement additional security controls, including malware protection and network security tools. We take a risk-based approach to the evaluation of third-party vendors. We have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition. However, like other companies in our industry, we and our third-party vendors have from time-to-time experienced threats and cybersecurity incidents that could affect our information or systems. For more information, see Item 1A. Risk Factors. Governance Related to Cybersecurity Risks The Board of Directors and Audit Committee oversee the management of risks by the Company’s management. The Audit Committee is responsible for reviewing the Company’s cybersecurity program and risks, as identified by Company management, and the steps that Company management has taken to protect against threats to the Company’s assets including information systems and data security. The Audit Committee provides updates to the Board approximately annually.

Company Information

SIC DescriptionPharmaceutical Preparations
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30