BT Brands, Inc. 10-K Cybersecurity GRC - 2024-04-01

Page last updated on April 11, 2024

BT Brands, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-01 16:40:00 EDT.

Filings

10-K filed on 2024-04-01

BT Brands, Inc. filed an 10-K at 2024-04-01 16:40:00 EDT
Accession Number: 0001477932-24-001711

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity We maintain a proactive cybersecurity program that is aligned with our business and is dedicated to managing information technologies ( IT ) risks to our Company. We have established policies, standards, processes, and practices for assessing, identifying and managing material risks from cybersecurity threats. These measures are integrated into our overall risk management program and governance structure, demonstrating our commitment to cybersecurity in a manner consistent with our business activities. We employ an array of controls, technologies, and other processes designed to identify, protect against, detect, respond to, and mitigate cybersecurity risks. These measures are in alignment with the frameworks established by the National Institute of Standards and Technology (NIST). Our IT activities are primarily outsourced for monitoring and maintenance to third parties and are subject to independent controls over IT. These controls include but are not limited to, internal reporting, monitoring and detection tools, threat intelligence, and general and role-based training. We consistently evaluate and enhance the effectiveness of our cybersecurity program, ensuring continuous evolution and improvement. Overseeing the assessment and management of our exposure to various risks, including cybersecurity, is a key oversight responsibility for the Board of Directors. These risks are identified, measured, monitored, and managed across key risk categories, which include the consideration of cybersecurity risks. Our chief financial officer (CFO) facilitates the Company s oversight, which includes an assessment of our risk environment at least once per year. The review incorporates risk assessment and evaluation. The Audit Committee assists the Board with its oversight of cybersecurity risk. Our CFO reviews the oversight program with the Audit Committee, including reviewing existing risks and significant emerging risks across the Company s key risk categories. In reviewing specific threats and risks with the Board, senior management may incorporate reports from consultants and other third-party advisors. To date, we have not experienced a cybersecurity threat or incident therefore, there has been no cybersecurity impact on our results of operations or financial condition. However, unauthorized access to our information and systems and other disruptions to our business operations could occur in the future. 21 Table of Contents

Company Information