CHINA PHARMA HOLDINGS, INC. 10-K Cybersecurity GRC - 2024-04-01

Page last updated on April 11, 2024

CHINA PHARMA HOLDINGS, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-01 16:06:16 EDT.

Filings

10-K filed on 2024-04-01

CHINA PHARMA HOLDINGS, INC. filed an 10-K at 2024-04-01 16:06:16 EDT
Accession Number: 0001213900-24-028731

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. Risk Management and Strategy We have implemented cybersecurity risk assessment procedures to ensure effectiveness in cybersecurity management, strategy and governance and reporting cybersecurity risks. We have also integrated cybersecurity risk management into our overall enterprise risk management system. We have used a cybersecurity threat defense system to address both internal and external threats. This system encompasses various levels, including network, host and application security and incorporates systematic security capabilities for threat defense, monitoring, analysis, response, deception and countermeasures. We strive to manage cybersecurity risks and protect sensitive information through various methods, including technical safeguards, procedural requirements, an intensive monitoring program on our corporate network, a robust incident response program, a review of the effectiveness of our security system with reference to applicable security standards by qualified third parties and regular cybersecurity awareness training for employees. We continuously monitor the performance of our apps, platforms and infrastructure to enable us to respond quickly to potential problems, including potential cybersecurity threats. As of the date of this Report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition. Governance Our Board of Directors is responsible for overseeing the Company s cybersecurity risk management and be informed on risks from cybersecurity threats. The Board shall review, approve and maintain oversight of the disclosure (i) on Form 8-K for material cybersecurity incidents (if any) and (ii) related to cybersecurity matters in the periodic reports (including annual report on Form 10-K) of the Company. In addition, our management team, including those with experience in dealing with confidentiality-related cybersecurity issues, oversee and manage cybersecurity related matters and formulate policies as necessary. Our Board review on an annual basis regarding assessment, identification and management on material risks from cybersecurity threats happened in the ordinary course of our business operations. If a cybersecurity incident occurs, our Board will promptly organize relevant personnel for internal assessment and, depending on the situation, seek the opinions of external experts and legal advisors. If it is determined that the incident could potentially be a material cybersecurity event, our Board will decide on the relevant response measures and whether any disclosure is necessary. If such disclosure is determined to be necessary, such disclosure material will be prepared and reviewed by our Board before it is disseminated to the public. 45

Company Information