FOCUS UNIVERSAL INC. 10-K Cybersecurity GRC - 2024-04-01

Page last updated on July 16, 2024

FOCUS UNIVERSAL INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-01 14:35:10 EDT.


10-K filed on 2024-04-01

FOCUS UNIVERSAL INC. filed a 10-K at 2024-04-01 14:35:10 EDT
Accession Number: 0001683168-24-001995

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY RISK MANAGEMENT, STRATEGY AND GOVERNANCE Risk Management and Strategy We have implemented a cybersecurity process that is designed to assess, identify, manage and govern material risks from cybersecurity threats and requires a firewall for outside connections. We operate a closed server in a locked room and regularly examine cybersecurity threats that could compromise our information system’s security or data and otherwise maintain our cybersecurity policies and procedures in accordance with industry standard control frameworks and applicable regulations, laws, and standards. We regularly check and improve our security measures and educate our employees about such measures with the help of our information technology (IT) team. Key personnel are made aware of our cybersecurity process through trainings. We do not engage third party professionals or disclose our internal security measures to private parties. We have never experienced a cybersecurity incident that was determined to be material, although, like many technology-dependent companies operating in the current environment, we have experienced cybersecurity incidents in the past. For additional information regarding whether any risks from cybersecurity threats are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition, please see the section titled " Risk Factors ." Governance One of the key functions of our board of directors, in connection with our IT team, is informed oversight of our risk management process, which includes risks from cybersecurity threats. Our board of directors monitors and assesses strategic risk exposure, and our executive officers manage the material risks we face. Our Vice President of Operations, who has over 30 years of experience in IT and marketing, works with our board of directors to manage our cybersecurity policies and processes, including those described in the “Risk Management and Strategy” section above. Together, they stay informed and manage how we identify, address, prevent and resolve cybersecurity issues and related matters. They also track how we prevent, identify, lessen, and address cybersecurity issues. This is done through regular checks of our systems, tests to identify security weaknesses, and maintaining an incident response plan. In addition to such regular system checks, our Vice President of Operations, together with the board, regularly discuss active, emerging and potential cybersecurity risks. They keep each other informed about significant changes affecting cybersecurity, and they periodically update management with these changes, as well as our cybersecurity risks, so that management can administer its oversight function as a part of its broader oversight and risk management.

Company Information

SIC DescriptionIndustrial Instruments For Measurement, Display, and Control
TickerFCUV - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30