PAID INC 10-K Cybersecurity GRC - 2024-04-01

Page last updated on July 16, 2024

PAID INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-01 16:09:41 EDT.


10-K filed on 2024-04-01

PAID INC filed a 10-K at 2024-04-01 16:09:41 EDT
Accession Number: 0001437749-24-010365

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Disclosure of Risk Management, Strategy, and Governance Regarding Cybersecurity Risks Our Board of Directors engages in regular discussions to address our Company’s principal risks, including those related to cybersecurity, ensuring comprehensive management and oversight. In alignment with this commitment, our cybersecurity leadership, comprising the Chief Operating Officer, Senior Systems Architect, DevOps Engineer, and Senior Technical Project Manager, forms a core committee dedicated to the review and strategic planning of our cybersecurity initiatives. This team’s collaborative efforts are instrumental in steering our Company’s approach to identifying, evaluating, and mitigating cybersecurity risks. Cybersecurity Risk Management and Strategy The designated committee oversees our cybersecurity risk assessment and mitigation strategies through various means, including but not limited to: ● Conducting internal evaluations and leveraging technological tools to fortify our cybersecurity posture. ● Implementing rigorous cybersecurity training for all employees to heighten awareness and preparedness against cyber threats. ● Ensuring the robustness of our cyber defenses with comprehensive antivirus solutions and adherence to cybersecurity best practices. ● Our reliance on third-party service providers, such as Google Cloud for server hosting and Stripe for payment processing, incorporates a level of inherited security measures. Nonetheless, our commitment extends to continuously assessing and enhancing our cybersecurity frameworks to align with evolving industry standards and best practices. Governance Our Board is advised of key cybersecurity matters through high-level briefings, ensuring strategic alignment and informed oversight of our cybersecurity endeavors. The Company’s officers, along with the executive team, play a pivotal role in the dynamic landscape of cybersecurity risk management. This committee is not only responsible for the ongoing assessment and management of cybersecurity risks but also ensures that strategic cybersecurity initiatives are integrated within the broader operational framework of our Company. Incident Response and Readiness Although our Company has not experienced cybersecurity incidents, we maintain a proactive stance through the implementation of an Incident Response Plan. This plan encompasses detailed procedures for addressing potential cybersecurity incidents, including scenario-based drills to test our preparedness. The escalation processes within the plan ensure swift communication to the executive leadership and, if necessary, to the Board of Directors, facilitating an agile and informed response to emerging cybersecurity threats. Engagement with Third Parties Our engagement with third-party service providers incorporates a thorough consideration of cybersecurity risks. Through our diligent evaluation process, we ensure that our partners adhere to stringent cybersecurity standards, safeguarding our data and systems against potential threats. This collaborative approach towards cybersecurity underscores our commitment to maintaining a secure operational environment for our stakeholders. 11

Company Information

SIC DescriptionServices-Business Services, NEC
TickerPAYD - OTC
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30