J.Jill, Inc. 10-K Cybersecurity GRC - 2024-04-04

Page last updated on July 2, 2024

J.Jill, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-04 16:50:31 EDT.


10-K filed on 2024-04-04

J.Jill, Inc. filed an 10-K at 2024-04-04 16:50:31 EDT
Accession Number: 0000950170-24-041871

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Overview Maintaining the safety and security of our systems and data is essential to the success of our company. As with other industries, there are several cybersecurity threats we encounter. These include phishing, ransomware, and denial of service, among others. Our suppliers, vendors, and other partners face similar threats. A cybersecurity incident impacting us or any of these entities could materially affect our operations, performance, or financial results. See Item 1A, Risks Related to Information Security for additional details. The governance of our risk management program is a partnership between our cross functional management team and our Board of Directors. This program includes both a cyber team led by our Chief Information Officer (“CIO”), as well as an Enterprise Risk Management (“ERM”) program led by our head of compliance. Our CIO has 30 years of information technology experience, including over 3 years of direct oversight of information security. Risk oversight for both our cyber and ERM programs is primarily the responsibility of the Audit Committee of the Board of Directors who receive quarterly updates, at a minimum, with additional updates shared to the full Board of Directors on a recurring basis. Cyber Security Team Our cross functional cyber security team is responsible for the overall information security strategy, risk assessment, cyber threat detection and response, and execution of an ongoing cyber program. The goal of this team is to lower the impact and likelihood of persistent threats to the extent feasible, including safeguarding of key information and the integrity of key systems. We also partner with third-party vendors to enhance our program including monitoring, pen testing, and other 27 assessments and programs. Additionally, the Company has implemented certain information security measures which include security reviews as well as internal training and testing programs. Enterprise Risk Management (ERM) Program Our cyber risks are included in our ERM program. Our ERM program is led by our Senior Director of Compliance and Internal Audit and has oversight from our Audit Committee. This program includes a cross functional team including our senior leadership team and other key members of management. Risk reduction plans are developed and updates are regularly assessed by the team. Our Audit Committee provides oversight and is briefed quarterly, at a minimum. In the event a cyber incident should occur, there are additional steps taken to mitigate cybersecurity risks and incidents. As of the date of this filing, we are not aware of any current cybersecurity threats or cybersecurity incidents that have materially affected or are reasonably likely to materially affect our business, results of operations or financial condition.

Company Information

NameJ.Jill, Inc.
SIC DescriptionWomen’s, Misses’: and Juniors Outerwear
CategoryAccelerated filer
Smaller reporting company
Fiscal Year EndJanuary 27