Nova Lifestyle, Inc. 10-K Cybersecurity GRC - 2024-04-12

Page last updated on July 16, 2024

Nova Lifestyle, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-12 21:41:48 EDT.


10-K filed on 2024-04-12

Nova Lifestyle, Inc. filed a 10-K at 2024-04-12 21:41:48 EDT
Accession Number: 0001493152-24-014501

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Information technology (IT) is critical to many of our operating activities and is subject to security threats and increasingly sophisticated cyber-attacks. As a result, we have policies and processes in place to assess, identify, and manage the strategic and operational IT-related risks as an integrated part of our overall risk management system. These risks include the risk of cyber-attacks on IT infrastructure and intellectual property, as well as on cybersecurity for our online product offerings. The Company has adopted Risk Assessment Methodology Policy, Information Security Policy and Incident Response Plan Policy to managing material risks from cybersecurity threats and hired IT consultant to help managing cybersecurity risks. When the Company uses a third party service provider and shares sensitive data such service provider, it must adhere to the compliance requirements in the Service Agreement which includes an acknowledgement that the service provider is responsible for safeguard and the security of the sensitive data. As of date of this report, there has been no previous cybersecurity incidents, have materially affected the Company yet. The independent director of the Board Charlie La is responsible for the oversight of risks from cybersecurity threats on behalf of the Board. Mr. Teng Ai Leng, our IT consultant and Tawny Lam, Chief Executive Officer of the Company report to Mr. Charlie La and Board of Directors for cybersecurity risks and incidents. Teng AI Leng has 29 years of working experience in the Information technology industry. The Company has adopted Incident response plan policy, including Roles and Responsibilities, Incident Categories, Categories of Event, Incident Severity, Escalation Levels, and Incident Response Life Cycle, so that the weakness, events, alerts and incidents can be appropriately managed and escalated from IT personnel, IT consultant, Chief Executive Officer to independent director and the Board.

Company Information

NameNova Lifestyle, Inc.
SIC DescriptionHousehold Furniture
TickerNVFY - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30