OLB GROUP, INC. 10-K Cybersecurity GRC - 2024-04-15

Page last updated on April 15, 2024

OLB GROUP, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-15 09:00:36 EDT.

Filings

10-K filed on 2024-04-15

OLB GROUP, INC. filed an 10-K at 2024-04-15 09:00:36 EDT
Accession Number: 0001213900-24-032767

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity We have processes for assessing, identifying, and managing material risks from cybersecurity threats. These processes are integrated into our overall risk management systems, as overseen by our Board, primarily through its Audit Committee. These processes also include overseeing and identifying risks from cybersecurity threats associated with the use of third-party service providers. We conduct risk assessments of certain third-party providers before engagement and have established monitoring procedures in an effort to assess and mitigate potential data security exposures originating from third parties. We from time to time engages third-party consultants, legal advisors, and audit firms in evaluating and testing our risk management systems and assessing and remediating certain potential cybersecurity incidents as appropriate. Governance Board of Directors The Audit Committee of our Board oversees, among other things, the adequacy and effectiveness of our internal controls, including internal controls designed to assess, identify, and manage material risks from cybersecurity threats. The Audit Committee is informed of material risks from cybersecurity threats pursuant to the escalation criteria as set forth in our disclosure controls and procedures. Further, our management team reports on cybersecurity matters, including material risks and threats, to the Audit Committee. Our management team also provides updates annually or more frequently as appropriate to the full Board. Management Under the oversight of the Audit Committee, and as directed by our Chief Executive Officer, the Company s Systems Application Manager, is primarily responsible for the assessment and management of material cybersecurity risks and the Company s annual security audits to meet the payment industry expectations. Our management team holds a regular cybersecurity and business continuity reviews to evaluate data security exposures, control effectiveness and necessary remediation actions. The Systems Application Manager is also supported by a third-party information technology consulting services provider who helps oversee our information technology systems and provides cross-functional support for cybersecurity risk management and facilitates the response to any cybersecurity incidents. Our Systems Application Manager oversees our cybersecurity incident response plan and related processes that are designed to assess and manage material risks from cybersecurity threats. Our Systems Application Manager also coordinates with our legal counsel and third parties, such as consultants and legal advisors, to assess and manage material risks from cybersecurity threats. Our management team is informed about the effectiveness of the prevention, detection, mitigation, and remediation of cybersecurity incidents pursuant to criteria set forth in our incident response plan and related processes. 43 Our Audit Committee is responsible for overseeing the establishment and effectiveness of controls and other procedures, including controls and procedures related to the public disclosure of material cybersecurity matters. Our Systems Application Manager, or a delegate, informs the Chief Executive Officer of certain cybersecurity incidents that may potentially be determined to be material pursuant to escalation criteria set forth in our incident response plan and related processes. The CEO also notifies the audit committee chair of any material cybersecurity incidents. As of the date of this Report, we are not aware of any cybersecurity incidents that have materially affected or are reasonably likely to materially affect the Company, including its business strategy, results of operations, or financial condition and that are required to be reported in this Report. For further discussion of the risks associated with cybersecurity incidents, see the cybersecurity risk factor included in the section entitled Item 1A. Risk Factors in this Report.

Company Information