1847 Holdings LLC 10-K Cybersecurity GRC - 2024-04-25

Page last updated on April 25, 2024

1847 Holdings LLC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-25 16:05:52 EDT.

Filings

10-K filed on 2024-04-25

1847 Holdings LLC filed an 10-K at 2024-04-25 16:05:52 EDT
Accession Number: 0001213900-24-036197

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. Risk Management and Strategy We recognize the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. We have developed the following processes as part of our strategy for assessing, identifying, and managing material risks from cybersecurity threats. Managing Material Risks & Integrated Overall Risk Management We have integrated cybersecurity risk management into our risk management processes. This integration is intended to ensure that cybersecurity considerations are part of our decision-making processes. We continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs. Engaging Third-parties on Risk Management Recognizing the complexity and evolving nature of cybersecurity threats, we plan to engage external experts, including consultants and auditors, in evaluating and testing our risk management systems. These services will enable us to leverage specialized knowledge and insights, ensuring our cybersecurity strategies and processes remain at the forefront of industry best practices. Our collaboration with these third-parties is expected to include annual audits, ongoing threat assessments, and regular consultations on security enhancements. Overseeing Third-Party Risk Because we are aware of the risks associated with third-party service providers, we implement processes to oversee and manage these risks. We conduct thorough security assessments of all third-party providers before engagement and maintain ongoing monitoring to ensure compliance with our cybersecurity standards. This approach is designed to mitigate risks related to data breaches or other security incidents originating from third parties. Risks from Cybersecurity Threats We have not encountered cybersecurity challenges that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition. Governance Board of Directors Oversight Our board of directors oversees the management of risks associated with cybersecurity threats. Management s Role Managing Risk Management is primarily responsible for assessing, monitoring and managing our cybersecurity risks. Management must ensure that all industry standard cybersecurity measures are functioning as required to prevent or detect cybersecurity threats and related risks. Management oversees and tests our compliance with standards, remediates known risks, and leads our employee training program. Monitoring Cybersecurity Incidents Management is continually informed about the latest developments in cybersecurity, including potential threats and innovative risk management techniques. Management implements and oversees processes for the regular monitoring of our information systems. This includes the deployment of industry-standard security measures and regular system audits to identify potential vulnerabilities. In the event of a cybersecurity incident, management will implement an incident response plan. This plan includes immediate actions to mitigate the impact and long-term strategies for remediation and prevention of future incidents. 82 Reporting to Board of Directors Significant cybersecurity matters, and strategic risk management decisions, will be escalated to the board of directors.

Company Information