Quality Industrial Corp. 10-K Cybersecurity GRC - 2025-04-28

Page last updated on April 30, 2025

Quality Industrial Corp. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-04-28 10:44:55 EDT.

Filings

10-K filed on 2025-04-28

Quality Industrial Corp. filed a 10-K at 2025-04-28 10:44:55 EDT
Accession Number: 0001641172-25-006369

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY RISK MANAGEMENT, STRATEGY, GOVERNANCE, AND INCIDENT DISCLOSURE Quality Industrial Corp recognizes that cybersecurity is integral to safeguarding our operations, intellectual property, customer data, and stakeholder trust. Our cybersecurity risk management processes are designed to proactively assess, identify, and mitigate material risks from cybersecurity threats, ensuring alignment with our overall enterprise risk management framework. Risk Assessment and Identification We conduct regular cybersecurity risk assessments to identify potential vulnerabilities across our information systems, manufacturing platforms, and third-party integrations. We prioritize risks based on their potential impact to our financial condition, operational continuity, and reputation. Risk Management Processes Our cybersecurity strategy integrates multiple layers of defense to manage identified risks : ● Preventive Controls : We deploy advanced firewalls, endpoint protection, and intrusion detection systems to secure our network infrastructure. Multi-factor authentication and encryption are enforced across critical systems and data repositories. ● Monitoring and Detection : Continuous monitoring of our IT environment is facilitated through our IT manager. ● Incident Response : We maintain an incident response plan that outlines procedures for containment, eradication, and recovery from cybersecurity incidents. ● Employee Training : All employees receive mandatory cybersecurity awareness training at onboarding, covering phishing prevention, secure data handling, and reporting suspicious activities. 21 Third-Party Risk Management Quality Industrial Corp relies on t hird-party vendors for certain operational and IT services. To mitigate risks associated with these partnerships, we implement a vendor risk management program that includes: ● Due diligence reviews of vendors’ cybersecurity policies and practices prior to engagement. ● Contractual requirements for vendors to maintain robust security controls and report incidents promptly. Material Impact of Cybersecurity Risks Cybersecurity threats have the potential to disrupt manufacturing operations, compromise sensitive data, or lead to regulatory penalties . Our proactive risk management processes are designed to minimize the likelihood and impact of such events. As described below, we did not experience cybersecurity incidents in the fiscal year ended December 31, 2024 . Cybersecurity Governance Board Oversight The Board of Directors exercises oversight of cybersecurity risks through its Audit Committee, which is responsible for reviewing and monitoring our cybersecurity strategy and risk management practices . The Audit Committee receives quarterly briefings from the Chief Operations Officer (COO) on emerging threats, incident trends, and the effectiveness of our cybersecurity program. These briefings include updates on risk assessments, third-party audits, and compliance with regulatory requirements, such as the SEC’s cybersecurity disclosure rules . The Board is informed annually on cybersecurity matters or as needed in the event of a significant incident. Management’s Role Management plays a critical role in assessing and managing material cybersecurity risks. Key responsibilities are assigned as follows: ● Chief Operations Officer (COO) : The COO, reporting to the Chief Executive Officer (CEO), leads the development and implementation of our cybersecurity strategy. With over 15 years of experience in cybersecurity the COO oversees risk assessments, incident response, and compliance with industry standards. ● Incident Responses : Led by the IT manager, who is responsible for executing the incident response plan, coordinating with external partners The COO provides updates to the CEO and escalates material issues to the Audit Committee as needed. Management’s expertise is further enhanced through ongoing professional development and participation in industry forums to stay abreast of evolving threats. Incident Disclosure Quality Industrial Corp is committed to timely and transparent disclosure of material cybersecurity incidents as required by SEC regulations. In the fiscal year ended December 31, 2024, we did not experience any cybersecurity incidents.

Company Information