FRANKLIN WIRELESS CORP 10-K Cybersecurity GRC - 2025-09-29

Page last updated on September 29, 2025

FRANKLIN WIRELESS CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-09-29 09:31:12 EDT.

Filings

10-K filed on 2025-09-29

FRANKLIN WIRELESS CORP filed a 10-K at 2025-09-29 09:31:12 EDT
Accession Number: 0001683168-25-007288

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. Risk Management and Strategy Cybersecurity risk management is an integral part of our overall enterprise risk management program. The Company manages cybersecurity and data protection through a continuously evolving program. Our cybersecurity risk management program is designed to provide a framework for assessing, identifying and managing cybersecurity threats and incidents, including threats and incidents associated with the use of services provided by third-party service providers, and to facilitate coordination across different departments of our Company. Our processes include steps for assessing the severity of a cybersecurity threat, identifying the source of a cybersecurity threat, including whether the cybersecurity threat is associated with a third-party service provider, and implementing cybersecurity countermeasures and mitigation strategies and informing management and the board of directors of material cybersecurity threats and incidents. Governance The Board of Directors has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage and mitigate those risks. The Audit Committee of the Board of Directors (the “Audit Committee”) has been designated to oversee cybersecurity risks. The Audit Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our management. The Board of Directors also receives periodic updates from management and the Audit Committee on cybersecurity risks. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes designed to ensure that such potential cybersecurity risk exposures are monitored, putting in place mitigation measures and maintaining cybersecurity programs. Our cybersecurity programs are under the direction of our Chief Executive Officer . Management regularly updates the Audit Committee on our cybersecurity programs, which includes cybersecurity risks and mitigation strategies, vulnerability management, and on-going cybersecurity projects. While none of our directors has formal professional certifications in cybersecurity, several members of the Board have experience overseeing information technology and enterprise risk management in prior executive or board roles. The Board receives periodic updates on cybersecurity matters as part of its overall risk oversight responsibilities. Day-to-day responsibility for identifying and managing cybersecurity risks rests with our Director of IT Security & Future Solutions and his information security team. The team is responsible for monitoring our networks, systems, and data, implementing technical safeguards , conducting employee training, and coordinating incident response procedures. Management provides regular reports to the Audit Committee, generally on an annual basis, or more frequently as needed covering: · the Company’s cybersecurity strategy and policies, · results of system monitoring and testing, · recent threat environment developments, and · any cybersecurity incidents and responses. 11 In addition, in the event of a significant cybersecurity incident, the Chief Operating Officer will promptly inform the Chief Executive Officer and General Counsel, who in turn will notify the Chair of the Audit Committee and the Board as appropriate. Management regularly updates the Audit Committee on our cybersecurity programs, which includes cybersecurity risks and mitigation strategies, vulnerability management, and on-going cybersecurity projects. We ordinarily do not engage assessors, consultants, auditors or other third parties in connection with such oversight. As of June 30, 2025, we did not identify any cybersecurity incidents that materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats or provide assurances that we have not experienced an undetected cybersecurity incident. It is possible that we may not implement appropriate controls if we do not detect a particular risk. In addition, security controls, no matter how well designed or implemented, may only mitigate and not fully eliminate the risks. Even when a risk is detected, disruptive events may not always be immediately and thoroughly interpreted and acted upon.

Company Information