Cybersecurity Risk Management, Strategy, and Governance Disclosure |
12 Months Ended |
|---|---|
Mar. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Abstract] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We are committed to safeguarding data related to our customers, partners, and employees and have adopted processes and practices to assess, identify and manage cybersecurity risks.
Risk Management and Strategy
We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program includes a cybersecurity incident response plan.
Our cybersecurity risk management program is integrated into our overall risk management process and shares common methodologies, reporting channels and governance processes that apply across the risk management process to other legal, compliance, strategic, operational, and financial risk areas.
Our cybersecurity risk management program includes a cybersecurity defense system, a surveillance program on our corporate network and connections with any third-party service providers, ongoing evaluation of our security measures by internal and external resources, a cybersecurity incident response framework that includes procedures for responding to cybersecurity incidents and regular cybersecurity awareness training sessions for our employees.
Our cybersecurity team is responsible for monitoring our applications, platforms, and infrastructure, and identifying and responding to potential security issues, including emerging cybersecurity threats. We have implemented processes for assessing, identifying, and managing material risks from cybersecurity threats and monitoring the prevention, detection, mitigation, and remediation of material cybersecurity incidents. We also engage third parties, where appropriate, to assess, test or otherwise assist with aspects of our security controls, such as for penetration test services, on-site security maintenance services and cloud-based security services.
As of the date of this Annual Report, we have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition.
Governance
Our board of directors is responsible for overseeing management’s implementation of our cybersecurity risk management program, including the effectiveness of the process and measures adopted by our company to manage risks related to cybersecurity. Our cybersecurity disclosure committee, which comprises members of our information security, finance and legal departments, is responsible for updating our senior management, as necessary, regarding any material cybersecurity incidents, as well as any incidents with lesser impact potential. Our board of directors and our audit committee also receive periodic updates on our cybersecurity risk management program from our senior management and our cybersecurity team, including on material cybersecurity incidents, incident analyses and strategic recommendations.
Our management team is responsible for assessing and managing our material risks from cybersecurity threats, while our cybersecurity team is responsible for aligning our cybersecurity risk management program with our overall security strategy, monitoring potential cybersecurity risks and developing and implementing comprehensive risk prevention, detection, mitigation and remediation measures. Our cybersecurity team is led by our chief information security officer and overseen by our group chief technology officer. Our chief information security officer has over 21 years of experience in various technology roles. Our group chief technology officer holds a Master of Science in Computer Science from the University of Louisiana, specializing in secure software development and security by design, and has over 31 years of experience in technology and cybersecurity, having served in leadership positions at a number of large multinational companies. Our group chief technology officer and chief information security officer each have extensive experience in risk assessment, secure software development and incident management. Other members of our cybersecurity team have diverse expertise in areas such as threat intelligence, incident response and secure software development.
Our cybersecurity measures include:
• Monitoring and reporting: We monitor our IT environment using advanced security tools that generate real-time alerts and detailed reports. These security tools include intrusion detection systems, security information and event management systems, and endpoint protection solutions.
• Threat intelligence and external collaboration: We leverage threat intelligence from governmental, public, and private sources, as well as insights from external consultants, to monitor emerging threats. Such information is integrated into our security processes to enhance our detection and response capabilities.
• Incident response and mitigation: Our incident response team handles security incidents through well-defined response procedures that include identification, containment, eradication, recovery and post-incident analysis. We conduct regular drills and simulations to assess our ability to adapt to various types of cyber incidents.
•
Layered defense and security initiatives: We employ a defense-in-depth strategy that includes multiple layers of security controls across our IT environment, including firewalls, antivirus software, multi-factor authentication and secure network segmentation, to mitigate against potential security threats. We also regularly update our security policies, implement ongoing training for our employees and invest in advanced security technologies. |
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Our cybersecurity risk management program is integrated into our overall risk management process and shares common methodologies, reporting channels and governance processes that apply across the risk management process to other legal, compliance, strategic, operational, and financial risk areas. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our board of directors is responsible for overseeing management’s implementation of our cybersecurity risk management program, including the effectiveness of the process and measures adopted by our company to manage risks related to cybersecurity. Our cybersecurity disclosure committee, which comprises members of our information security, finance and legal departments, is responsible for updating our senior management, as necessary, regarding any material cybersecurity incidents, as well as any incidents with lesser impact potential. Our board of directors and our audit committee also receive periodic updates on our cybersecurity risk management program from our senior management and our cybersecurity team, including on material cybersecurity incidents, incident analyses and strategic recommendations. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our cybersecurity disclosure committee, which comprises members of our information security, finance and legal departments, is responsible for updating our senior management, as necessary, regarding any material cybersecurity incidents, as well as any incidents with lesser impact potential. |
| Cybersecurity Risk Role of Management [Text Block] | Our management team is responsible for assessing and managing our material risks from cybersecurity threats, while our cybersecurity team is responsible for aligning our cybersecurity risk management program with our overall security strategy, monitoring potential cybersecurity risks and developing and implementing comprehensive risk prevention, detection, mitigation and remediation measures. Our cybersecurity team is led by our chief information security officer and overseen by our group chief technology officer. Our chief information security officer has over 21 years of experience in various technology roles. Our group chief technology officer holds a Master of Science in Computer Science from the University of Louisiana, specializing in secure software development and security by design, and has over 31 years of experience in technology and cybersecurity, having served in leadership positions at a number of large multinational companies. Our group chief technology officer and chief information security officer each have extensive experience in risk assessment, secure software development and incident management. Other members of our cybersecurity team have diverse expertise in areas such as threat intelligence, incident response and secure software development. |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our management team is responsible for assessing and managing our material risks from cybersecurity threats, while our cybersecurity team is responsible for aligning our cybersecurity risk management program with our overall security strategy, monitoring potential cybersecurity risks and developing and implementing comprehensive risk prevention, detection, mitigation and remediation measures. Our cybersecurity team is led by our chief information security officer and overseen by our group chief technology officer. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our chief information security officer has over 21 years of experience in various technology roles. Our group chief technology officer holds a Master of Science in Computer Science from the University of Louisiana, specializing in secure software development and security by design, and has over 31 years of experience in technology and cybersecurity, having served in leadership positions at a number of large multinational companies. Our group chief technology officer and chief information security officer each have extensive experience in risk assessment, secure software development and incident management. Other members of our cybersecurity team have diverse expertise in areas such as threat intelligence, incident response and secure software development. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our board of directors and our audit committee also receive periodic updates on our cybersecurity risk management program from our senior management and our cybersecurity team, including on material cybersecurity incidents, incident analyses and strategic recommendations. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |