We have strategically integrated cybersecurity risk management into our broader risk management framework to promote a company-wide culture of cybersecurity risk management. This integration ensures that cybersecurity considerations are an integral part of our decision-making processes at every level. Our management team works closely with our IT department to continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs.

We have processes in place to assess, identify, manage, and address material cybersecurity threats and incidents. These include, among other things: annual and ongoing security awareness training for employees; mechanisms to detect and monitor unusual network activity; and containment and incident response tools. We regularly assess risks from cybersecurity and technology threats and monitor our information systems for potential vulnerabilities. We monitor issues that are internally discovered or externally reported that may affect our systems, and have processes to assess those issues for potential cybersecurity impact or risk.

We conduct periodic assessments and testing of our policies, standards, processes, and practices in a manner intended to address cybersecurity threats and events. The results of such assessments, audits, and reviews are evaluated by management, and we adjust our cybersecurity policies, standards, processes, and practices as necessary based on the information provided by these assessments, audits, and reviews.

We are establishing incident response, business continuity, and disaster recovery plans designed to more formally address our response to a cybersecurity incident.

We have strategically integrated cybersecurity risk management into our broader risk management framework to promote a company-wide culture of cybersecurity risk management. This integration ensures that cybersecurity considerations are an integral part of our decision-making processes at every level. Our management team works closely with our IT department to continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs.

We have processes in place to assess, identify, manage, and address material cybersecurity threats and incidents. These include, among other things: annual and ongoing security awareness training for employees; mechanisms to detect and monitor unusual network activity; and containment and incident response tools. We regularly assess risks from cybersecurity and technology threats and monitor our information systems for potential vulnerabilities. We monitor issues that are internally discovered or externally reported that may affect our systems, and have processes to assess those issues for potential cybersecurity impact or risk.

We conduct periodic assessments and testing of our policies, standards, processes, and practices in a manner intended to address cybersecurity threats and events. The results of such assessments, audits, and reviews are evaluated by management, and we adjust our cybersecurity policies, standards, processes, and practices as necessary based on the information provided by these assessments, audits, and reviews.

We are establishing incident response, business continuity, and disaster recovery plans designed to more formally address our response to a cybersecurity incident.

Our board of directors is responsible for overseeing our risk management program and cybersecurity is an element of this program. Our cybersecurity risk assessment and management efforts are led by our Director of Information Technology, who is responsible for implementing and overseeing processes for the monitoring of our information systems. This includes responsibility for the deployment of cybersecurity measures and system audits to identify potential cybersecurity vulnerabilities. Our Director of Information Technology reports directly to our COO.