Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Jun. 30, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We have processes to identify, assess, monitor, and manage material risks related to information technology, including, but not limited to: cybersecurity threats, vulnerability management, incident management, data protection and retention, recoverability, and fraud prevention. Our Enterprise Risk Management process evaluates and mitigates cybersecurity risks in alignment with our business objectives and operational needs. We periodically engage third-party security firms and consultants to oversee and identify cybersecurity risks; the results of these assessments are reported to our Audit Committee. Our service providers, and third-party hardware or software applications on our networks, may pose cybersecurity risks. As a result, we assess these parties for cybersecurity risks using information supplied by our counterparty and/or third parties. Internal or external audits are conducted based upon the level of risk presented. Our processes also address cybersecurity threat risks associated with our use of third-party service providers, including those in our supply chain or who have access to our customer and employee data or our systems. Third-party risks are included within our enterprise risk management assessment program, as well as our cybersecurity-specific risk identification program. In addition, cybersecurity considerations affect the selection and oversight of our third-party service providers. We perform diligence on third parties that have access to our systems, data or facilities that house such systems or data, and monitor cybersecurity threat risks identified through such diligence. Additionally, we generally require those third parties that could introduce significant cybersecurity risk to us to agree by contract to manage their cybersecurity risks in specified ways. As part of the cybersecurity program, our information systems are monitored by automated tools and the Information Technology team. We have adopted an Incident Response Policy, which outlines the procedures we believe are necessary to identify, investigate, contain, communicate, respond, remediate and recover from a security incident. This Incident Response Policy is overseen by our Vice President of Infrastructure and Security (“VP Infrastructure”) along with the Incident Response team, which may consist of members from legal, human resources, finance or other functions, if necessary. The Incident Response Policy provides organizational and operational structure, processes, and procedures to our personnel so employees can respond to incidents that may affect the function and security of our IT assets, information resources, and business operations. We conduct periodic information security awareness training for employees and provide related educational materials. While we have been subject to cyber incidents, the expenses (including penalties and legal settlements, of which there were none) related to such incidents were immaterial. The risks related thereto have not been and are not reasonably likely to be material to our business strategy, results of operations or financial condition. Any significant disruption to our ability to transact business could adversely affect our business performance as well as our reputation. We describe whether and how risks from cybersecurity threats are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition, in Item 1A Risk Factors – “Risks Related to Cybersecurity and Information Technology,” which is incorporated by reference herein.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Our Enterprise Risk Management process evaluates and mitigates cybersecurity risks in alignment with our business objectives and operational needs. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our Audit Committee of the Board of Directors is responsible for oversight of risks from cybersecurity threats. Our Audit Committee receives quarterly reports from our Enterprise Risk Management Committee (“ERM Committee”), as well as directly from our Chief Information Officer (“CIO”) or VP Infrastructure, periodically, as appropriate. These reports cover various cybersecurity matters, including risk assessments, risk prevention and mitigation activities, and incident reports along with remediating actions, areas of emerging risks, industry trends, and other areas of importance. Furthermore, our Audit Committee oversees our annual enterprise risk assessment. This assessment encompasses key risks associated with security, technology, and cybersecurity threats in the same manner as other key risks.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Audit Committee of the Board of Directors is responsible for oversight of risks from cybersecurity threats. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Audit Committee receives quarterly reports from our Enterprise Risk Management Committee (“ERM Committee”), as well as directly from our Chief Information Officer (“CIO”) or VP Infrastructure, periodically, as appropriate. These reports cover various cybersecurity matters, including risk assessments, risk prevention and mitigation activities, and incident reports along with remediating actions, areas of emerging risks, industry trends, and other areas of importance. Furthermore, our Audit Committee oversees our annual enterprise risk assessment. This assessment encompasses key risks associated with security, technology, and cybersecurity threats in the same manner as other key risks. |
| Cybersecurity Risk Role of Management [Text Block] | Our cybersecurity risk management processes are led by our CIO and our VP Infrastructure. Our CIO has served our company in that capacity since 2018 and held CIO or other IT and cybersecurity leadership roles at other companies for more than 10 years prior to that. He has a master’s degree in computer systems from the Naval Postgraduate School. Our VP Infrastructure, who is responsible for our information technology infrastructure and our information security strategy and operations, has more than 30 years of experience in information technology, serving in senior IT leadership roles with responsibility for cybersecurity at our company since 2007. His IT expertise was established prior to that through education and work experience in a variety of technical positions in the consumer goods, health care, and aerospace industries. They are supported by a team of skilled information security professionals within our Information Technology function. This team provides periodic updates to our ERM Committee, composed of our Chief Executive Officer, Chief Financial Officer, General Counsel, and other members of our senior leadership.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our cybersecurity risk management processes are led by our CIO and our VP Infrastructure. Our CIO has served our company in that capacity since 2018 and held CIO or other IT and cybersecurity leadership roles at other companies for more than 10 years prior to that. He has a master’s degree in computer systems from the Naval Postgraduate School. Our VP Infrastructure, who is responsible for our information technology infrastructure and our information security strategy and operations, has more than 30 years of experience in information technology, serving in senior IT leadership roles with responsibility for cybersecurity at our company since 2007. His IT expertise was established prior to that through education and work experience in a variety of technical positions in the consumer goods, health care, and aerospace industries. They are supported by a team of skilled information security professionals within our Information Technology function. This team provides periodic updates to our ERM Committee, composed of our Chief Executive Officer, Chief Financial Officer, General Counsel, and other members of our senior leadership.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our CIO has served our company in that capacity since 2018 and held CIO or other IT and cybersecurity leadership roles at other companies for more than 10 years prior to that. He has a master’s degree in computer systems from the Naval Postgraduate School. Our VP Infrastructure, who is responsible for our information technology infrastructure and our information security strategy and operations, has more than 30 years of experience in information technology, serving in senior IT leadership roles with responsibility for cybersecurity at our company since 2007. His IT expertise was established prior to that through education and work experience in a variety of technical positions in the consumer goods, health care, and aerospace industries. They are supported by a team of skilled information security professionals within our Information Technology function. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | This team provides periodic updates to our ERM Committee, composed of our Chief Executive Officer, Chief Financial Officer, General Counsel, and other members of our senior leadership. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |