Cybersecurity Risk Management and Strategy Disclosure
|
12 Months Ended |
Dec. 31, 2025 |
|---|
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] |
|
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
We have developed and implemented a cybersecurity risk management program designed to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program is integrated into our broader information security policy, which is informed by industry standards such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework and Center for Internet Security (CIS) benchmarks. Our approach to cybersecurity risk management includes, but is not limited to, the following elements: | ● | Security incident management processes designed to oversee, identify and manage security events and incidents, including a cybersecurity incident response plan and a managed 24/7 security operation center, which monitors all security events from endpoints and cloud services. |
| ● | System lifecycle and management processes designed to oversee and manage systems and services used by Sagimet, including system assessments and the management of vulnerabilities. |
| ● | System protections including firewalls, endpoint protection, access controls and cloud-based security systems. |
| ● | Annual cloud system assessments designed to help identify material cybersecurity risks to our critical systems, information and our broader enterprise Information Technology (IT) environment. |
| ● | Cybersecurity awareness training for all users with access to our systems including employees, consultants and senior management, with timely relevant security topics, which include social engineering, phishing, password protection, protecting personal data and appropriate use of assets. |
|
| Cybersecurity Risk Management Processes Integrated [Flag] |
true
|
| Cybersecurity Risk Management Processes Integrated [Text Block] |
Our cybersecurity risk management program is integrated into our broader information security policy, which is informed by industry standards such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework and Center for Internet Security (CIS) benchmarks.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] |
true
|
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] |
true
|
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] |
false
|
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Our Board of Directors has delegated oversight of our cybersecurity risk management program to our audit committee, per the audit committee charter. Our audit committee has oversight over cybersecurity risks. Our management provides periodic presentations to the audit committee on our cybersecurity program, including updates on cybersecurity risks and related cybersecurity strategy, as applicable. In addition, management alerts the audit committee of any material cybersecurity incidents. The audit committee provides updates regarding our cybersecurity program to the board of directors when material
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] |
Our audit committee has oversight over cybersecurity risks.
|
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] |
The audit committee provides updates regarding our cybersecurity program to the board of directors when material
|
| Cybersecurity Risk Role of Management [Text Block] |
Our management provides periodic presentations to the audit committee on our cybersecurity program, including updates on cybersecurity risks and related cybersecurity strategy, as applicable. In addition, management alerts the audit committee of any material cybersecurity incidents
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] |
true
|
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] |
Our Senior Director of IT is responsible for the strategic leadership and direction of our cybersecurity program
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] |
The Senior Director of IT has over 16 years of experience as an information technology professional.
|
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] |
Our Board of Directors has delegated oversight of our cybersecurity risk management program to our audit committee, per the audit committee charter. Our audit committee has oversight over cybersecurity risks. Our management provides periodic presentations to the audit committee on our cybersecurity program, including updates on cybersecurity risks and related cybersecurity strategy, as applicable. In addition, management alerts the audit committee of any material cybersecurity incidents.
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] |
true
|