Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Jan. 31, 2026 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We recognize the importance of assessing, identifying, and managing risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K, and have implemented processes for our systems taking guidance from recognized cybersecurity frameworks, such as U.S. National Institute of Standards and Technology (“NIST”) Cyber Security Framework (“CSF”) in an effort to mitigate risks. As part of these proactive measures, we maintain a Cybersecurity Incident Response and Escalation Process with defined roles, responsibilities, and reporting protocols that is periodically reviewed, tested, and updated. The Company has an Executive Cyber Response and Disclosure Committee (consisting of senior executives from the business, finance, operations and legal functions), which is responsible for determining what actions are necessary to respond to cybersecurity events, with input from the Chief Security Officer (“CSO”) and other subject matter experts directly participating in incident response efforts. Furthermore, we conduct an annual full board briefing on cybersecurity, ensuring that our Board of Directors is regularly informed of the evolving landscape of cybersecurity risks and mitigation strategies. Identifying and assessing cybersecurity risk is integrated into our overall risk management systems and processes. Additionally, on a quarterly basis, our Audit Committee receives reports from the Chief Information Officer, CSO, and other members of management. As part of its annual assessment, the Audit Committee evaluates significant risks related to our business including cybersecurity risks, and provides such information to our Board of Directors. Our Internal Audit team also reviews our cybersecurity governance and controls periodically. Our cybersecurity risk management program encompasses periodic risk assessments, designed to help identify cybersecurity risks to our critical systems, information, services, and our broader enterprise IT environment. More specifically, an independent third-party performs a regular penetration test of our IT infrastructure. In addition to our penetration testing, an independent third-party security firm is engaged to perform additional security controls testing and provide an independent report to our executive team. This external assessment provides us and our Audit Committee with a comprehensive evaluation of our security posture. Our information security team plays a pivotal role in managing our cybersecurity risk. They oversee security controls and orchestrate our response to incidents—whether they originate internally or from our vendors, suppliers or other third parties that we conduct business with. As part of our vendor selection process, we evaluate cybersecurity risks in appropriate situations. Furthermore, we conduct tabletop exercises periodically. These simulations allow us to test our response strategies across various business functions, increasing preparedness for real-world incidents. When risks are identified through our processes, we analyze their potential impact on the Company and assess the likelihood of occurrence. Our monitoring efforts help us to timely mitigate and remediate risks and incidents. As part of our commitment to security awareness, information security training is mandatory for every employee and contractor. This ongoing compliance program reinforces best practices and helps to foster a security-conscious culture. To safeguard our systems, we regularly install and update anti-malware and endpoint detection and response software across IT-managed systems and workstations. These measures help detect and prevent malicious code from compromising our infrastructure. We operate an internal Security Operations Center (SOC) responsible for continuous threat monitoring, detection, and response. To augment our capabilities, we engage select third-party providers to enhance our cybersecurity risk management and strategy. These partners provide specialized expertise, including advanced threat intelligence, security assessments, and forensic support as needed.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We recognize the importance of assessing, identifying, and managing risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K, and have implemented processes for our systems taking guidance from recognized cybersecurity frameworks, such as U.S. National Institute of Standards and Technology (“NIST”) Cyber Security Framework (“CSF”) in an effort to mitigate risks. As part of these proactive measures, we maintain a Cybersecurity Incident Response and Escalation Process with defined roles, responsibilities, and reporting protocols that is periodically reviewed, tested, and updated. The Company has an Executive Cyber Response and Disclosure Committee (consisting of senior executives from the business, finance, operations and legal functions), which is responsible for determining what actions are necessary to respond to cybersecurity events, with input from the Chief Security Officer (“CSO”) and other subject matter experts directly participating in incident response efforts. Furthermore, we conduct an annual full board briefing on cybersecurity, ensuring that our Board of Directors is regularly informed of the evolving landscape of cybersecurity risks and mitigation strategies. Identifying and assessing cybersecurity risk is integrated into our overall risk management systems and processes.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our Board of Directors considers cybersecurity and other information technology risk as part of its risk oversight function. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Board of Directors receives an annual briefing, and the Audit Committee receives quarterly reports from our CSO on our cybersecurity risks and risk management program. Our cybersecurity team, led by our CSO, who reports directly to our Executive Vice President and Chief Operations Officer, is responsible for assessing and managing risks from cybersecurity threats. The CSO and his team have primary responsibility for our overall cybersecurity risk management program and supervise both our internal cybersecurity personnel and any retained external cybersecurity experts. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The CSO reports cybersecurity threats and incidents to the Audit Committee. These reports may be included in, or in addition to, his regular quarterly reports to the Audit Committee. In addition, pursuant to our internal procedures, in the event of a significant cybersecurity incident, members of senior management will report such threats and incidents in a timely manner directly to the Audit Committee and, when appropriate, to the full Board of Directors.
|
| Cybersecurity Risk Role of Management [Text Block] | The Board of Directors receives an annual briefing, and the Audit Committee receives quarterly reports from our CSO on our cybersecurity risks and risk management program. Our cybersecurity team, led by our CSO, who reports directly to our Executive Vice President and Chief Operations Officer, is responsible for assessing and managing risks from cybersecurity threats. The CSO and his team have primary responsibility for our overall cybersecurity risk management program and supervise both our internal cybersecurity personnel and any retained external cybersecurity experts. Our CSO has over 20 years of security experience managing global security organizations including architecture, operations, strategy, applications, infrastructure, support and execution. The information security team collectively have decades of relevant experience in the industry and many hold various cybersecurity certifications such as a Certified Information Systems Security Professional or Certified Information Security Manager. Further, we invest in regular, ongoing cybersecurity training for our team. The CSO reports cybersecurity threats and incidents to the Audit Committee. These reports may be included in, or in addition to, his regular quarterly reports to the Audit Committee. In addition, pursuant to our internal procedures, in the event of a significant cybersecurity incident, members of senior management will report such threats and incidents in a timely manner directly to the Audit Committee and, when appropriate, to the full Board of Directors.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our Board of Directors considers cybersecurity and other information technology risk as part of its risk oversight function. The Board of Directors receives an annual briefing, and the Audit Committee receives quarterly reports from our CSO on our cybersecurity risks and risk management program. Our cybersecurity team, led by our CSO, who reports directly to our Executive Vice President and Chief Operations Officer, is responsible for assessing and managing risks from cybersecurity threats. The CSO and his team have primary responsibility for our overall cybersecurity risk management program and supervise both our internal cybersecurity personnel and any retained external cybersecurity experts. Our CSO has over 20 years of security experience managing global security organizations including architecture, operations, strategy, applications, infrastructure, support and execution. The information security team collectively have decades of relevant experience in the industry and many hold various cybersecurity certifications such as a Certified Information Systems Security Professional or Certified Information Security Manager. Further, we invest in regular, ongoing cybersecurity training for our team. The CSO reports cybersecurity threats and incidents to the Audit Committee. These reports may be included in, or in addition to, his regular quarterly reports to the Audit Committee. In addition, pursuant to our internal procedures, in the event of a significant cybersecurity incident, members of senior management will report such threats and incidents in a timely manner directly to the Audit Committee and, when appropriate, to the full Board of Directors.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our CSO has over 20 years of security experience managing global security organizations including architecture, operations, strategy, applications, infrastructure, support and execution. The information security team collectively have decades of relevant experience in the industry and many hold various cybersecurity certifications such as a Certified Information Systems Security Professional or Certified Information Security Manager. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The Board of Directors receives an annual briefing, and the Audit Committee receives quarterly reports from our CSO on our cybersecurity risks and risk management program. Our cybersecurity team, led by our CSO, who reports directly to our Executive Vice President and Chief Operations Officer, is responsible for assessing and managing risks from cybersecurity threats. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |