Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended | |
|---|---|---|
Jan. 31, 2026 |
Jan. 31, 2024 |
|
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | ||
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We manage cybersecurity risk through programs implemented across our subsidiaries and corporate headquarters. The programs are designed to identify and address entity-specific risks related to our digital and physical assets and to protect our infrastructure, systems, data, customers, business partners and financial information from cybersecurity incidents. Corporate management provides oversight of the cybersecurity risk management programs across the organization. Our cybersecurity programs are administered by information security, information technology and compliance professionals and managed by senior management at each subsidiary. The programs are integrated into our enterprise risk management process and are designed to align with recognized frameworks and industry standards, as applicable, and to comply with applicable legal and regulatory requirements. The audit committee of our board of directors oversees management’s cybersecurity programs and the reporting of cybersecurity incidents. |
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true | |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Our cybersecurity programs are administered by information security, information technology and compliance professionals and managed by senior management at each subsidiary. The programs are integrated into our enterprise risk management process and are designed to align with recognized frameworks and industry standards, as applicable, and to comply with applicable legal and regulatory requirements. The audit committee of our board of directors oversees management’s cybersecurity programs and the reporting of cybersecurity incidents. |
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true | |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true | |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | true | |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] | As previously disclosed, we were targeted by a complex criminal scheme early in Fiscal 2024 that resulted in fraudulently-induced outbound wire transfers to a third-party account (see Note 17 to the accompanying consolidated financial statements). We promptly discovered the fraudulent activity and contacted the remitting and receiving banks, dispute resolution experts, and federal and local law enforcement authorities. We also informed the audit committee and provided regular updates during investigation and recovery efforts. As a result of the fraud loss, net of funds recovered, and professional fees incurred related to an independent forensic investigation and recovery efforts, we recognized $2.7 million of loss in Fiscal 2024. We are unaware of any other significant security breaches at any of our business locations. | |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | While our management team is tasked with the day-to-day handling of risks facing our organization, our audit committee, as delegated by the board of directors and documented in its charter, oversees cybersecurity risk and governance. Management provides the audit committee periodic updates regarding information security matters, including cybersecurity initiatives, vulnerability and risk assessments, third-party evaluations, and emerging threats. The audit committee also consults with internal audit and external specialists as needed. Our audit committee or the board of directors ensures that cybersecurity is seamlessly integrated into our strategic planning, aligning with our broader organizational goals. |
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | audit committee | |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | While our management team is tasked with the day-to-day handling of risks facing our organization, our audit committee, as delegated by the board of directors and documented in its charter, oversees cybersecurity risk and governance. Management provides the audit committee periodic updates regarding information security matters, including cybersecurity initiatives, vulnerability and risk assessments, third-party evaluations, and emerging threats. The audit committee also consults with internal audit and external specialists as needed. Our audit committee or the board of directors ensures that cybersecurity is seamlessly integrated into our strategic planning, aligning with our broader organizational goals. |
|
| Cybersecurity Risk Role of Management [Text Block] | Governance and Oversight While our management team is tasked with the day-to-day handling of risks facing our organization, our audit committee, as delegated by the board of directors and documented in its charter, oversees cybersecurity risk and governance. Management provides the audit committee periodic updates regarding information security matters, including cybersecurity initiatives, vulnerability and risk assessments, third-party evaluations, and emerging threats. The audit committee also consults with internal audit and external specialists as needed. Our audit committee or the board of directors ensures that cybersecurity is seamlessly integrated into our strategic planning, aligning with our broader organizational goals. Additionally, we have established a cross-organizational IT steering committee, comprising senior and executive leadership, enterprise risk management representatives, and IT management. To build a comprehensive cybersecurity strategy across the organization, this committee convenes as needed to discuss ongoing cybersecurity initiatives, emerging regulatory requirements and industry standards, and results of risk assessments. Cybersecurity incidents, if any, are regularly reported to cross-functional teams at each subsidiary through the dedicated means we have in place, and events deemed critical are reported to the chief executive officer and chief financial officer. Moreover, the audit committee and the board of directors are promptly informed of any significant cybersecurity incident, along with continuous updates until resolution. |
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true | |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | cross-organizational IT steering committee | |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Cybersecurity incidents, if any, are regularly reported to cross-functional teams at each subsidiary through the dedicated means we have in place, and events deemed critical are reported to the chief executive officer and chief financial officer. Moreover, the audit committee and the board of directors are promptly informed of any significant cybersecurity incident, along with continuous updates until resolution. | |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true | |