Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Mar. 31, 2026
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Cybersecurity Risk Management and Strategy Roivant’s corporate information security organization, led by our Chief Information Officer (“CIO”), is responsible for the overall information security strategy, policy, security engineering, operations and cybersecurity threat and incident detection and response centrally at Roivant and the majority of our Vants. Certain of our Vants, including Immunovant and our healthcare technology Vants, have established and maintain separate cybersecurity functions which are similarly designed to protect their information and assets from cybersecurity threats or incidents. Roivant and the Vants’ information security organization manages a robust enterprise security structure with the goal of preventing and mitigating any cybersecurity incidents, while simultaneously working to continually increase information technology system resilience designed to minimize any business impact should a cybersecurity incident occur. Central to Roivant’s information security organization is our Cybersecurity Incident Response Team, which is responsible for the protection, detection and response capabilities used to protect our data and enterprise computing networks. The Cybersecurity Incident Response Team comprises members of our IT Security Operations function and is supported by third-party security partners providing managed detection, response and forensic capabilities. A Cybersecurity Steering Committee provides cross-functional leadership input and alignment for the cybersecurity program, ensuring security initiatives reflect organizational risk tolerance and business priorities and is responsible for escalating cybersecurity threats and incidents based on a defined severity framework. Threats and incidents assessed as having a moderate or higher potential business impact are escalated to senior management and reported to the Audit Committee of the board of directors. Roivant and the Vants implement multiple levels of cybersecurity measures, including standard malware detection and prevention software, email security programs, vulnerability detection and remediation software, security patching management, security event logging and reviews and special isolation and access controls for data repositories that may contain sensitive information, including protected health information. Roivant and the Vants’ cybersecurity programs are informed by recognized industry frameworks, including the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), and are designed to identify, protect against, detect, respond to and recover from cybersecurity threats. Our programs include periodic risk assessments and security testing supported by cybersecurity technologies, including third-party security solutions and vulnerability management and monitoring tools, designed to monitor, identify and manage risks from cybersecurity threats and incidents. Where applicable, our healthcare technology Vants maintain additional controls deisgned to align with HIPAA security requirements and other healthcare-specific regulatory obligations. In addition, we have implemented employee security and awareness training related to cybersecurity threats and incidents. Roivant and the Vants undergo periodic internal compliance audits and external reviews to evaluate our controls, including cybersecurity controls. Additionally, a majority of our information technology systems are built on services provided by third parties. We operate a vendor risk management program under which third-party suppliers with access to our systems or data are assessed based on the sensitivity of the data or systems they access and the nature of their services. This tiered approach includes security assessments of vendor infrastructure, review of relevant certifications (such as SOC 2 Type II reports), and targeted questionnaires addressing specific risk areas, including the use and security of AI products. Vendors are subject to reassessment upon material changes to their services or upon identification of new risk factors. Findings from these assessments are reviewed by our information security organization and escalated as appropriate. Our control over and ability to monitor the security posture of third parties with whom we do business remains limited and there can be no assurance that we can prevent, mitigate or remediate the risk of any compromise or failure in the security infrastructure owned or controlled by such third parties. Additionally, any contractual protections with such third parties, including our right to indemnification, if any at all, may be limited or insufficient to prevent a negative impact on our business from any such compromise or failure. During the fiscal year we did not experience any cybersecurity incidents that were determined to be material to our business, results of operations or financial condition. No previously reported cybersecurity incidents continue to have a material impact on the Company.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Roivant and the Vants’ information security organization manages a robust enterprise security structure with the goal of preventing and mitigating any cybersecurity incidents, while simultaneously working to continually increase information technology system resilience designed to minimize any business impact should a cybersecurity incident occur. Central to Roivant’s information security organization is our Cybersecurity Incident Response Team, which is responsible for the protection, detection and response capabilities used to protect our data and enterprise computing networks. The Cybersecurity Incident Response Team comprises members of our IT Security Operations function and is supported by third-party security partners providing managed detection, response and forensic capabilities. A Cybersecurity Steering Committee provides cross-functional leadership input and alignment for the cybersecurity program, ensuring security initiatives reflect organizational risk tolerance and business priorities and is responsible for escalating cybersecurity threats and incidents based on a defined severity framework. Threats and incidents assessed as having a moderate or higher potential business impact are escalated to senior management and reported to the Audit Committee of the board of directors.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance Related to Cybersecurity Risks Roivant’s board of directors oversees our overall risk management strategy, including with respect to cybersecurity risks. Cybersecurity risk management policies and procedures are integrated into our overall risk management strategy, which is overseen by the audit committee of the board of directors (“Audit Committee”). At least annually, the Audit Committee receives a comprehensive briefing from our CIO covering our information security posture, key risk indicators, results of internal and external audits, and the status of ongoing cybersecurity initiatives. In addition, management provides updates to the Audit Committee on an as-needed basis when significant cybersecurity developments arise between scheduled reviews. The board of directors as a whole is informed of material cybersecurity matters through regular reporting from the Audit Committee. At the management level, our CIO is primarily responsible for leading our cybersecurity strategy centrally at Roivant and the majority of our Vants. Our CIO has over 20 years of experience in information technology across biotechnology and other industries, holds a Bachelor of Science in Management Information Systems and an MBA in International Business. We also maintain a Security Operations team of experienced senior-level engineers who design, implement and operate our information technology ecosystem, helping to implement cybersecurity best practices throughout our infrastructure and governance processes. Members of this SecOps team have relevant security certifications including Certified Information Security Manager (“CISM”). At Immunovant and the healthcare technology Vants that have established and maintain separate cybersecurity functions, governance is similarly overseen in the first instance by the boards of directors of those Vants as part of their overall risk management strategy, with ultimate oversight on a company-wide basis by the Roivant board of directors.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Roivant’s board of directors oversees our overall risk management strategy, including with respect to cybersecurity risks. Cybersecurity risk management policies and procedures are integrated into our overall risk management strategy, which is overseen by the audit committee of the board of directors (“Audit Committee”).
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	At least annually, the Audit Committee receives a comprehensive briefing from our CIO covering our information security posture, key risk indicators, results of internal and external audits, and the status of ongoing cybersecurity initiatives. In addition, management provides updates to the Audit Committee on an as-needed basis when significant cybersecurity developments arise between scheduled reviews. The board of directors as a whole is informed of material cybersecurity matters through regular reporting from the Audit Committee.
Cybersecurity Risk Role of Management [Text Block]	At the management level, our CIO is primarily responsible for leading our cybersecurity strategy centrally at Roivant and the majority of our Vants. Our CIO has over 20 years of experience in information technology across biotechnology and other industries, holds a Bachelor of Science in Management Information Systems and an MBA in International Business. We also maintain a Security Operations team of experienced senior-level engineers who design, implement and operate our information technology ecosystem, helping to implement cybersecurity best practices throughout our infrastructure and governance processes. Members of this SecOps team have relevant security certifications including Certified Information Security Manager (“CISM
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	At the management level, our CIO is primarily responsible for leading our cybersecurity strategy centrally at Roivant and the majority of our Vants.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Threats and incidents assessed as having a moderate or higher potential business impact are escalated to senior management and reported to the Audit Committee of the board of directors.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Mar. 31, 2026

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

Roivant’s corporate information security organization, led by our Chief Information Officer (“CIO”), is responsible for the overall information security strategy, policy, security engineering, operations and cybersecurity threat and incident detection and response centrally at Roivant and the majority of our Vants. Certain of our Vants, including Immunovant and our healthcare technology Vants, have established and maintain separate cybersecurity functions which are similarly designed to protect their information and assets from cybersecurity threats or incidents.

Roivant and the Vants’ information security organization manages a robust enterprise security structure with the goal of preventing and mitigating any cybersecurity incidents, while simultaneously working to continually increase information technology system resilience designed to minimize any business impact should a cybersecurity incident occur. Central to Roivant’s information security organization is our Cybersecurity Incident Response Team, which is responsible for the protection, detection and response capabilities used to protect our data and enterprise computing networks. The Cybersecurity Incident Response Team comprises members of our IT Security Operations function and is supported by third-party security partners providing managed detection, response and forensic capabilities. A Cybersecurity Steering Committee provides cross-functional leadership input and alignment for the cybersecurity program, ensuring security initiatives reflect organizational risk tolerance and business priorities and is responsible for escalating cybersecurity threats and incidents based on a defined severity framework. Threats and incidents assessed as having a moderate or higher potential business impact are escalated to senior management and reported to the Audit Committee of the board of directors.

Roivant and the Vants implement multiple levels of cybersecurity measures, including standard malware detection and prevention software, email security programs, vulnerability detection and remediation software, security patching management, security event logging and reviews and special isolation and access controls for data repositories that may contain sensitive information, including protected health information.

Roivant and the Vants’ cybersecurity programs are informed by recognized industry frameworks, including the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), and are designed to identify, protect against, detect, respond to and recover from cybersecurity threats. Our programs include periodic risk assessments and security testing supported by cybersecurity technologies, including third-party security solutions and vulnerability management and monitoring tools, designed to monitor, identify and manage risks from cybersecurity threats and incidents. Where applicable, our healthcare technology Vants maintain additional controls deisgned to align with HIPAA

security requirements and other healthcare-specific regulatory obligations. In addition, we have implemented employee security and awareness training related to cybersecurity threats and incidents.

Roivant and the Vants undergo periodic internal compliance audits and external reviews to evaluate our controls, including cybersecurity controls. Additionally, a majority of our information technology systems are built on services provided by third parties. We operate a vendor risk management program under which third-party suppliers with access to our systems or data are assessed based on the sensitivity of the data or systems they access and the nature of their services. This tiered approach includes security assessments of vendor infrastructure, review of relevant certifications (such as SOC 2 Type II reports), and targeted questionnaires addressing specific risk areas, including the use and security of AI products. Vendors are subject to reassessment upon material changes to their services or upon identification of new risk factors. Findings from these assessments are reviewed by our information security organization and escalated as appropriate. Our control over and ability to monitor the security posture of third parties with whom we do business remains limited and there can be no assurance that we can prevent, mitigate or remediate the risk of any compromise or failure in the security infrastructure owned or controlled by such third parties. Additionally, any contractual protections with such third parties, including our right to indemnification, if any at all, may be limited or insufficient to prevent a negative impact on our business from any such compromise or failure.

During the fiscal year we did not experience any cybersecurity incidents that were determined to be material to our business, results of operations or financial condition. No previously reported cybersecurity incidents continue to have a material impact on the Company.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance Related to Cybersecurity Risks

Roivant’s board of directors oversees our overall risk management strategy, including with respect to cybersecurity risks. Cybersecurity risk management policies and procedures are integrated into our overall risk management strategy, which is overseen by the audit committee of the board of directors (“Audit Committee”). At least annually, the Audit Committee receives a comprehensive briefing from our CIO covering our information security posture, key risk indicators, results of internal and external audits, and the status of ongoing cybersecurity initiatives. In addition, management provides updates to the Audit Committee on an as-needed basis when significant cybersecurity developments arise between scheduled reviews. The board of directors as a whole is informed of material cybersecurity matters through regular reporting from the Audit Committee.

At the management level, our CIO is primarily responsible for leading our cybersecurity strategy centrally at Roivant and the majority of our Vants. Our CIO has over 20 years of experience in information technology across biotechnology and other industries, holds a Bachelor of Science in Management Information Systems and an MBA in International Business. We also maintain a Security Operations team of experienced senior-level engineers who design, implement and operate our information technology ecosystem, helping to implement cybersecurity best practices throughout our infrastructure and governance processes. Members of this SecOps team have relevant security certifications including Certified Information Security Manager (“CISM”).

At Immunovant and the healthcare technology Vants that have established and maintain separate cybersecurity functions, governance is similarly overseen in the first instance by the boards of directors of those Vants as part of their overall risk management strategy, with ultimate oversight on a company-wide basis by the Roivant board of directors.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

At least annually, the Audit Committee receives a comprehensive briefing from our CIO covering our information security posture, key risk indicators, results of internal and external audits, and the status of ongoing cybersecurity initiatives. In addition, management provides updates to the Audit Committee on an as-needed basis when significant cybersecurity developments arise between scheduled reviews. The board of directors as a whole is informed of material cybersecurity matters through regular reporting from the Audit Committee.

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

At the management level, our CIO is primarily responsible for leading our cybersecurity strategy centrally at Roivant and the majority of our Vants.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Threats and incidents assessed as having a moderate or higher potential business impact are escalated to senior management and reported to the Audit Committee of the board of directors.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true