Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Mar. 31, 2026 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | In connection with our enterprise risk management process, we identify, prioritize, monitor and seek to ameliorate key risks that may affect the Company, including risks from or relating to cyber threats. We have enterprise-wide security policies, standards and controls that seek to incorporate best practices in security engineering, technology architecture and data protection. Our policies and controls include security measures designed to protect our systems against unauthorized access. We also maintain cybersecurity protection measures with respect to our information technology systems, including with respect to the protection of our customer data, vendor data and employee information. We have also implemented specialized training and education programs to seek to guard against cybersecurity events, such as enterprise-wide communications, presentations, phishing simulations and focused training for specific roles, as well as a general cybersecurity training program required for all employees. We also engage third parties to perform regular reviews of our security framework controls to promote objectivity. Our processes to identify, assess and manage material risks relating to cyber threats include risks associated with third party service providers, including cloud-based platforms. We believe that these policies and controls provide us with an appropriate comprehensive assessment of potential cyber threats. The sophistication of cybersecurity threats, including through the use of artificial intelligence, continues to increase, and while additional measures are continually deployed to mitigate risks and protect our systems, the risk of a breach continues to increase. To address this increased risk we are continually enhancing our Disaster Recovery and Business Continuity capabilities enabling system and data recovery and reducing the overall length our systems would be unavailable for normal operations. In addition, we maintain policies and governance controls for the responsible use of artificial intelligence, including employee training and guidance intended to promote appropriate use and protect the confidentiality of Company and third-party information. These measures are designed to help manage risks associated with AI-enabled tools, including potential intellectual property and data exposure. To date, risks from cybersecurity threats have not materially affected the Company, and we do not believe these threats are reasonably likely to materially affect the Company, including its business strategy, financial condition or results of operations. However, the risks from cybersecurity threats and incidents continues to increase, and the preventative actions we have taken and continue to take to reduce the risk of cybersecurity threats and incidents may not successfully protect our systems against all such threats and incidents. Refer to Item 1A – Risk Factors under the heading “Our business operations may be adversely affected by information technology systems interruptions or intrusion" for additional information.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | In connection with our enterprise risk management process, we identify, prioritize, monitor and seek to ameliorate key risks that may affect the Company, including risks from or relating to cyber threats. We have enterprise-wide security policies, standards and controls that seek to incorporate best practices in security engineering, technology architecture and data protection. Our policies and controls include security measures designed to protect our systems against unauthorized access. We also maintain cybersecurity protection measures with respect to our information technology systems, including with respect to the protection of our customer data, vendor data and employee information. We have also implemented specialized training and education programs to seek to guard against cybersecurity events, such as enterprise-wide communications, presentations, phishing simulations and focused training for specific roles, as well as a general cybersecurity training program required for all employees. We also engage third parties to perform regular reviews of our security framework controls to promote objectivity. Our processes to identify, assess and manage material risks relating to cyber threats include risks associated with third party service providers, including cloud-based platforms. We believe that these policies and controls provide us with an appropriate comprehensive assessment of potential cyber threats.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | The Audit Committee has primary responsibility for overseeing risks related to cybersecurity and privacy, although the full Board also exercises oversight over these risks. Securing the information of our customers, employees, vendors and other third parties is important to us. At least quarterly, or more frequently if needed, the Audit Committee and/or the full Board receives detailed reports on data protection and cybersecurity matters from senior IT leaders, including our CIO. Our Cyber Sub-Committee meets bi-annually to take a deeper dive into cyber-related risks. The topics covered at the various Audit Committee and full Board meetings include risk identification and management strategies, customer data protection, the Company’s ongoing risk mitigation activities, results of third-party assessments and testing, results of tabletop exercises, updates on potential cybersecurity threats, updates on training initiatives and governance.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our cybersecurity program is overseen by a cross-functional committee of senior business leaders and is led by our Senior Vice President, Chief Digital and Information Services Officer (CIO). This management committee meets regularly and is charged with overseeing our cybersecurity strategy, seeking to ensure that cyber risks relating to the Company and its operations are managed, and that the program is aligned with the Company's business goals and objectives. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | At least quarterly, or more frequently if needed, the Audit Committee and/or the full Board receives detailed reports on data protection and cybersecurity matters from senior IT leaders, including our CIO. Our Cyber Sub-Committee meets bi-annually to take a deeper dive into cyber-related risks. The topics covered at the various Audit Committee and full Board meetings include risk identification and management strategies, customer data protection, the Company’s ongoing risk mitigation activities, results of third-party assessments and testing, results of tabletop exercises, updates on potential cybersecurity threats, updates on training initiatives and governance.
|
| Cybersecurity Risk Role of Management [Text Block] | Our cybersecurity program is overseen by a cross-functional committee of senior business leaders and is led by our Senior Vice President, Chief Digital and Information Services Officer (CIO). This management committee meets regularly and is charged with overseeing our cybersecurity strategy, seeking to ensure that cyber risks relating to the Company and its operations are managed, and that the program is aligned with the Company's business goals and objectives. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our cybersecurity program is overseen by a cross-functional committee of senior business leaders and is led by our Senior Vice President, Chief Digital and Information Services Officer (CIO). This management committee meets regularly and is charged with overseeing our cybersecurity strategy, seeking to ensure that cyber risks relating to the Company and its operations are managed, and that the program is aligned with the Company's business goals and objectives. The CIO has a formal education in information technology as well as extensive experience working in the Company’s information and technology function; and receives periodic training and education on cybersecurity-related topics. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | The CIO has a formal education in information technology as well as extensive experience working in the Company’s information and technology function; and receives periodic training and education on cybersecurity-related topics. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | At least quarterly, or more frequently if needed, the Audit Committee and/or the full Board receives detailed reports on data protection and cybersecurity matters from senior IT leaders, including our CIO. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |