Chromocell Therapeutics Corp - (CHRO)
10-K Filing Date: April 16, 2024
Risk management and strategy
We are an R&D stage pharmaceutical company, with no commercial operations or revenue streams. Since our IPO, our sole business activity has been ongoing research into our drug therapies]. Therefore, we do not consider that we face significant cybersecurity risk and have not adopted a formal cybersecurity risk management program or process for assessing cybersecurity risk currently. We assess material risks from cybersecurity threats on an ongoing basis, including any potential unauthorized occurrence on or conducted through our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems or any information residing therein. As our Company grows, we plan to develop a more robust and detailed strategy for cybersecurity in alignment with nationally accepted standards. We have not encountered cybersecurity challenges that have materially impaired our operations or financial standing. For additional information regarding risks from cybersecurity threats, please refer to Item 1A, “Risk Factors,” in this Annual Report on Form 10-K.
Governance
Our management and board of directors recognize the critical importance of maintaining the trust and confidence of our business partners and employees, including the importance of managing cybersecurity risks as part of our larger risk management program. While all of our personnel play a part in managing cybersecurity risks, one of the key functions of our board of directors is informed oversight of our risk management process, including risks from cybersecurity threats. Our board of directors is responsible for monitoring and assessing strategic risk exposure, and our executive officers are responsible for the day-to-day management of the material risks that we face. In general, we seek to address cybersecurity risks through a cross-functional approach that is focused on preserving the confidentiality, integrity, and availability of the information that we collect and store by identifying, preventing, and mitigating cybersecurity threats and effectively responding to cybersecurity incidents when they occur.
68