Verde Clean Fuels, Inc. - (VGAS)

10-K Filing Date: March 28, 2024
ITEM 1C. Cybersecurity.

 

Risk management and strategy

 

We have established processes for assessing, identifying, and managing material risk from cybersecurity threats, and have integrated these processes into our overall risk management systems and processes. We routinely assess material risks from cybersecurity threats, including any potential unauthorized attempts to access our information systems that may result in adverse effects on the confidentiality, integrity, or availability of those systems.

 

These risk assessments include identification of reasonably foreseeable internal and external risks, the likelihood and potential damage that could result from such risks, and the sufficiency of existing policies, procedures, systems, and safeguards in place to manage such risks. Following these risk assessments, if necessary, we would re-design and implement reasonable additional safeguards to minimize identified risks and address any identified gaps in existing safeguards.

 

Primary responsibility for assessing, monitoring, and managing our cybersecurity risks rests with our third-party IT service provider who reports to our Chief Technology Officer, to manage the risk assessment and mitigation process.

 

44

 

 

As part of our overall risk management system, we monitor and test our safeguards and we train our relevant employees on these safeguards, in collaboration with our third-party IT provider and management. Since users are typically the weakest link in any information system, we periodically train all our employees on good cybersecurity practices, including password management, phishing prevention, and other security awareness issues.

 

We have not encountered cybersecurity threats or challenges that have materially impaired our operations, business strategy or financial condition.

 

Governance

 

Our Board of Directors is responsible for monitoring and assessing strategic risk exposure including cybersecurity risk, and our executive officers are responsible for the day-to-day management of the material risks we face. Our Board of Directors administers its cybersecurity risk oversight function directly as a whole, as well as through the Audit Committee.

 

Our Chief Technology Officer is primarily responsible for assessing and managing our material risks from cybersecurity threats with assistance from our third-party IT service provider.

 

Our Chief Technology Officer oversees our cybersecurity policies and processes and will provide periodic briefings to the Chief Executive Officer, the Audit Committee and/or the Board of Directors as needed regarding any material cybersecurity risks or activities, including any recent cybersecurity incidents and related responses.