Lode-Star Mining Inc. - (LSMG)
10-K Filing Date: March 22, 2024
At present the Company has minimal risk related to Cybersecurity as no operational business is conducted on the internet or available through the internet.
Cybersecurity risk management will be an integral part of our overall enterprise risk management efforts once the Company has determined how and what security measures will need to be deployed. No enterprise risk can be eliminated entirely. We will seek to mitigate as much risk as possible and manage the remaining financial risk through a cyber insurance policy. The Company has chosen the National Institute of Standards (NIST) for its base framework because it is compatible with certain risk management business functions required by customers and US Government oversight. Controls in the SP 800-53 catalog will be tailored-in based on governance found in SP 800-171, internally determined IT General Controls and industry best practices to create a balanced approach protecting confidentiality, integrity, and availability.
Governance
Our Board of Directors has primary responsibility for evaluating cybersecurity risk management, overseeing our major cybersecurity risk exposures and the steps management has taken to monitor and control these exposures, including policies and procedures for assessing and managing risk, as well as oversight of compliance related to legal and regulatory exposure.
The to be newly formed management positions responsible for assessing and managing cybersecurity risks will be a Director of Cybersecurity and a Chief Information Officer (CIO), who will report directly to our CFO. Presently our CFO is undertaking the actions of both the Director of Cybersecurity and CIO. The CIO will be responsible for ensuring that we have a cybersecurity risk management program in place that is fully aligned with business requirements and strategy.