We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.

Our overall risk management program includes a cybersecurity risk assessment process, that routinely evaluates potential impacts of cybersecurity risks on our business, including our operations, financial stability, and reputation. These assessments inform our cybersecurity risk mitigation strategies. The results are regularly shared with management and the Audit Committee as part of their involvement in managing and overseeing cybersecurity risks.

Key aspects of our cybersecurity risk management program include:

We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face ongoing risks from certain cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. See "Item 1A. Risk Factors – Our business is subject to cybersecurity risks" included elsewhere in this Annual Report on Form 10-K.

Cybersecurity Governance

Our Board of Directors considers cybersecurity risk as part of its risk oversight function and has delegated to its Audit Committee oversight of cybersecurity and other information technology risks. Our Audit Committee oversees management’s implementation of our cybersecurity risk management program.

Our Audit Committee receives periodic reports from management on our cybersecurity risks. In addition, management updates our Audit Committee, as necessary, regarding significant cybersecurity incidents. Our Audit Committee reports to the full Board of Directors regarding its activities, including those related to cybersecurity. Our Board of Directors also receives briefings from management on our cybersecurity risk management program. Board members receive presentations on cybersecurity topics from IT leadership, which includes our Chief Sustainability and Administrative Officer ("CSAO"), or external experts as part of the Board’s continuing education on topics that impact public companies.

Our cybersecurity team, led by the CSAO, is responsible for coordinating and executing on the cybersecurity response procedures and for seeking assistance from other Partnership stakeholders and external advisors. Our cybersecurity team includes the CSAO and IT leadership. The team has primary responsibility for our overall cybersecurity risk management program and supervises both our internal cybersecurity personnel and our retained external cybersecurity consultants. Our cybersecurity team includes professionals with deep cybersecurity expertise across multiple industries.

Our management team stays informed about and monitor efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from internal information technology personnel, threat intelligence and other information obtained from public or private sources, including external consultants engaged by us, and alerts and reports produced by security tools deployed in the IT environment.