TXO Partners, L.P. - (TXO)
10-K Filing Date: March 05, 2024
Item 1C. Cybersecurity
Cybersecurity Risk Management and Strategy
We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.
Our cybersecurity risk management program is part of our overall enterprise risk management program, and shares common reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.
Key elements of our cybersecurity risk management program include the following:
•risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment;
•a team of IT and risk management professionals principally responsible for directing (1) our cybersecurity risk assessment processes, (2) our security processes, and (3) our response to cybersecurity incidents; and
•cybersecurity awareness training of all our employees.
We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. See “Risk Factors – Our business could be negatively affected by security threats, including cybersecurity threats, and other disruptions”.
66
Cybersecurity Governance
Our Board considers cybersecurity risk as part of its risk oversight function and has delegated to the Audit Committee oversight of cybersecurity and other information technology risks. The Audit Committee oversees management’s design, implementation and enforcement of our cybersecurity risk management program described above.
Our Manager of Information Technology periodically reports to the Audit Committee and leads the Company’s overall cybersecurity function. The Audit Committee receives reports from our IT team on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents.
Our IT team, including our Manager of Information Technology, oversees efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents that impact our systems and information through various means, which include briefings from internal personnel; threat intelligence and other information obtained from governmental, public or private sources, including external cybersecurity service providers; and alerts and reports produced by security tools deployed in our corporate IT environment.
Our Manager of Information Technology is responsible for assessing and managing our material risks from cybersecurity threats, and has primary responsibility for leading our overall cybersecurity risk management program. Our Manager of Information Technology has over 20 years of experience in the cybersecurity field.