Viking Therapeutics, Inc. - (VKTX)
10-K Filing Date: February 07, 2024
Our board of directors is responsible for overseeing our risk management program and cybersecurity is a critical element of this program. Management is responsible for the day-to-day administration of our risk management program and our cybersecurity policies, processes, and practices. Our cybersecurity policies, standards, processes, and practices are based on recognized frameworks established by the National Institute of Standards and Technology, the International Organization for Standardization and other applicable industry standards and are fully integrated into our overall risk management system and processes as part of our IT security incident response plan.
Cybersecurity Risk Management and Strategy
Our cybersecurity risk management strategy focuses on several areas:
We conduct periodic assessments and testing of our policies, standards, processes, and practices in a manner intended to address cybersecurity threats and events. The results of such assessments, audits, and reviews are evaluated by management and reported to our Audit Committee and our board of directors, and we adjust our cybersecurity policies, standards, processes, and practices as necessary based on the information provided by these assessments, audits, and reviews. Risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have not materially affected and are not reasonably likely to materially affect our company, including our business strategy, results of operations, or financial condition.
Governance
Our board of directors, in coordination with our Audit Committee, oversees our risk management program, including the management of cybersecurity threats. Our board of directors and our Audit Committee each receive regular presentations and reports on developments in the cybersecurity space, including risk management practices, recent developments, evolving standards, vulnerability assessments, third-party and independent reviews, the threat environment, technological trends, and information security issues encountered by our peers and third parties. Our board of directors and our Audit Committee also receive prompt and timely information regarding any cybersecurity risk that meets pre-established reporting thresholds, as well as ongoing updates regarding any such risk. On an annual basis, our board of directors and the Audit Committee discuss our approach to overseeing cybersecurity threats with our Information Systems Representative and other members of senior management.
57
The Information Systems Representative, in coordination with senior management including our Chief Executive Officer and Chief Financial Officer, works collaboratively across our company to implement a program designed to protect our information systems from cybersecurity threats and to promptly respond to any material cybersecurity incidents in accordance with our incident response and recovery plans. To facilitate the success of our cybersecurity program, a cross-functional team throughout our company addresses cybersecurity threats and responds to cybersecurity incidents. Through ongoing communications with this team, the Information Systems Representative and senior management are informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity threats and incidents in real time and report such threats and incidents to the Audit Committee when appropriate. The Information Systems Representative has served in various roles in information technology and information security for over 25 years, including serving as the Director of Information Technology of another public company.