Pineapple Energy Inc. - (PEGY)

10-K Filing Date: April 01, 2024
ITEM 1C. CYBERSECURITY

The Company has an information security program designed to identify, mitigate, respond to and manage reasonably foreseeable cybersecurity risks and threats. The program is overseen by the Chief Financial Officer. The CFO in conjunction with senior management conducts periodic reviews of cybersecurity control, policies, and procedures to ensure relevance and effectiveness for the Company’s needs and operating environment. The CFO has previously led IT/cyber strategy and programs in his past work experiences and is able to apply those experiences to the Company. The audit and finance committee of the board has discussions with

 

24


management on an annual basis about the Company’s risk assessment and risk management policies, particularly in the areas of financial reporting, internal controls, and compliance with legal and regulatory requirements.

One aspect of the Company’s information security program is focused on vendor selection. The Company evaluates all third-party vendors and service providers for their cybersecurity features and compliance with security requirements. Selected vendors, for example, must employ a variety of security measures to protect against unauthorized access, data breaches, and data loss. Pineapple Energy remains committed to maintaining the highest standards of data security and ensuring the integrity and confidentiality of our data.

Our business strategy, results of operations and financial condition have not been materially affected by risks from cybersecurity threats, including as a result of previously identified cybersecurity incidents, but we cannot provide assurance that they will not be materially affected in the future by such risks or any future material incidents. For more information on our cybersecurity related risks, see Item 1A, “Risk Factors,” of this Annual Report on Form 10-K.