Item 1C. Cybersecurity

 

AppTech recognizes the importance of developing, implementing, and maintaining strong cybersecurity measures to safeguard our information systems and protect our data's privacy and integrity.

 

Engage Third-parties on Risk Management

 

Due to the difficulties and evolving nature of cybersecurity threats, AppTech engages with external experts, including cybersecurity consultants and auditors to evaluate and test its risk management systems. These relationships allow us to utilize specialized knowledge and insights, ensuring our strategies and processes remain in-line with current best practices. These third-parties provide the Company with regular audits, threat assessments, and consultations on security enhancements. Also, during onboarding and periodically thereafter, we conduct trainings for the Company’s employees, contractors, and temporary workers about cybersecurity risks, including sending test phishing emails for training purposes to all users of the Company’s email system.

 

Oversee Third-party Risk

 

To manage the risks associated with third-party service providers, AppTech conducts weekly calls with its providers to monitor compliance on an ongoing basis. Issues that arise are addressed immediately with mitigating measures added to avoid future problems.

 

Risks from Cybersecurity Threats

 

Like other companies in our industry, we face several cybersecurity risks in connection with our business. Although such risks have not materially affected us, including our business strategy, results of operations, or financial condition, to date, we have, from time to time, experienced threats to and security incidents related to our data and systems, including denial of service and phishing attacks.

 

Risk Management Personnel

 

Primary responsibility for assessing, monitoring and managing our cybersecurity risks rests with our third-party provider, the Company's Director of Information Technology and Director of Software Engineering (referred to as “IT”). Their knowledge, experience and relationship with our third-party vendor instrumental in developing and executing our cybersecurity strategies.

 

Risk Management Reporting

 

The IT Team provides updates to upper Management on a routine basis or as potentially critical risks from cybersecurity threats or incidents arise. In addition, the audit committee is notified of any material cybersecurity concerns that may impact internal controls, data storage, or the integrity of our financial reporting.