XML 50 R29.htm IDEA: XBRL DOCUMENT v3.25.3
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Aug. 30, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We have established controls for identifying, assessing and managing material risks from cybersecurity threats that could adversely affect our information systems or the information residing on those systems. These include a combination of policies, procedures, technologies and safe-guards (based on frameworks such as Cybersecurity Maturity Model Certification (“CMMC”) and Payment Card Industry (“PCI”) that are designed to prevent, detect, and mitigate data
loss, theft, misuse, unauthorized access, and other security incidents or vulnerabilities affecting our systems and data, and to assess and evaluate the risk of such incidents and vulnerabilities. Additionally, we have processes in place designed to oversee and identify material risks from cybersecurity threats associated with our use of third-party technology and systems, including our cloud computing platforms.
As part of our risk management process, we conduct application security assessments, security audits, third-party penetration testing, vulnerability assessments and ongoing risk assessments. We also maintain a variety of incident response plans that are utilized when incidents are detected. Associates of the Company complete an annual cybersecurity training program in which specific threats and scenarios are highlighted based on the cyber risk management team’s analysis of current cyber risks to the Company or as required by regulatory frameworks. Simulated phishing tests are conducted with associates on a regular basis to provide training and awareness against scams and fraudulent communications. Associates also receive ongoing communications regarding the importance of guarding against phishing, social engineering and other cyberattack vectors. In addition to our in-house cybersecurity capabilities, at times, we also engage consultants, auditors or other third parties to assist with assessing, identifying and managing cybersecurity risks. We maintain cybersecurity insurance and regularly review our policy and levels of coverage based on current risks.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] As part of our risk management process, we conduct application security assessments, security audits, third-party penetration testing, vulnerability assessments and ongoing risk assessments. We also maintain a variety of incident response plans that are utilized when incidents are detected. Associates of the Company complete an annual cybersecurity training program in which specific threats and scenarios are highlighted based on the cyber risk management team’s analysis of current cyber risks to the Company or as required by regulatory frameworks. Simulated phishing tests are conducted with associates on a regular basis to provide training and awareness against scams and fraudulent communications. Associates also receive ongoing communications regarding the importance of guarding against phishing, social engineering and other cyberattack vectors. In addition to our in-house cybersecurity capabilities, at times, we also engage consultants, auditors or other third parties to assist with assessing, identifying and managing cybersecurity risks. We maintain cybersecurity insurance and regularly review our policy and levels of coverage based on current risks.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Audit Committee of our Board of Directors (the “Audit Committee”) oversees our financial and risk management policies, including risk management policies and programs related to cybersecurity designed to monitor, mitigate and respond to cyber risks, threats, and reports. The Audit Committee receives regular reports from the Vice President of Information Security on, among other things, the Company’s cyber risks and threats, the status of projects to strengthen the Company’s information security systems, assessments of the Company’s cybersecurity program and the emerging cyber threat landscape. Additionally, the Audit Committee has engaged a consulting firm to serve in the role of a cybersecurity advisor to the Audit Committee. In fulfilling this role, the consultant will engage with the Vice President of Information Security and other associates of the Company to evaluate the Company’s cybersecurity maturity and advise the Audit Committee on cybersecurity gaps, best practices and industry trends on an ongoing basis.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
The Audit Committee of our Board of Directors (the “Audit Committee”) oversees our financial and risk management policies, including risk management policies and programs related to cybersecurity designed to monitor, mitigate and respond to cyber risks, threats, and reports. The Audit Committee receives regular reports from the Vice President of Information Security on, among other things, the Company’s cyber risks and threats, the status of projects to strengthen the Company’s information security systems, assessments of the Company’s cybersecurity program and the emerging cyber threat landscape. Additionally, the Audit Committee has engaged a consulting firm to serve in the role of a cybersecurity advisor to the Audit Committee. In fulfilling this role, the consultant will engage with the Vice President of Information Security and other associates of the Company to evaluate the Company’s cybersecurity maturity and advise the Audit Committee on cybersecurity gaps, best practices and industry trends on an ongoing basis.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
Our cyber management team, led by our Vice President of Information Security, is tasked with implementing and maintaining centralized cybersecurity and data protection practices in close coordination with MSC’s leadership team and other teams across the Company. Our Vice President of Information Security has extensive cybersecurity knowledge and skills gained from over 25 years of work experience across multiple verticals. Reporting to our Vice President of Information Security are a number of experienced information security professionals responsible for various parts of our business, including Architecture and Engineering, Identity and Access Management, Security Operations, and Governance, Risk and Compliance programs, each of which is supported by a team of trained cybersecurity professionals.
Cybersecurity Risk Role of Management [Text Block] Our cyber management team, led by our Vice President of Information Security, is tasked with implementing and maintaining centralized cybersecurity and data protection practices in close coordination with MSC’s leadership team and other teams across the Company
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our cyber management team, led by our Vice President of Information Security, is tasked with implementing and maintaining centralized cybersecurity and data protection practices in close coordination with MSC’s leadership team and other teams across the Company
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Vice President of Information Security has extensive cybersecurity knowledge and skills gained from over 25 years of work experience across multiple verticals.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Reporting to our Vice President of Information Security are a number of experienced information security professionals responsible for various parts of our business, including Architecture and Engineering, Identity and Access Management, Security Operations, and Governance, Risk and Compliance programs, each of which is supported by a team of trained cybersecurity professionals.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true