XML 54 R24.htm IDEA: XBRL DOCUMENT v3.25.3
Cybersecurity Risk Management and Strategy Disclosure
 3 Months Ended 12 Months Ended
Aug. 31, 2025
Aug. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]    
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]  
Risk Management and Strategy
We recognize that cybersecurity risks pose a significant threat to our business, clients, and stakeholders, and we have implemented a comprehensive cybersecurity program to address these risks. We embed security considerations into every aspect of our operations, and our focus encompasses a proactive approach that involves continuous monitoring to swiftly detect and respond to emerging threats to ensure that our stakeholders' information remains secure in the face of evolving cybersecurity challenges. With a foundation grounded in industry best practices, including NIST 800-53, ISO 27001, CIS Top 20, and OWASP Top 10, we prioritize the identification and assessment of risks to create a protective shield around our clients' data. This guides our processes for assessing, identifying, and managing risks related to cybersecurity threats and incidents, as well as ensuring compliance with legal and contractual obligations. Our risk management processes are integrated into our overall business strategy and operations. We use various methods and tools to identify and assess cybersecurity risks across all assets in our technical landscape, such as vulnerability scanning, penetration testing, threat intelligence, risk assessments, auditing our vendors and audits from clients.
We maintain robust cybersecurity incident response procedures, which includes escalating incidents to the appropriate level of management and Board of Directors, mitigation, remediation, and the assessment of materiality of cybersecurity incidents, or a series of related incidents, that may materially affect or are reasonably likely to materially affect our business strategy, results of operations, or financial condition.
Furthermore, we conduct annual cybersecurity awareness training for our employees to provide them with the knowledge necessary to navigate the digital landscape securely. We understand that cybersecurity is not a static concept but a dynamic discipline, and our security and privacy notice reflect this by incorporating internal audits, penetration testing, active vulnerability scanning and a continuous improvement mindset.
As of the date of this Report, we are not aware of any cybersecurity incidents, or a series of related incidents, that have had or are reasonably likely to have a material impact on the Company’s results of operations or financial condition. For more information on our cybersecurity related risks, see Part 1, Item 1A. Risk Factors included elsewhere in this Report.
Cybersecurity Risk Management Processes Integrated [Flag]   true
Cybersecurity Risk Management Processes Integrated [Text Block]  
We recognize that cybersecurity risks pose a significant threat to our business, clients, and stakeholders, and we have implemented a comprehensive cybersecurity program to address these risks. We embed security considerations into every aspect of our operations, and our focus encompasses a proactive approach that involves continuous monitoring to swiftly detect and respond to emerging threats to ensure that our stakeholders' information remains secure in the face of evolving cybersecurity challenges. With a foundation grounded in industry best practices, including NIST 800-53, ISO 27001, CIS Top 20, and OWASP Top 10, we prioritize the identification and assessment of risks to create a protective shield around our clients' data. This guides our processes for assessing, identifying, and managing risks related to cybersecurity threats and incidents, as well as ensuring compliance with legal and contractual obligations. Our risk management processes are integrated into our overall business strategy and operations. We use various methods and tools to identify and assess cybersecurity risks across all assets in our technical landscape, such as vulnerability scanning, penetration testing, threat intelligence, risk assessments, auditing our vendors and audits from clients.
Cybersecurity Risk Management Third Party Engaged [Flag] false  
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]   true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]   false
Cybersecurity Risk Board of Directors Oversight [Text Block]  
We have established a corporate governance structure that provides oversight and guidance for our cybersecurity program. Our Board of Directors (the “Board”) is ultimately responsible for the oversight of the Company’s security program. In the oversight of the program, the Board is focused on cybersecurity risk, including incident response planning, timely identification and assessment of incidents, incident recovery and business continuity considerations.
The Data Protection Officer ("DPO") is responsible for ensuring that we have a Personal Data Protection program in place that is compliant with data privacy laws such as the EU GDPR, UK GDPR, China’s PIPL, and data privacy laws enacted at the state level, as applicable to us. Our corporate Personal Data Protection program includes policies, practices, and training directed to protecting personal data.
We have defined roles and responsibilities for the management of cybersecurity risks, including specific executive-level and management-level positions or committees. Our security program is overseen by our VP of Information Technology, supported by corporate leadership from legal, compliance and finance. Our VP of Information Technology and the support team is accountable for the program. Our functional area executive leadership, acting in support of the VP of Information Technology, the DPO and the Board, is responsible for ensuring organizational compliance with data protection regulations and controls across the organization. Our VP of Information Technology and DPO, are responsible for the design, implementation, and monitoring of the security and privacy policies, standards, procedures, and controls that govern our information systems and data processing activities.

Our VP of Information Technology and support team also have a reporting responsibility to the executive leadership and the Board. They coordinate the response and remediation of cybersecurity incidents and data breaches and report on the status and effectiveness of the security and privacy program to the Board and other stakeholders on an as needed basis. The Board receives regular reports from management on our cybersecurity program, risks and activity. Our VP of Information Technology has more than 25 years of experience in IT infrastructure, cybersecurity operations, and software engineering.
We have established processes to ensure that management is informed about and monitors cybersecurity incident prevention, detection, mitigation, and remediation. These processes include regular reporting, escalation, and communication protocols, as well as periodic reviews and audits of the security and privacy program.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]  
We have established a corporate governance structure that provides oversight and guidance for our cybersecurity program. Our Board of Directors (the “Board”) is ultimately responsible for the oversight of the Company’s security program. In the oversight of the program, the Board is focused on cybersecurity risk, including incident response planning, timely identification and assessment of incidents, incident recovery and business continuity considerations.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]   Our VP of Information Technology and support team also have a reporting responsibility to the executive leadership and the Board. They coordinate the response and remediation of cybersecurity incidents and data breaches and report on the status and effectiveness of the security and privacy program to the Board and other stakeholders on an as needed basis. The Board receives regular reports from management on our cybersecurity program, risks and activity.
Cybersecurity Risk Role of Management [Text Block]  
We have defined roles and responsibilities for the management of cybersecurity risks, including specific executive-level and management-level positions or committees. Our security program is overseen by our VP of Information Technology, supported by corporate leadership from legal, compliance and finance. Our VP of Information Technology and the support team is accountable for the program. Our functional area executive leadership, acting in support of the VP of Information Technology, the DPO and the Board, is responsible for ensuring organizational compliance with data protection regulations and controls across the organization. Our VP of Information Technology and DPO, are responsible for the design, implementation, and monitoring of the security and privacy policies, standards, procedures, and controls that govern our information systems and data processing activities.
Our VP of Information Technology and support team also have a reporting responsibility to the executive leadership and the Board. They coordinate the response and remediation of cybersecurity incidents and data breaches and report on the status and effectiveness of the security and privacy program to the Board and other stakeholders on an as needed basis. The Board receives regular reports from management on our cybersecurity program, risks and activity
Cybersecurity Risk Management Positions or Committees Responsible [Flag]   true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]  
We have established a corporate governance structure that provides oversight and guidance for our cybersecurity program. Our Board of Directors (the “Board”) is ultimately responsible for the oversight of the Company’s security program. In the oversight of the program, the Board is focused on cybersecurity risk, including incident response planning, timely identification and assessment of incidents, incident recovery and business continuity considerations.
The Data Protection Officer ("DPO") is responsible for ensuring that we have a Personal Data Protection program in place that is compliant with data privacy laws such as the EU GDPR, UK GDPR, China’s PIPL, and data privacy laws enacted at the state level, as applicable to us. Our corporate Personal Data Protection program includes policies, practices, and training directed to protecting personal data.
We have defined roles and responsibilities for the management of cybersecurity risks, including specific executive-level and management-level positions or committees. Our security program is overseen by our VP of Information Technology, supported by corporate leadership from legal, compliance and finance. Our VP of Information Technology and the support team is accountable for the program. Our functional area executive leadership, acting in support of the VP of Information Technology, the DPO and the Board, is responsible for ensuring organizational compliance with data protection regulations and controls across the organization. Our VP of Information Technology and DPO, are responsible for the design, implementation, and monitoring of the security and privacy policies, standards, procedures, and controls that govern our information systems and data processing activities.

Our VP of Information Technology and support team also have a reporting responsibility to the executive leadership and the Board. They coordinate the response and remediation of cybersecurity incidents and data breaches and report on the status and effectiveness of the security and privacy program to the Board and other stakeholders on an as needed basis. The Board receives regular reports from management on our cybersecurity program, risks and activity. Our VP of Information Technology has more than 25 years of experience in IT infrastructure, cybersecurity operations, and software engineering.
We have established processes to ensure that management is informed about and monitors cybersecurity incident prevention, detection, mitigation, and remediation. These processes include regular reporting, escalation, and communication protocols, as well as periodic reviews and audits of the security and privacy program.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]   Our VP of Information Technology has more than 25 years of experience in IT infrastructure, cybersecurity operations, and software engineering.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]  
Our VP of Information Technology and support team also have a reporting responsibility to the executive leadership and the Board. They coordinate the response and remediation of cybersecurity incidents and data breaches and report on the status and effectiveness of the security and privacy program to the Board and other stakeholders on an as needed basis. The Board receives regular reports from management on our cybersecurity program, risks and activity. Our VP of Information Technology has more than 25 years of experience in IT infrastructure, cybersecurity operations, and software engineering.
We have established processes to ensure that management is informed about and monitors cybersecurity incident prevention, detection, mitigation, and remediation. These processes include regular reporting, escalation, and communication protocols, as well as periodic reviews and audits of the security and privacy program
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]   true