XML 161 R35.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Sep. 30, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Program

Given the importance of cybersecurity to aspects of our business, we maintain a cybersecurity program to support both the effectiveness of our systems and our preparedness for information security risks. This program includes a number of safeguards, such as: password protection; multi-factor authentication; continuous monitoring and alerting systems for internal and external threats; regular evaluations of our cybersecurity program, including retention of outsourced experts.

We use a risk-based approach with respect to our use and oversight of third-party service providers, tailoring processes according to the nature and sensitivity of the data accessed, processed, or stored by such third-party service provider.

Process for Assessing, Identifying and Managing Material Risks from Cybersecurity Threats

In the event of a cybersecurity incident, we maintain a regularly tested incident response program. Pursuant to the program and its escalation protocols, designated personnel are responsible for assessing the severity of an incident and associated threat, containing the threat, remediating the threat, including recovery of data and access to systems, analyzing any reporting obligations associated with the incident, and performing post-incident analysis and program enhancements.

We have relationships with a number of third-party service providers to assist with cybersecurity containment and remediation efforts.

Over the last two years, we have not experienced any cybersecurity incidents that have materially affected or are reasonably likely to materially affect is, including our business, results of operations, or financial condition.

Cybersecurity Risks

Our cybersecurity risk management processes are integrated into our overall processes. As part of our processes, we identify, assess and evaluate risks impacting our operations across the Company, including those risks related to cybersecurity. We consider the severity and likelihood of certain risk factors, drawing upon our industry experience and company knowledge. While we maintain a cybersecurity program, the techniques used to infiltrate information technology systems continue to evolve. Accordingly, we may not be able to timely detect threats or anticipate and implement adequate security measures. For additional information, see Item 3 (D) “Risk Factors.”
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Our cybersecurity risk management processes are integrated into our overall processes. As part of our processes, we identify, assess and evaluate risks impacting our operations across the Company, including those risks related to cybersecurity. We consider the severity and likelihood of certain risk factors, drawing upon our industry experience and company knowledge. While we maintain a cybersecurity program, the techniques used to infiltrate information technology systems continue to evolve.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Board Oversight

Our Board of Directors has overall responsibility for risk oversight. The Board of Directors is responsible for reviewing, discussing with management, and overseeing the Company’s data privacy, information technology and security and cybersecurity risk exposures, including: (i) the potential impact of those exposures on the Company’s business, financial results, operations and reputation; (ii) the programs and steps implemented by management to monitor and mitigate any exposures; (iii) the Company’s information governance and cybersecurity policies and programs; and (iv) major legislative and regulatory developments that could materially impact the Company’s data privacy and cybersecurity risk exposure.

In the event of a cybersecurity incident, the appropriate officer would apprise the full Board promptly with respect to any incident.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Board of Directors
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our Board of Directors has overall responsibility for risk oversight. The Board of Directors is responsible for reviewing, discussing with management, and overseeing the Company’s data privacy, information technology and security and cybersecurity risk exposures, including: (i) the potential impact of those exposures on the Company’s business, financial results, operations and reputation; (ii) the programs and steps implemented by management to monitor and mitigate any exposures; (iii) the Company’s information governance and cybersecurity policies and programs; and (iv) major legislative and regulatory developments that could materially impact the Company’s data privacy and cybersecurity risk exposure.
Cybersecurity Risk Role of Management [Text Block]

Our cybersecurity risk management processes are integrated into our overall processes. As part of our processes, we identify, assess and evaluate risks impacting our operations across the Company, including those risks related to cybersecurity. We consider the severity and likelihood of certain risk factors, drawing upon our industry experience and company knowledge. While we maintain a cybersecurity program, the techniques used to infiltrate information technology systems continue to evolve. Accordingly, we may not be able to timely detect threats or anticipate and implement adequate security measures. For additional information, see Item 3 (D) “Risk Factors.”
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

In the event of a cybersecurity incident, the appropriate officer would apprise the full Board promptly with respect to any incident.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Board of Directors is responsible for reviewing, discussing with management, and overseeing the Company’s data privacy, information technology and security and cybersecurity risk exposures, including: (i) the potential impact of those exposures on the Company’s business, financial results, operations and reputation; (ii) the programs and steps implemented by management to monitor and mitigate any exposures; (iii) the Company’s information governance and cybersecurity policies and programs; and (iv) major legislative and regulatory developments that could materially impact the Company’s data privacy and cybersecurity risk exposure.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true