XML 42 R27.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats.

Theriva has not, to date, been subject to any cybersecurity incidents resulting in a material adverse effect on the Company; however, future cyber incidents may occur and the Company has implemented processes to manage, mitigate, and respond to cybersecurity threats. We maintain policies and controls over areas such as information security, access on/offboarding, and access and account management, to help govern the processes put in place by management designed to protect our information technology (“IT”) assets, data, and services from threats and vulnerabilities. We partner with third-party IT providers leveraging third-party technology and expertise. These partners, including consultants and other third-party service providers, are a key part of Theriva’s cybersecurity risk management strategy and infrastructure and provide services including, maintenance of an IT assets inventory, periodic vulnerability scanning, identity access management controls including restricted access of privileged accounts, network integrity safeguarded by employing web-based software, including endpoint protection, endpoint detection and response, and remote monitoring management on all devices, industry-standard encryption protocols, critical data backups, infrastructure maintenance, incident response, and cyber risk advisory, assessment and remediation.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]

We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats.

Theriva has not, to date, been subject to any cybersecurity incidents resulting in a material adverse effect on the Company; however, future cyber incidents may occur and the Company has implemented processes to manage, mitigate, and respond to cybersecurity threats. We maintain policies and controls over areas such as information security, access on/offboarding, and access and account management, to help govern the processes put in place by management designed to protect our information technology (“IT”) assets, data, and services from threats and vulnerabilities. We partner with third-party IT providers leveraging third-party technology and expertise. These partners, including consultants and other third-party service providers, are a key part of Theriva’s cybersecurity risk management strategy and infrastructure and provide services including, maintenance of an IT assets inventory, periodic vulnerability scanning, identity access management controls including restricted access of privileged accounts, network integrity safeguarded by employing web-based software, including endpoint protection, endpoint detection and response, and remote monitoring management on all devices, industry-standard encryption protocols, critical data backups, infrastructure maintenance, incident response, and cyber risk advisory, assessment and remediation.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

As part of its review of the adequacy of our system of internal controls over financial reporting and disclosure controls and procedures, management and the Audit Committee oversee cybersecurity risk exposures and the steps taken by management to monitor and mitigate cybersecurity risks. Theriva’s management team is responsible for oversight and administration of cybersecurity risk management strategies, and for informing the Board and other relevant stakeholders regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents. In addition, cybersecurity risks are reviewed by our Board of Directors at least annually, as part of the Company’s corporate risk oversight processes.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Audit Committee
Cybersecurity Risk Role of Management [Text Block] Theriva’s management team is responsible for oversight and administration of cybersecurity risk management strategies, and for informing the Board and other relevant stakeholders regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Theriva’s management team
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Theriva’s management team is responsible for oversight and administration of cybersecurity risk management strategies, and for informing the Board and other relevant stakeholders regarding the prevention, detection, mitigation, and remediation
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true