To whom does the Chief Information Officer, who is responsible for assessing and managing cybersecurity risks at Benihana, report?
Benihana Franchise · 2024 FDDAnswer from 2024 FDD Document
Our Chief Information Officer, who reports directly to the Chief Executive Officer and has over 25 years of experience managing information technology and cybersecurity matters, together with our thirdparty service providers, are responsible for assessing and managing cybersecurity risks. We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework.
The Board of Directors, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit Committee, which is comprised solely of independent directors, has been designated by our Board to oversee cybersecurity risks. The Committee receives regular updates and reviews with management the implementation and effectiveness of the Company's controls to monitor and mitigate cybersecurity risks.
Source: Item 22 — CONTRACTS (FDD pages 73–74)
What This Means (2024 FDD)
According to Benihana's 2024 Franchise Disclosure Document, the Chief Information Officer (CIO), who is responsible for assessing and managing cybersecurity risks, reports directly to the Chief Executive Officer (CEO). The CIO has over 25 years of experience in managing information technology and cybersecurity matters.
This reporting structure highlights the importance Benihana places on cybersecurity, as the CIO has direct access to the highest level of leadership within the company. This direct line of communication ensures that cybersecurity concerns are promptly addressed and that the CEO is fully informed about potential risks and mitigation strategies.
Furthermore, the Board of Directors, specifically the Audit Committee, oversees cybersecurity risks. The Audit Committee, comprised of independent directors, receives regular updates and reviews the effectiveness of the company's controls to monitor and mitigate these risks. This multi-layered approach, involving the CIO, CEO, and the Board's Audit Committee, demonstrates a comprehensive commitment to managing and mitigating cybersecurity threats within the Benihana organization.