On what page of the Benihana FDD can I find information regarding Cybersecurity?
Benihana Franchise · 2024 FDDAnswer from 2024 FDD Document
aining the integrity and availability of our information technology systems and this information, as well as appropriate limitations on access and confidentiality of such information, is important to our operations and business strategy. We implemented a program designed to assess, identify and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality and integrity of these systems and the data residing in them. With the exception of local point-of-sale solutions, we do not host any solutions on premise as all applications are software as a service.
The program is managed and monitored by a team led by our Chief Information Officer and includes mechanisms, controls, technologies, systems, policies and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the systems and data residing in them. For example, we conduct risk-based penetration and vulnerability testing and ongoing risk assessments. We also conduct employee training on cyber and information security, among other topics. In addition, we consult with outside advisors and experts to assist with assessing, identifying, and managing cybersecurity risks and their impact on our risk environment. Lastly, we outsource to a cybersecurity firm all intrusion detection, intrusion prevention and system incident and event monitoring.
Our Chief Information Officer, who reports directly to the Chief Executive Officer and has over 25 years of experience managing information technology and cybersecurity matters, together with our thirdparty service providers, are responsible for assessing and managing cybersecurity risks. We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework. In the last fiscal year, we have not identified any prior cybersecurity incidents that materially affected us, but we face certain ongoing risks from
cybersecurity threats that, if realized, could materially affect us.
Source: Item 22 — CONTRACTS (FDD pages 73–74)
What This Means (2024 FDD)
According to Benihana's 2024 Franchise Disclosure Document, information regarding cybersecurity can be found on pages 480 and 481. The program is managed and monitored by a team led by their Chief Information Officer and includes mechanisms, controls, technologies, systems, policies and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the systems and data residing in them.
Benihana conducts risk-based penetration and vulnerability testing and ongoing risk assessments. They also conduct employee training on cyber and information security, and consult with outside advisors and experts to assist with assessing, identifying, and managing cybersecurity risks and their impact on their risk environment. Benihana outsources all intrusion detection, intrusion prevention and system incident and event monitoring to a cybersecurity firm.
The Chief Information Officer reports directly to the Chief Executive Officer and has over 25 years of experience managing information technology and cybersecurity matters. The Board of Directors and the Audit Committee, comprised of independent directors, oversee cybersecurity risks, receiving regular updates on the implementation and effectiveness of controls. Benihana has not identified any prior cybersecurity incidents that materially affected them in the last fiscal year, but they face ongoing risks from cybersecurity threats. Additional information on cybersecurity risks is discussed in Part I, Item 1A, "Risk Factors," under the heading "Cybersecurity, Data Privacy and IT Systems."