Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 28, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

The Company utilizes information systems to support a variety of business processes and activities in its operations. These systems may be subject to cyber-based attacks or breaches. Some examples of the cybersecurity threats that could negatively impact the Company are credit card skimmers, denial of service attacks, excessive port scans, firewall breach and computer virus outbreak.

Cybersecurity risk management is part of Management’s annual risk assessment program. In order to manage the risks associated with cybersecurity threats, the Company maintains a risk-based cybersecurity program consisting of processes, technologies, and controls to assess, identify and manage material risks from cybersecurity threats.

While the Company's information systems are exposed to cybersecurity threats and risks, the Company has not experienced any material cybersecurity incidents affecting its business strategy, results of operations, or financial condition, and any costs or operational impacts related to cybersecurity incidents were immaterial during the period presented.

For additional information related to the risks associated with cybersecurity threats, refer to the Information Security, Cybersecurity and Data Privacy Risks section of Item 1a. Risk Factors.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

The Company utilizes information systems to support a variety of business processes and activities in its operations. These systems may be subject to cyber-based attacks or breaches. Some examples of the cybersecurity threats that could negatively impact the Company are credit card skimmers, denial of service attacks, excessive port scans, firewall breach and computer virus outbreak.

Cybersecurity risk management is part of Management’s annual risk assessment program. In order to manage the risks associated with cybersecurity threats, the Company maintains a risk-based cybersecurity program consisting of processes, technologies, and controls to assess, identify and manage material risks from cybersecurity threats.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Board of Directors Oversight

The Company’s Board of Directors is responsible for providing oversight and strategic guidance to management to support the long-term interests of the Company's shareholders. The Audit Committee is the lead committee of the Board of Directors responsible for oversight of the Company’s risk-based cybersecurity program and bears the primary responsibility for this aspect of the business. As part of this responsibility, the Audit Committee of the Board of Directors annually reviews the Company's Information Security Incident Response Plan.

On a quarterly basis cybersecurity incidents are summarized and reported to the Audit Committee of the Board of Directors which cover any identified cybersecurity incidents, results of third-party vulnerability testing, and key developments in policies.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Audit Committee

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

On a quarterly basis cybersecurity incidents are summarized and reported to the Audit Committee of the Board of Directors which cover any identified cybersecurity incidents, results of third-party vulnerability testing, and key developments in policies.

Cybersecurity Risk Role of Management [Text Block]

Management’s Role in Managing Risk

The Company’s cybersecurity risk management is part of the Company's Information Security Office, led by the Chief Information Officer. In order to manage the risks associated with cybersecurity threats, the Company has implemented an Information Security Incident Response Plan.

The Company engages with a range of third-party experts, including cybersecurity assessors, consultants, and auditors in evaluating and testing its risk management systems. These relationships enable Management to leverage specialized knowledge and insights with respect to the Company’s cybersecurity strategies and processes.

The Company's Information Security Incident Response Plan includes detailed processes and controls related to cybersecurity awareness training for employees, phishing simulations, backup and recovery, response planning, vulnerability management and endpoint protection as well as ongoing cybersecurity requirements for third-party service providers. The framework is regularly reviewed, assessed, and updated. This framework is designed to mitigate risks related to data breaches or other security incidents originating from third parties.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Chief Information Officer

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The Company's Information Security Incident Response Plan includes detailed processes and controls related to cybersecurity awareness training for employees, phishing simulations, backup and recovery, response planning, vulnerability management and endpoint protection as well as ongoing cybersecurity requirements for third-party service providers. The framework is regularly reviewed, assessed, and updated. This framework is designed to mitigate risks related to data breaches or other security incidents originating from third parties

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true