Cybersecurity Risk Management, Strategy and Governance	12 Months Ended
Dec. 28, 2024
Cybersecurity Risk Management, Strategy, and Governance [Abstract]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Item 1C. Cybersecurity. Protecting the security of our information systems is of significant importance to Flowers. We follow certain policies, protocols, and practices that address cybersecurity. Risk Management and Strategy. We have processes in place for assessing, identifying and managing material risks from cybersecurity threats. These processes have been integrated into our enterprise risk management system. These processes also cover third-party service provider incidents that may impact the company. Our cybersecurity program includes employee training and a computer security incident response plan (the “CSIRP”) that provides controls and procedures designed to timely and accurately report material cybersecurity incidents. Employees receive regular security training, and we conduct periodic phishing testing to assess whether our employees require additional training. Additionally, we provide our employees with easy-to-use tools to report potential phishing emails. The CSIRP establishes an organizational framework and guidelines to assist the company in identifying, responding to, and recovering from computer security incidents both at the company and its third-party service providers in connection with incidents that may impact the company, including the security incident management team (the “SIM Team”), a legal team (the “Legal Team”) and the computer security incident response team (the “CSIRT”). Each of the SIM Team, the Legal Team, and the CSIRT, often in consultation with the VP of Information Security, has a discrete set of responsibilities and obligations under the CSIRP. The CSIRT is a broad, cross-functional team of management stakeholders assigned with coordinating, developing, and managing the company’s response to computer security incidents when activated. Once the CSIRT has been activated, incidents are reported to a subcommittee of the company’s disclosure committee, which consists of certain senior executives and leaders throughout the company and is charged with making disclosure determinations. The CSIRP provides that, when activated, the CSIRT will lead all aspects of incident response, including the engagement of outside counsel and other third-party resources, such as an external incident response team, forensic resources, a crisis management or public relations firm, or notification service providers. For incidents where the CSIRP is not activated, either the SIM Team or the Legal Team, depending on the circumstances, is expected to lead and manage the incident response. We maintain insurance covering certain costs that may be incurred in connection with cybersecurity incidents, should they occur. However, there is no guarantee that such coverage will be sufficient to address costs, liabilities and damages we may incur in connection with a cybersecurity incident or that such coverage will continue to be available on commercially reasonable terms or at all. The company engages consultants and other third parties to identify and manage cybersecurity risks, including risks from third-party service providers that may impact the company. No risks from cybersecurity threats, including as the result of previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect Flowers’ business strategy, results of operations, or financial condition. However, we may incur significant costs in protecting or remediating cyber-attacks or other cyber incidents. If we are unable to prevent physical and electronic break-ins, cyber-attacks and other information security breaches, we may suffer financial and reputational damage, operational disruptions, be subject to litigation, civil or criminal investigations, regulatory intervention or incur costs related to remediation, payment of ransom or penalties, including as a result of unauthorized disclosure of confidential information belonging to us or to our partners, customers, suppliers or employees. Governance. The company’s board of directors (the "Board" or "Board of Directors") oversees the company’s Information Security program, which is approved annually. The audit committee is tasked with oversight of certain risk issues, including cybersecurity, and regularly reports its activities to the Board of Directors. As described in its charter, the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management the company’s information technology security risk exposures, including (a) the potential impact of those exposures on the company’s business, financial results, operations and reputation, (b) the steps that management has taken to monitor and mitigate such exposures, (c) the company’s information governance policies and programs, and (d) legislative and regulatory developments that could materially impact the company’s privacy and data risk exposure. At the management-level, the company’s IT systems are overseen by our CIO, who has responsibility for information technology strategy and operations. The company's Information Security program is led by the company’s VP of Information Security, who reports directly to the company's chief financial officer. The VP of Information Security has responsibility for information security strategy and operation. The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education. Management tracks cybersecurity incidents through the process described above. Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Risk Management and Strategy. We have processes in place for assessing, identifying and managing material risks from cybersecurity threats. These processes have been integrated into our enterprise risk management system. These processes also cover third-party service provider incidents that may impact the company.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance. The company’s board of directors (the "Board" or "Board of Directors") oversees the company’s Information Security program, which is approved annually. The audit committee is tasked with oversight of certain risk issues, including cybersecurity, and regularly reports its activities to the Board of Directors. As described in its charter, the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management the company’s information technology security risk exposures, including (a) the potential impact of those exposures on the company’s business, financial results, operations and reputation, (b) the steps that management has taken to monitor and mitigate such exposures, (c) the company’s information governance policies and programs, and (d) legislative and regulatory developments that could materially impact the company’s privacy and data risk exposure. At the management-level, the company’s IT systems are overseen by our CIO, who has responsibility for information technology strategy and operations. The company's Information Security program is led by the company’s VP of Information Security, who reports directly to the company's chief financial officer. The VP of Information Security has responsibility for information security strategy and operation. The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education. Management tracks cybersecurity incidents through the process described above. Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The audit committee is tasked with oversight of certain risk issues, including cybersecurity, and regularly reports its activities to the Board of Directors. As described in its charter, the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management the company’s information technology security risk exposures, including (a) the potential impact of those exposures on the company’s business, financial results, operations and reputation, (b) the steps that management has taken to monitor and mitigate such exposures, (c) the company’s information governance policies and programs, and (d) legislative and regulatory developments that could materially impact the company’s privacy and data risk exposure.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management
Cybersecurity Risk Role of Management [Text Block]	At the management-level, the company’s IT systems are overseen by our CIO, who has responsibility for information technology strategy and operations. The company's Information Security program is led by the company’s VP of Information Security, who reports directly to the company's chief financial officer. The VP of Information Security has responsibility for information security strategy and operation. The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education. Management tracks cybersecurity incidents through the process described above. Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Management tracks cybersecurity incidents through the process described above.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management, Strategy and Governance

12 Months Ended

Dec. 28, 2024

Cybersecurity Risk Management, Strategy, and Governance [Abstract]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Item 1C. Cybersecurity.

Protecting the security of our information systems is of significant importance to Flowers. We follow certain policies, protocols, and practices that address cybersecurity.

Risk Management and Strategy. We have processes in place for assessing, identifying and managing material risks from cybersecurity threats. These processes have been integrated into our enterprise risk management system. These processes also cover third-party service provider incidents that may impact the company.

Our cybersecurity program includes employee training and a computer security incident response plan (the “CSIRP”) that provides controls and procedures designed to timely and accurately report material cybersecurity incidents. Employees receive regular security training, and we conduct periodic phishing testing to assess whether our employees require additional training. Additionally, we provide our employees with easy-to-use tools to report potential phishing emails. The CSIRP establishes an organizational framework and guidelines to assist the company in identifying, responding to, and recovering from computer security incidents both at the company and its third-party service providers in connection with incidents that may impact the company, including the security incident management team (the “SIM Team”), a legal team (the “Legal Team”) and the computer security incident response team (the “CSIRT”). Each of the SIM Team, the Legal Team, and the CSIRT, often in consultation with the VP of Information Security, has a discrete set of responsibilities and obligations under the CSIRP. The CSIRT is a broad, cross-functional team of management stakeholders assigned with coordinating, developing, and managing the company’s response to computer security incidents when activated.

Once the CSIRT has been activated, incidents are reported to a subcommittee of the company’s disclosure committee, which consists of certain senior executives and leaders throughout the company and is charged with making disclosure determinations.

The CSIRP provides that, when activated, the CSIRT will lead all aspects of incident response, including the engagement of outside counsel and other third-party resources, such as an external incident response team, forensic resources, a crisis management or public relations firm, or notification service providers. For incidents where the CSIRP is not activated, either the SIM Team or the Legal Team, depending on the circumstances, is expected to lead and manage the incident response.

We maintain insurance covering certain costs that may be incurred in connection with cybersecurity incidents, should they occur. However, there is no guarantee that such coverage will be sufficient to address costs, liabilities and damages we may incur in connection with a cybersecurity incident or that such coverage will continue to be available on commercially reasonable terms or at all.

The company engages consultants and other third parties to identify and manage cybersecurity risks, including risks from third-party service providers that may impact the company.

No risks from cybersecurity threats, including as the result of previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect Flowers’ business strategy, results of operations, or financial condition. However, we may incur significant costs in protecting or remediating cyber-attacks or other cyber incidents. If we are unable to prevent physical and electronic break-ins, cyber-attacks and other information security breaches, we may suffer financial and reputational damage, operational disruptions, be subject to litigation, civil or criminal investigations, regulatory intervention or incur costs related to remediation, payment of ransom or penalties, including as a result of unauthorized disclosure of confidential information belonging to us or to our partners, customers, suppliers or employees.

Governance. The company’s board of directors (the "Board" or "Board of Directors") oversees the company’s Information Security program, which is approved annually. The audit committee is tasked with oversight of certain risk issues, including cybersecurity, and regularly reports its activities to the Board of Directors. As described in its charter, the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management the company’s information technology security risk exposures, including (a) the potential impact of those exposures on the company’s business, financial results, operations and reputation, (b) the steps that management has taken to monitor and mitigate such exposures, (c) the company’s information governance policies and programs, and (d) legislative and regulatory developments that could materially impact the company’s privacy and data risk exposure.

At the management-level, the company’s IT systems are overseen by our CIO, who has responsibility for information technology strategy and operations. The company's Information Security program is led by the company’s VP of Information Security, who reports directly to the company's chief financial officer. The VP of Information Security has responsibility for information security strategy and operation. The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education.

Management tracks cybersecurity incidents through the process described above. Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The audit committee is tasked with oversight of certain risk issues, including cybersecurity, and regularly reports its activities to the Board of Directors. As described in its charter, the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management the company’s information technology security risk exposures, including (a) the potential impact of those exposures on the company’s business, financial results, operations and reputation, (b) the steps that management has taken to monitor and mitigate such exposures, (c) the company’s information governance policies and programs, and (d) legislative and regulatory developments that could materially impact the company’s privacy and data risk exposure.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

the audit committee of the Board of Directors oversees risks related to information technology security and regularly reviews and discusses with the VP of Information Security and other members of management

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Management regularly reports to the audit committee regarding policies and processes for assessing and managing risk associated with information technology and cybersecurity, as well as material cybersecurity incidents.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The VP of Information Security is responsible for managing and assessing material risks from cybersecurity threats. This individual has a variety of IT security skills, experiences and professional expertise, obtained through work experience and information security certifications and education.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Management tracks cybersecurity incidents through the process described above.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true