|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 28, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Line Items]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|The Company has processes in place for assessing, identifying and managing risks from potential cyber threats and vulnerabilities. To protect the Company’s information systems from cyber threats, the Company uses a variety of tools, controls, technologies, methods, systems and other processes that are designed to prevent, detect, escalate, investigate, mitigate and/or remediate data loss, theft, misuse, unauthorized access or other security incidents or vulnerabilities affecting information systems and data.
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|The Company has processes in place for assessing, identifying and managing risks from potential cyber threats and vulnerabilities. To protect the Company’s information systems from cyber threats, the Company uses a variety of tools, controls, technologies, methods, systems and other processes that are designed to prevent, detect, escalate, investigate, mitigate and/or remediate data loss, theft, misuse, unauthorized access or other security incidents or vulnerabilities affecting information systems and data.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|false
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|
The Company’s Chief Information Security Officer (“CISO”) and Vice President, Chief Audit Executive, who oversees the Company’s enterprise risk management (“ERM”) framework, partner on definition and treatment of cyber risks. Cybersecurity is a component of the Company’s ERM framework and processes. The Company utilizes a range of capabilities to help identify and assess potential cyber threats and vulnerabilities, which feed into the development and regular updating of a risk mitigation plan to help manage the Company’s cybersecurity risk posture. The Company evaluates cyber security risks on an ongoing basis across several categories in terms of probability of the likelihood and magnitude of potential impact, using evaluation results to inform areas of focus and prioritization.
The Company evaluates risks associated with use of third-party providers through a lifecycle-based approach, conducting risk-based due diligence before engagement, using contractual provisions to apportion risk, and for certain third-party providers, engaging in architectural review and validation at the beginning of engagement. The Company uses third parties to assist with penetration testing, simulated attacks and survey and other threat intelligence reporting on third parties, as well as review and enhancement of associated response processes.
The Company’s cyber risk mitigation plan is reviewed on a bimonthly cadence with a cross-functional Cyber Steering Committee, the managerial governing body that regularly reviews the top cyber risks and receives reports on progress on key cyber initiatives. The Company’s CISO leads the Cyber Steering Committee, which also includes individuals with experience identifying and managing enterprise risks, including the Company’s President and Chief Executive Officer, Executive Vice President, Chief Financial Officer, Executive Vice President, General Counsel and Corporate Secretary and Vice President, Chief Audit Executive, as well as individuals with technical expertise in information technology, data governance and cyber matters and/or experience in managing cyber incident responses, including the Company’s Executive Vice President, Chief Technology Officer, Vice President, Information Technology Operations and Senior Vice President, Deputy General Counsel and Chief Compliance Officer.
The Internal Audit function assesses cyber security risks and audits components of cyber security on an annual basis. At least every three years, the Company uses an external party to evaluate the maturity of the program against the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework.The Audit Committee of the Company’s Board of Directors is charged with reviewing, discussing with management and overseeing the Company’s information technology and cybersecurity risk. The Audit Committee receives reports on cybersecurity risk and management thereof at least semi-annually, and the full Board of Directors receives such reports at least annually.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The Company’s Chief Information Security Officer (“CISO”) and Vice President, Chief Audit Executive, who oversees the Company’s enterprise risk management (“ERM”) framework, partner on definition and treatment of cyber risks.
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The Audit Committee of the Company’s Board of Directors is charged with reviewing, discussing with management and overseeing the Company’s information technology and cybersecurity risk. The Audit Committee receives reports on cybersecurity risk and management thereof at least semi-annually, and the full Board of Directors receives such reports at least annually.
|Cybersecurity Risk Role of Management [Text Block]
|The Company’s Chief Information Security Officer (“CISO”) and Vice President, Chief Audit Executive, who oversees the Company’s enterprise risk management (“ERM”) framework, partner on definition and treatment of cyber risks. Cybersecurity is a component of the Company’s ERM framework and processes. The Company utilizes a range of capabilities to help identify and assess potential cyber threats and vulnerabilities, which feed into the development and regular updating of a risk mitigation plan to help manage the Company’s cybersecurity risk posture. The Company evaluates cyber security risks on an ongoing basis across several categories in terms of probability of the likelihood and magnitude of potential impact, using evaluation results to inform areas of focus and prioritization.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|The Company’s Chief Information Security Officer (“CISO”) and Vice President, Chief Audit Executive, who oversees the Company’s enterprise risk management (“ERM”) framework, partner on definition and treatment of cyber risks.
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|he Company’s CISO leads the Cyber Steering Committee, which also includes individuals with experience identifying and managing enterprise risks, including the Company’s President and Chief Executive Officer, Executive Vice President, Chief Financial Officer, Executive Vice President, General Counsel and Corporate Secretary and Vice President, Chief Audit Executive, as well as individuals with technical expertise in information technology, data governance and cyber matters and/or experience in managing cyber incident responses, including the Company’s Executive Vice President, Chief Technology Officer, Vice President, Information Technology Operations and Senior Vice President, Deputy General Counsel and Chief Compliance Officer.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|The Audit Committee of the Company’s Board of Directors is charged with reviewing, discussing with management and overseeing the Company’s information technology and cybersecurity risk. The Audit Committee receives reports on cybersecurity risk and management thereof at least semi-annually,
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef