|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 31, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Line Items]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|
Cybersecurity Risk Management and Strategy
We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical IT Systems and information.
We design and assess our program based on the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF”). This does not imply that we meet any particular technical standards, specifications, or requirements. We use the NIST CSF as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business.
Our cybersecurity risk management program is integrated into our overall enterprise risk management program and shares common methodologies, reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.
Our cybersecurity risk management program includes the following:
There can be no assurance that our cybersecurity risk management program and processes, including our policies, controls or procedures, will be fully implemented, complied with or effective in protecting our systems and information.
Ongoing Risks
We have not experienced any material cybersecurity incidents. We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. For a full discussion of cybersecurity risks, please see our Risk Factors in Item 1A.
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|
Our cybersecurity risk management program is integrated into our overall enterprise risk management program and shares common methodologies, reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|false
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|
Management Oversight of Cybersecurity
Our Chief Information Officer (“CIO”) and the Vice President (“VP”) of Information Security have primary responsibility for our overall cybersecurity risk management program and supervise both our internal cybersecurity personnel and our retained external cybersecurity consultants.
Our former CIO left the Company in January 2025. Currently Shashank Patel, our Chief Financial Officer, is serving as Interim CIO as we proceed with an executive search to appoint a permanent CIO. Mr. Patel has been overseeing the Company’s Information Technology function since he joined the Company in July 2018. References to the CIO and the CIO’s duties refer to our CIO’s historical role, Mr. Patel’s interim CIO role, and our future CIO’s role.
Mr. Patel has over 10 years of experience overseeing an Information Technology function. Our VP of Information Security has over 25 years of experience in leading cybersecurity functions across strategy, architecture, engineering, and operations.
The CIO and VP of Information Security supervise efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include, but are not limited to, risk assessments, including with the support of external advisors, briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the IT environment.
Our Cybersecurity Council, comprised of cross-functional senior leaders from operations, finance, internal audit, product management, and information technology teams, also reviews and assesses security risks and issues from a business and technology perspective across all organizations within Watts on a quarterly basis, with the guidance and input of the CIO and VP of Information Security. Our executive management team is responsible for assessing our material, or reasonably likely to be material, risks from cybersecurity threats with the advice and input of the CIO and VP of Information Security, including based on the above and from external advisors as necessary.
Board Oversight of Cybersecurity
Our Board considers cybersecurity risks as part of its risk oversight function and has delegated to the Audit Committee oversight of cybersecurity and other information technology risks.
The Audit Committee oversees management’s implementation of our cybersecurity risk management program and receives updates on the cybersecurity risk management program from the CIO and the VP of Information Security at least twice yearly. In addition, management updates the Audit Committee regarding any material or significant cybersecurity incidents, as well as incidents with lesser impact potential as necessary.
The Audit Committee reports to the full Board annually regarding cybersecurity. The full Board also receives annual briefings from the CIO and the VP of Information Security on cybersecurity, or from external experts on cybersecurity as part of the Board’s continuing education on topics that impact public companies.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|
Our Board considers cybersecurity risks as part of its risk oversight function and has delegated to the Audit Committee oversight of cybersecurity and other information technology risks.
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|
The Audit Committee oversees management’s implementation of our cybersecurity risk management program and receives updates on the cybersecurity risk management program from the CIO and the VP of Information Security at least twice yearly. In addition, management updates the Audit Committee regarding any material or significant cybersecurity incidents, as well as incidents with lesser impact potential as necessary.
The Audit Committee reports to the full Board annually regarding cybersecurity. The full Board also receives annual briefings from the CIO and the VP of Information Security on cybersecurity, or from external experts on cybersecurity as part of the Board’s continuing education on topics that impact public companies.
|Cybersecurity Risk Role of Management [Text Block]
|
Management Oversight of Cybersecurity
Our Chief Information Officer (“CIO”) and the Vice President (“VP”) of Information Security have primary responsibility for our overall cybersecurity risk management program and supervise both our internal cybersecurity personnel and our retained external cybersecurity consultants.
Our former CIO left the Company in January 2025. Currently Shashank Patel, our Chief Financial Officer, is serving as Interim CIO as we proceed with an executive search to appoint a permanent CIO. Mr. Patel has been overseeing the Company’s Information Technology function since he joined the Company in July 2018. References to the CIO and the CIO’s duties refer to our CIO’s historical role, Mr. Patel’s interim CIO role, and our future CIO’s role.
Mr. Patel has over 10 years of experience overseeing an Information Technology function. Our VP of Information Security has over 25 years of experience in leading cybersecurity functions across strategy, architecture, engineering, and operations.
The CIO and VP of Information Security supervise efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include, but are not limited to, risk assessments, including with the support of external advisors, briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the IT environment.
Our Cybersecurity Council, comprised of cross-functional senior leaders from operations, finance, internal audit, product management, and information technology teams, also reviews and assesses security risks and issues from a business and technology perspective across all organizations within Watts on a quarterly basis, with the guidance and input of the CIO and VP of Information Security. Our executive management team is responsible for assessing our material, or reasonably likely to be material, risks from cybersecurity threats with the advice and input of the CIO and VP of Information Security, including based on the above and from external advisors as necessary.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|Our Chief Information Officer (“CIO”) and the Vice President (“VP”)
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|
Mr. Patel has over 10 years of experience overseeing an Information Technology function. Our VP of Information Security has over 25 years of experience in leading cybersecurity functions across strategy, architecture, engineering, and operations.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|
The CIO and VP of Information Security supervise efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include, but are not limited to, risk assessments, including with the support of external advisors, briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the IT environment.
Our Cybersecurity Council, comprised of cross-functional senior leaders from operations, finance, internal audit, product management, and information technology teams, also reviews and assesses security risks and issues from a business and technology perspective across all organizations within Watts on a quarterly basis, with the guidance and input of the CIO and VP of Information Security. Our executive management team is responsible for assessing our material, or reasonably likely to be material, risks from cybersecurity threats with the advice and input of the CIO and VP of Information Security, including based on the above and from external advisors as necessary.
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef