Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We maintain a cyber risk management program designed to assess, identify, manage, mitigate and respond to cybersecurity threats and incidents. We seek to address material risks from cybersecurity threats through a cross-functional approach, and we utilize various processes to inform our identification, assessment and management of material risks from cybersecurity threats. Our cyber risk management program is integrated into our overall enterprise risk management (ERM) program. Cybersecurity risks are identified and assessed through our ERM program, which is designed to provide cross-functional executive insight across the business to identify and monitor risks, opportunities and emerging trends that can impact our strategic business objectives. The underlying controls of our cyber risk management program are based on recognized best practices and standards for cybersecurity and information technology, including the National Institute of Standards and Technology Cybersecurity Framework. We utilize dedicated internal and external cybersecurity personnel to focus on assessing, detecting, identifying, managing, preventing and responding to cybersecurity threats and incidents. Our approach to cybersecurity incorporates a layered portfolio of technology controls, including strategic partnerships for our cybersecurity platforms, documented policies and procedures, periodic end user training, including cybersecurity awareness training for employees and certain contractors, and dedicated resources to manage and monitor the evolving threat landscape, including through the gathering of actionable threat intelligence. We maintain and periodically evaluate and, as needed, update our information security policy and an incident response plan, which describes the processes we use to prepare for, detect, respond to and recover from a cybersecurity incident, including processes to assess severity, escalate, contain, investigate and remediate an incident, as well as to comply with potentially applicable legal and disclosure obligations. We regularly evaluate and assess the threat landscape and our security controls, including through audits and assessments, regular network and endpoint monitoring, vulnerability testing, penetration testing and tabletop exercises that include senior management. To assess the design and effectiveness of our cybersecurity controls, we engage with assessors, consultants, auditors and other third parties, including through independent third-party reviews of our information technology security program conducted on at least an annual basis. We also have processes to oversee and identify material cybersecurity risks associated with our use of third-party service providers, including utilizing safeguards to protect sensitive data, performing diligence on certain third parties that have access to our systems, data or facilities that store such systems or data, continually monitoring cybersecurity threat risks identified through such diligence and contracting to manage cybersecurity risks in specified ways such as requiring agreements to be subject to periodic cybersecurity audits. We have experienced targeted and non-targeted cybersecurity incidents in the past, including an incident in August 2023 that affected certain of our information systems and resulted in temporary disruptions to parts of our operations. However, prior cybersecurity incidents, including the August 2023 incident, have not materially affected us. Notwithstanding our cyber risk management program, we may not be successful in preventing or mitigating a cybersecurity incident that could materially affect us, including our business strategy, results of operations or financial condition. Refer to Item 1A. “Risk Factors” for further information on the risks we face from cybersecurity threats.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	While management is responsible for the day-to-day management of cybersecurity risks, our Board and its Audit Committee have ongoing oversight roles. The Audit Committee reviews and discusses with management, including reports from our Chief Innovation Officer, at least annually: •the adequacy and effectiveness of our information technology security processes and procedures, •the assessment of risks and threats to our information technology systems, •the internal controls regarding information technology security and cybersecurity, and •the steps management has taken to monitor and mitigate information technology security and cybersecurity risks. The Audit Committee also periodically receives reports on notable cybersecurity incidents and briefs the full Board on these matters.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	While management is responsible for the day-to-day management of cybersecurity risks, our Board and its Audit Committee have ongoing oversight roles. The Audit Committee reviews and discusses with management, including reports from our Chief Innovation Officer, at least annually: •the adequacy and effectiveness of our information technology security processes and procedures, •the assessment of risks and threats to our information technology systems, •the internal controls regarding information technology security and cybersecurity, and •the steps management has taken to monitor and mitigate information technology security and cybersecurity risks. The Audit Committee also periodically receives reports on notable cybersecurity incidents and briefs the full Board on these matters.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board.
Cybersecurity Risk Role of Management [Text Block]	Our Senior Vice President and Chief Innovation Officer, who has served in various senior leadership roles in operational improvement and technology during his nearly 30-year tenure with us, leads our innovation and technology initiatives, corporate information systems and financial shared services. Our cybersecurity risk management and strategy processes described in “Risk Management and Strategy” above are led by our Chief Information Officer (CIO) and our Chief Information Security Officer (CISO). Our CIO and CISO each report to our Chief Innovation Officer. Our CIO is responsible for the strategy, deployment, operational effectiveness and risk management of our technology systems and operations. Our CIO has over 30 years of experience in technology, cybersecurity and risk management, including leading information and technology initiatives for companies in the mining and energy sectors as a partner and senior managing director at a global professional services public company specializing in information technology services and management consulting. Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board. Our CISO has 30 years of experience in the technology and cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional. Our ERM management committee is responsible for providing input and oversight on our ERM program, including cybersecurity risks. Our ERM management committee is comprised of senior leaders, including our Chief Innovation Officer, with responsibility across operations and core business functions, and with a breadth of knowledge, influence and experience covering the risks we face. An annual report on our enterprise risks, including cybersecurity risks, is presented to the Audit Committee and/or the full Board of Directors (Board).
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our cybersecurity risk management and strategy processes described in “Risk Management and Strategy” above are led by our Chief Information Officer (CIO) and our Chief Information Security Officer (CISO).
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CIO has over 30 years of experience in technology, cybersecurity and risk management, including leading information and technology initiatives for companies in the mining and energy sectors as a partner and senior managing director at a global professional services public company specializing in information technology services and management consulting. Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board. Our CISO has 30 years of experience in the technology and cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our Senior Vice President and Chief Innovation Officer, who has served in various senior leadership roles in operational improvement and technology during his nearly 30-year tenure with us, leads our innovation and technology initiatives, corporate information systems and financial shared services. Our cybersecurity risk management and strategy processes described in “Risk Management and Strategy” above are led by our Chief Information Officer (CIO) and our Chief Information Security Officer (CISO). Our CIO and CISO each report to our Chief Innovation Officer. Our CIO is responsible for the strategy, deployment, operational effectiveness and risk management of our technology systems and operations. Our CIO has over 30 years of experience in technology, cybersecurity and risk management, including leading information and technology initiatives for companies in the mining and energy sectors as a partner and senior managing director at a global professional services public company specializing in information technology services and management consulting. Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board. Our CISO has 30 years of experience in the technology and cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We maintain a cyber risk management program designed to assess, identify, manage, mitigate and respond to cybersecurity threats and incidents. We seek to address material risks from cybersecurity threats through a cross-functional approach, and we utilize various processes to inform our identification, assessment and management of material risks from cybersecurity threats. Our cyber risk management program is integrated into our overall enterprise risk management (ERM) program. Cybersecurity risks are identified and assessed through our ERM program, which is designed to provide cross-functional executive insight across the business to identify and monitor risks, opportunities and emerging trends that can impact our strategic business objectives. The underlying controls of our cyber risk management program are based on recognized best practices and standards for cybersecurity and information technology, including the National Institute of Standards and Technology Cybersecurity Framework.

We utilize dedicated internal and external cybersecurity personnel to focus on assessing, detecting, identifying, managing, preventing and responding to cybersecurity threats and incidents. Our approach to cybersecurity incorporates a layered portfolio of technology controls, including strategic partnerships for our cybersecurity platforms, documented policies and procedures, periodic end user training, including cybersecurity awareness training for employees and certain contractors, and dedicated resources to manage and monitor the evolving threat landscape, including through the gathering of actionable threat intelligence. We maintain and periodically evaluate and, as needed, update our information security policy and an incident response plan, which describes the processes we use to prepare for, detect, respond to and recover from a cybersecurity incident, including processes to assess severity, escalate, contain, investigate and remediate an incident, as well as to comply with potentially applicable legal and disclosure obligations.

We regularly evaluate and assess the threat landscape and our security controls, including through audits and assessments, regular network and endpoint monitoring, vulnerability testing, penetration testing and tabletop exercises that include senior management. To assess the design and effectiveness of our cybersecurity controls, we engage with assessors, consultants, auditors and other third parties, including through independent third-party reviews of our information technology security program conducted on at least an annual basis. We also have processes to oversee and identify material cybersecurity risks associated with our use of third-party service providers, including utilizing safeguards to protect sensitive data, performing diligence on certain third parties that have access to our systems, data or facilities that store such systems or data, continually monitoring cybersecurity threat risks identified through such diligence and contracting to manage cybersecurity risks in specified ways such as requiring agreements to be subject to periodic cybersecurity audits.

We have experienced targeted and non-targeted cybersecurity incidents in the past, including an incident in August 2023 that affected certain of our information systems and resulted in temporary disruptions to parts of our operations. However, prior cybersecurity incidents, including the August 2023 incident, have not materially affected us. Notwithstanding our cyber risk management program, we may not be successful in preventing or mitigating a cybersecurity incident that could materially affect us, including our business strategy, results of operations or financial condition. Refer to Item 1A. “Risk Factors” for further information on the risks we face from cybersecurity threats.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

While management is responsible for the day-to-day management of cybersecurity risks, our Board and its Audit Committee have ongoing oversight roles. The Audit Committee reviews and discusses with management, including reports from our Chief Innovation Officer, at least annually:

•the adequacy and effectiveness of our information technology security processes and procedures,

•the assessment of risks and threats to our information technology systems,

•the internal controls regarding information technology security and cybersecurity, and

•the steps management has taken to monitor and mitigate information technology security and cybersecurity risks.

The Audit Committee also periodically receives reports on notable cybersecurity incidents and briefs the full Board on these matters.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

•the adequacy and effectiveness of our information technology security processes and procedures,

•the assessment of risks and threats to our information technology systems,

•the internal controls regarding information technology security and cybersecurity, and

•the steps management has taken to monitor and mitigate information technology security and cybersecurity risks.

The Audit Committee also periodically receives reports on notable cybersecurity incidents and briefs the full Board on these matters.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board.

Cybersecurity Risk Role of Management [Text Block]

Our Senior Vice President and Chief Innovation Officer, who has served in various senior leadership roles in operational improvement and technology during his nearly 30-year tenure with us, leads our innovation and technology initiatives, corporate information systems and financial shared services. Our cybersecurity risk management and strategy processes described in “Risk Management and Strategy” above are led by our Chief Information Officer (CIO) and our Chief Information Security Officer (CISO). Our CIO and CISO each report to our Chief Innovation Officer. Our CIO is responsible for the strategy, deployment, operational effectiveness and risk management of our technology systems and operations. Our CIO has over 30 years of experience in technology, cybersecurity and risk management, including leading information and technology initiatives for companies in the mining and energy sectors as a partner and senior managing director at a global professional services public company specializing in information technology services and management consulting. Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board. Our CISO has 30 years of experience in the technology and

cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional.

Our ERM management committee is responsible for providing input and oversight on our ERM program, including cybersecurity risks. Our ERM management committee is comprised of senior leaders, including our Chief Innovation Officer, with responsibility across operations and core business functions, and with a breadth of knowledge, influence and experience covering the risks we face. An annual report on our enterprise risks, including cybersecurity risks, is presented to the Audit Committee and/or the full Board of Directors (Board).

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Our cybersecurity risk management and strategy processes described in “Risk Management and Strategy” above are led by our Chief Information Officer (CIO) and our Chief Information Security Officer (CISO).

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our CIO has over 30 years of experience in technology, cybersecurity and risk management, including leading information and technology initiatives for companies in the mining and energy sectors as a partner and senior managing director at a global professional services public company specializing in information technology services and management consulting. Our CISO is responsible for protecting our global technology systems from cybersecurity incidents, which includes overseeing the deployment of cybersecurity controls, managing a team of cybersecurity professionals and reporting on cybersecurity matters to management and the Audit Committee of our Board. Our CISO has 30 years of experience in the technology and cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

cybersecurity industries, including 15 years serving as CISO for public companies. Our CISO is also a Certified Information Systems Security Professional.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true