Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Jun. 30, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Abstract] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Risk
Management Strategy We are a clinical-stage pharmaceutical company developing treatments for cannabis-induced toxicity, such as acute cannabis-induced toxicity in children, acute cannabinoid intoxication (“ACI”) in adults, and the broader landscape of acute cannabis-induced conditions. We and our third-party service providers, such as contract research organizations (“CROs”), collect, process, transmit, and store sensitive data on our systems, including intellectual property, proprietary or confidential business information, and a variety of personal data.
We rely on third parties, including cloud vendors, for various business functions. We select key third-party service providers based on several factors, including the type of data processed and the nature of services offered, and we oversee such key third-party service providers by conducting vendor diligence upon onboarding and ongoing monitoring, including a review of SOC-1 reports on an annual basis. Anebulo’s management team has prior experience selecting, deploying, and overseeing cybersecurity technologies, initiatives, and processes and relies on threat intelligence as well as other information obtained from governmental, public, or private sources.
We have adopted processes designed to identify, assess and manage material risks from cybersecurity threats. Those processes include response to and an assessment of internal and external threats to the security, confidentiality, integrity and availability of our data and information systems, along with other material risks to our operations. In addition, we have implemented procedures over certain areas such as access on/offboarding and account management to help govern the processes put in place by management designed to protect our IT assets, data, and services from threats and vulnerabilities. |
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Governance Management is responsible for the day-to-day management of the risks we face, while our board of directors has responsibility for the oversight of risk management, including risks from cybersecurity threats. The audit committee has primary responsibility for oversight of cybersecurity and is briefed on cybersecurity risks at least once a year and following any material cybersecurity incidents. Our board of directors receives periodic updates from our audit committee regarding matters of cybersecurity. Our board members also engage in ad hoc conversations with management on cybersecurity-related news events and discuss any significant updates to our cybersecurity risk management and initiatives.
As of the date of this Annual Report, we have not experienced a cybersecurity incident that resulted in a material effect on our business strategy, results of operations, or financial condition. For more information, see “Risk factors - If our internal information technology systems or sensitive information, or those of our third-party CROs or other contractors or consultants, are or were compromised, we could experience adverse consequences from such compromise, including but not limited to, a material disruption of the development of our product candidates, regulatory investigations or actions, litigation, fines and penalties, reputational harm, loss of revenue or profits, and other adverse consequences.”
|
| Cybersecurity Risk Role of Management [Text Block] | We are a clinical-stage pharmaceutical company developing treatments for cannabis-induced toxicity, such as acute cannabis-induced toxicity in children, acute cannabinoid intoxication (“ACI”) in adults, and the broader landscape of acute cannabis-induced conditions. We and our third-party service providers, such as contract research organizations (“CROs”), collect, process, transmit, and store sensitive data on our systems, including intellectual property, proprietary or confidential business information, and a variety of personal data. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The audit committee has primary responsibility for oversight of cybersecurity and is briefed on cybersecurity risks at least once a year and following any material cybersecurity incidents. Our board of directors receives periodic updates from our audit committee regarding matters of cybersecurity. Our board members also engage in ad hoc conversations with management on cybersecurity-related news events and discuss any significant updates to our cybersecurity risk management and initiatives. |