Governance - Enanta Pharmaceuticals

At Enanta we believe we have a responsibility to our shareholders, employees and society. Our aspirations are to cure diseases, reward investors, behave ethically, appropriately assess and manage risk, and respect the environment and society from which we benefit. We consider our governance practices to be consistent with these principles and highlight our strong commitment to Enanta’s stakeholders to be good fiduciaries.

As part of our responsibility, the Board reviews matters related to environmental, social and governance issues, as well as adopting appropriate standards and other required metrics used to measure and track ESG performance and progress. Part of this includes the review of risk assessments and mitigation processes, such as the regular assessment of Enanta’s robust cybersecurity program and business continuity plan.

We invite you to review our governance documents, committee charters, policies and other information found on this corporate governance site and in our SEC filings.

On behalf of the Board of Directors, thank you for your interest in, and support of, Enanta Pharmaceuticals.

Bruce L. A. Carter, Ph.D.
Chair, Enanta Pharmaceuticals Board of Directors

Board of Directors and Committee Information

For information on our Board, including biographies, please see About Us.

Committee Composition

= Chairperson = Member = Chairman of the Board

Committee Charters

Audit Committee

Compensation Committee

Nominating and Corporate Governance Committee

Board Diversity

In accordance with Nasdaq’s Board diversity listing standards, we are also disclosing aggregated statistical information about our Board’s self-identified gender and racial characteristics and LGBTQ+ status as voluntarily confirmed to us by each of our Directors.

The following table contains biographical information as of December 15, 2023. The table includes information provided by the Directors individually as to their age, current position, principal occupation and experience for the past five years, and the names of other public companies for which they currently serve as a Director or have served as a Director during the past five years.

As you read the disclosure, please keep in mind that any specific qualification, attribute or skill that is attributed to one Director should not necessarily imply that other Directors do not possess that qualification, attribute or skill. Furthermore, this disclosure does not impose on any Director any duties, obligations or liability that are greater than the duties, obligations, and liability imposed on each other member of the Board.

Because the discussion of the specific experience, qualifications, attributes or skills of a Director is to be made each year in light of Enanta’s business and structure at that time, the content of this discussion may change for one or more Directors in future years.

Governance Documents

Code of Business Conduct and Ethics

Corporate Governance Guidelines

In addition, the Company has policies covering securities trading and disclosure, and it has a whistleblower hotline.

Enterprise Risk Management (ERM)

For an organization of our size, Enanta has a robust risk management program. This includes a security program, business continuity plan and a comprehensive set of other IT policies.

The CFO has primary responsibility for risk management, with Enanta’s Audit Committee having additional input into risk assessments and risk management, including our cybersecurity program. In general, the Board’s role in the risk oversight process includes receiving reports from time to time from the Audit Committee on areas of material risk to the Company, including operational, financial, legal and regulatory, and strategic and reputational risks.

Information Technology & Cybersecurity

For the protection of Enanta’s employees, partners, and the Company, we have created Information Systems Acceptable Use Policy and Information Best Practices Guidelines to set forth specific rules for acceptable use of a wide variety of communication tools and resources provided to employees for use in running day-to-day business activities. Such tools may include a telephone, voice mail, scanner, Internet, intranet, e-mail, text messaging, portable electronic devices, or any other Company-provided technology. Effective security is a team effort involving the participation and support of every Enanta employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines and to conduct their activities accordingly.

Personal Information Protection / Written Information Security Program (WISP)

In addition to the requirements outlined in Enanta’s policies and procedures, we have developed and implemented a WISP to create effective administrative, technical and physical safeguards for the protection of personal information of our employees. Enanta’s WISP allows it to comply with our obligations under 201 CMR 17.00, which requires employers to establish standards for the protection of personal information of residents of the Commonwealth of Massachusetts. This program includes our procedures for evaluating our electronic and physical methods of accessing, collecting, storing, using, transmitting, and protecting personal information of residents of the Commonwealth of Massachusetts.

Risk Assessment & Mitigation Activities

Enanta’s information technology and cybersecurity program includes a number of additional risk assessment and risk mitigation activities, including: