IHOP 2015 Annual Report Download - page 33

Download and view the complete annual report

Please find page 33 of the 2015 IHOP annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

13
The occurrence of cyber incidents, or a deficiency in our cybersecurity, could negatively impact our business by causing
a disruption to our operations, a compromise or corruption of our confidential information, and/or damage to our employee
and business relationships, all of which could subject us to loss and harm our brands. A cyber incident is considered to be
any adverse event that threatens the confidentiality, integrity, or availability of our information resources. More specifically, a
cyber incident is an intentional attack or an unintentional event that can include gaining unauthorized access to systems to
disrupt operations, corrupt data, or steal confidential information about our customers, franchisees, vendors and employees. As
our reliance on technology has increased, so have the risks posed to our systems, both internal and those we have outsourced.
Primary risks that could directly result from the occurrence of a cyber incident include (i) exposure of confidential data about
our customers, franchisees, vendors and employees, (ii) damage to the reputation of our brands (iii) damage to our relationship
with our franchisees and (iv) interruption of our business.
As a merchant and service provider of point of sale related services, we are subject to the Payment Card Industry Data
Security Standard (“PCI DSS”), issued by the Payment Card Industry Council. PCI DSS contains compliance guidelines and
standards with regard to our security surrounding the physical and electronic storage, processing and transmission of individual
cardholder data. Despite our information security measures and our efforts to comply with PCI DSS guidelines, we cannot be
certain that all of our information technology systems are able to prevent, contain or detect any cyber-attacks or security
breaches from known malware or malware that may be developed in the future.
Our use of personally identifiable information is regulated by international, federal and state laws, as well as by certain
third-party agreements. If our security and information systems are compromised or if our employees or franchisees fail to
comply with these laws and regulations, and this information is obtained by unauthorized persons or used inappropriately, it
could adversely affect our reputation and could disrupt our operations and result in costly litigation, judgments, or penalties
resulting from violation of federal and state laws and payment card industry regulations. As privacy and information security
laws and regulations change, we may incur additional costs to ensure that we remain in compliance with those laws and
regulations.
Factors outside our control may harm our brands' reputations. The success of our restaurant business is largely
dependent upon brand recognition and the strength of our franchise systems. The continued success of our franchisees and our
company-operated restaurants will be directly dependent upon the maintenance of a favorable public view of the Applebee's
and IHOP brands. Negative publicity (e.g., crime, scandal, litigation, on-site accidents and injuries or other harm to customers,
food-borne illness) at a single Applebee's or IHOP location can have a substantial negative impact on the operations of all
restaurants within the Applebee's or IHOP system. Multi-unit food service businesses such as ours can be materially and
adversely affected by widespread negative publicity of any type, but particularly regarding food quality, food-borne illness,
food tampering, obesity, injury or other health concerns with respect to certain foods, regardless of whether such claim is
accurate or valid. The risk of food-borne illness or food tampering cannot be completely eliminated. Any outbreak of food-
borne illness or other food-related incidents attributed to Applebee's or IHOP restaurants or within the food service industry or
any widespread negative publicity regarding the Applebee's or IHOP brands or the restaurant industry in general could harm
our reputation. Even where such food-related incidents occur solely at restaurants of our competitors or within the industry, our
sales could be adversely affected as a result of negative publicity about the restaurant industry generally. Although the
Company maintains liability insurance, and each franchisee is required to maintain liability insurance pursuant to its franchise
agreements, a liability claim could injure the reputation of all Applebee's or IHOP restaurants, whether or not it is ultimately
successful.
Declines in our financial performance could result in impairment charges in future periods. United States generally
accepted accounting principles (“U.S. GAAP”) require annual (or more frequently if events or changes in circumstances
warrant) impairment tests of goodwill, intangible assets and other long-lived assets. Generally speaking, if the carrying value of
the asset is in excess of the estimated fair value of the asset, the carrying value will be adjusted to fair value through an
impairment charge. Fair values of goodwill and intangible assets are primarily estimated using discounted cash flows based on
five-year forecasts of financial results that incorporate assumptions as to same-restaurant sales trends, future development plans
and brand-enhancing initiatives, among other things. Fair values of long-lived tangible assets are primarily estimated using
discounted cash flows over the estimated useful lives of the assets. Significant underachievement of forecasted results could
reduce the estimated fair value of these assets below the carrying value, requiring non-cash impairment charges to reduce the
carrying value of the asset. As of December 31, 2015, our total stockholders' equity was $267.2 million. A significant
impairment write-down of goodwill, intangible assets or long-lived assets in the future could result in a deficit balance in
stockholders' equity. While such a deficit balance would not create an event of default in any of our contractual agreements, the
negative perception of such a deficit could have an adverse effect on our stock price and could impair our ability to obtain new
financing, or refinance existing indebtedness on commercially reasonable terms or at all.