Stellus Capital Investment Corp 10-K Cybersecurity GRC - 2024-03-04

Page last updated on July 16, 2024

Stellus Capital Investment Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-04 17:27:01 EST.

Filings

10-K filed on 2024-03-04

Stellus Capital Investment Corp filed a 10-K at 2024-03-04 17:27:01 EST
Accession Number: 0001558370-24-002368

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We have processes in place for assessing, identifying, and managing material risks from potential unauthorized occurrences on or through our electronic information systems that could negatively impact the confidentiality, integrity, or availability of our information systems or the information held on such systems. These processes include controls, procedures, systems and tools that are designed to prevent, detect, or mitigate data loss, theft, misuse, unauthorized access, or other security incidents or vulnerabilities affecting the data. Such processes are set forth in our joint Cybersecurity Policy, Written Information Security Policy and Incident Response Plan with Stellus Capital Management (collectively, the “Cybersecurity Policy”). The Cybersecurity Policy also sets forth the role of our Chief Compliance Officer and our Information Security Team in preparing, implementing, and maintaining incident response procedures. Our Chief Compliance Officer and Information Security Team are responsible for the development and implementation of policies and technical measures to reasonably prevent security incidents. At times we may also engage assessors, consultants, auditors or other third parties to assist with assessing, identifying and managing cybersecurity risk. As part of our risk management process, we conduct assessment and penetration testing, including regular trainings completed by employees of Stellus Capital Management who provide services to us pursuant to the Administration Agreement. Material Impact of Cybersecurity Risks As of the date of this Annual Report on Form 10-K, we are not aware of any material risks from cybersecurity threats that have materially affected, or are reasonably likely to materially affect, us, including our business strategy, results of operations, or financial condition. However, future incidents could have a material impact on our business. Additional information about the cybersecurity risks that we face is discussed in Item 1A of Part I, “Risk Factors,” in this Annual Report on Form 10-K under the heading " We, Stellus Capital Management and our portfolio companies are subject to risks associated with “phishing” and other cyber-attacks. " Oversight of Cybersecurity Risks Our cybersecurity risks and associated mitigation strategies are evaluated by our management and the Information Security Team as needed, but no less frequently than annually. On at least a quarterly basis, the Information Security Team reports to our Board on developments to cybersecurity risks we face. Such reports include, among other things, an overview of the controls and procedures related to assessing, identifying, and managing risks related to cybersecurity threats, oversight of third-party service providers and related cybersecurity threats, and Information Security Team’s evaluation of cybersecurity risks that are material to us.


Company Information

NameStellus Capital Investment Corp
CIK0001551901
SIC Description
TickerSCM - NYSE
Website
CategoryNon-accelerated filer
Fiscal Year EndDecember 30