Stellus Private Credit BDC 10-K Cybersecurity GRC - 2024-03-11

Page last updated on July 16, 2024

Stellus Private Credit BDC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-11 16:30:58 EDT.


10-K filed on 2024-03-11

Stellus Private Credit BDC filed a 10-K at 2024-03-11 16:30:58 EDT
Accession Number: 0001558370-24-002907

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy We have processes in place for assessing, identifying, and managing material risks from potential unauthorized occurrences on or through our electronic information systems that could negatively impact the confidentiality, integrity, or availability of our information systems or the information held on such systems. These processes include controls, procedures, systems and tools that are designed to prevent, detect, or mitigate data loss, theft, misuse, unauthorized access, or other security incidents or vulnerabilities affecting the data. Such processes are set forth in our joint Cybersecurity Policy, Written Information Security Policy and Incident Response Plan with Stellus Capital and the Advisor (collectively, the “Cybersecurity Policy”). The Cybersecurity Policy also sets forth the role of the Company’s Chief Compliance Officer and the Company’s Information Security Team in preparing, implementing, and maintaining incident response procedures. Our Chief Compliance Officer and Information Security Team and responsible for the development and implementation of policies and technical measures to reasonably prevent security incidents. At times we may also engage assessors, consultants, auditors or other third parties to assist with assessing, identifying and managing cybersecurity risk. As part of our risk management process, we conduct assessment and penetration testing, including regular trainings completed by employees of Stellus Capital who provide services to us pursuant to the Administration Agreement and Resource Sharing Agreement between Stellus Capital and the Advisor. Material Impact of Cybersecurity Risks As of the date of this annual report on Form 10-K, we are not aware of any material risks from cybersecurity threats that have materially affected, or are reasonably likely to materially affect, the Company, including our business strategy, results of operations, or financial condition. However, future incidents could have a material impact on our business. Additional information about the cybersecurity risks that we face is discussed in Item 1A of Part I, “Risk Factors” in this annual report on Form 10-K under the heading “We, the Advisor, Stellus Capital Management and our portfolio companies are subject to risks associated with “phishing” and other cyber-attacks.” Oversight of Cybersecurity Risks Our cybersecurity risks and associated mitigation strategies are evaluated by our management and the Information Security Team as needed, but no less frequently than annually. On at least a quarterly basis, the Information Security Team reports to our Board on developments to cybersecurity risks we face. Such reports include, among other things, an overview of the controls and procedures related to assessing, identifying, and managing risks related to cybersecurity threats, oversight of third-party service providers and related cybersecurity threats, and Information Security Team’s evaluation of cybersecurity risks that are material to us.

Company Information

NameStellus Private Credit BDC
SIC Description
Emerging growth company
Fiscal Year EndDecember 30