Summary
This document is a guideline for partners regarding cybersecurity controls required by stc. It outlines the objective of the Security Pass Program, which is to ensure that all partners adhere to the cybersecurity requirements set forth in the stc Partners Cybersecurity Standard. The guideline provides comprehensive instructions for partners to obtain Security Pass Certification from an Authorized Audit Firm. It details the requirements for various cybersecurity controls, including policies for data classification, staffing for cybersecurity roles, and the establishment of cybersecurity policies. Additionally, the document specifies the evidence that partners must provide to demonstrate compliance with each control, such as organizational charts, job descriptions, and cybersecurity training materials. The guideline also addresses the processes for risk management, access control, password protection, and visitor management, ensuring that partners maintain a secure environment for handling sensitive information.
