SIO-9.6.9
Management must ensure that:
(a) The stablecoin issuer has identified clear internal ownership and classification for all information assets and data;
(b) The stablecoin issuer has maintained an inventory of the information assets and data which is reviewed and updated regularly;
(c) Employees responsible for cyber security are adequate to manage the licensed stablecoin issuer’s cyber security risks and facilitate the performance and continuous improvement of all relevant cyber security controls; and
(d) It provides and requires employees involved in cyber security to attend regular cyber security update and training sessions (for example Security+, CEH, CISSP, CISA, CISM, CCSP) to stay abreast of changing cyber security threats and countermeasures.
Added: July 2025