ENVIRONMENTAL, SOCIAL, AND GOVERNANCE
Operating with Integrity
We know the reputation of our company and our services is critical to our success. Stem is committed to always acting with integrity in every facet of our operations.
Our company leadership drives our sustainability programs and goals, with all employees playing a critical role in developing and achieving our environmental and social ambitions. The Nominating, Governance, and Sustainability Committee of our Board of Directors, as stated in its charter, oversees and makes recommendations to the Board regarding sustainability matters relevant to our business, including policies, activities, and opportunities.
Ethics and Compliance
We are guided by our Code of Business Conduct and Ethics that applies to our company and our subsidiaries. Our Board of Directors has ultimate oversight for our business ethics and compliance programs, with our Compliance Officer holding day-to-day responsibility for administering our compliance programs. We use technology and automated tools to monitor and report on compliance matters. All employees receive training on our ethics and anti-corruption policies and programs when they join the company and receive regular continuous training on our anti-corruption policies and must certify annual compliance with our Code of Business Conduct and Ethics.
To help promote compliance, we maintain a whistleblower program. It offers anonymous, 24/7 reporting of any ethical concern directly to the Audit Committee of our Board of Directors, with information and contact details provided in our Code and on our company intranet. All reported incidents are tracked in a database and investigated until resolved.
"Advancing a resilience agenda within the energy storage industry, governments, utility areas, and permitting jurisdictions of which we work is a priority. Our participation as pioneers in this industry includes advocating for energy equity wherever – and for whoever – possible."
Cybersecurity
The security and privacy of our partners, customers, and products is paramount. Throughout the entire product lifecycle, from design to customer use, Stem’s team of engineers, specialists, and partners strive to make the most secure products possible. Stem applies a zero-trust network access (ZTNA) where access is granted on a tightly defined, “need-to-know” basis. We utilize third-party managed detection and response solutions that give us a 360-degree view of the security of our energy storage systems and provide 24/7 real-time monitoring.
Stem has implemented a Cybersecurity Risk Management Program that’s grounded in National Institute of Standards and Technology (NIST) Best Practices and Guidelines and overseen by our board and executive team. We practice what’s called “defense in depth,” using various layers of protection to maintain data security. We use a leading third party to provide comprehensive, independent, and layered security audit and compliance functions on an annual basis.
Stem has attained the Association of International Certified Professional Accountants (AICPA) System and Organization Controls 2 (SOC2) for achieving compliance of suitably designed and operating system controls and assurance. We also constantly track developments like the cybersecurity framework guidelines from the International Standards Organization (ISO), International Electrotechnical Commission (IEC), and Cybersecurity Maturity Model Certification (CMMC) from the U.S. Department of Defense.
All employees receive continuous training on cybersecurity and privacy, with supplemental micro-training targeted to employees in specific roles.
"Our goal is to collaborate with our customers and partners to provide exceptional service and give them integrated, secure solutions, near-zero touch deployments, and visibility into their energy operations and energy storage systems."
Featured Resources
Blog
Cybersecurity & the Grid
Q&A with Stem’s Head of Cloud Operations & Security, Parminder Sahi
