Generally 3 months provided all documentation and minimum criteria is met.
ST4S assessments are similar to other cybersecurity and privacy reviews such as SOC, ISO etc. The timeframe to complete an assessment is an estimate based on the effort required in reviewing documentation, inspecting the service, reviewing the privacy policy and other verification activities.
