SWIFT CSP Compliance


SWIFT CSP Compliance

The SWIFT Customer Security Controls Framework describes a set of mandatory and advisory security controls for SWIFT customers. 

There are 2 controls which SWIFT says  

  • Advisory controls 
  • Mandatory control 

The mandatory security controls establish a security baseline for the entire community, and must be implemented by all users on their local SWIFT infrastructure. SWIFT has chosen to prioritise these mandatory controls to set a realistic goal for near-term, tangible security gain and risk reduction.  

Objectives of SWIFT CSP Assessments

Secure your environment
Know and limit access
Detect and respond

Principles of SWIFT CSP Assessments

  • Restrict internet access
  • Protect critical systems from the general IT environment
  • Reduce attack surfaces and vulnerabilities
  • Physically secure the environmentPrevent compromise of credentials
  • Manage identities and segregate privileges
  • Detect anomalous system activity or transaction records
  • Plan for incident response and information sharing

SWIFT CSP Assessment Methodology

Our methodology is based on the experience of the successful projects implementations and maintenance of the Information Security Management Systems (ISMS) and. Our approach is to start with getting a comprehensive understanding of the customer environment and current SWIFT CSP compliance position and to continue with  a remediation plan to address any gaps and thus to conclude by bringing in our experts into implementing remediation activities. 

SWIFT requires users to follow the two steps 

  • Self-assessment against the SWIFT Customer Security Controls Framework (CSCF) 
  • Self-attestation following the SWIFT Customer Security Controls Policy 
how can we help you?

Speak to our Security Experts at the earliest to assist you in your Cyber Security requirements.

Do you need to perform a SWIFT CSP Assessment?