Swift CSP Certified Assessors
Table of contents
Overview
Swift understands the critical role played by Customer Security Programme (CSP) assessment providers in supporting and maintaining the security and integrity of Swift users. The purpose of the Swift CSP Assessor Certification is to raise the expertise of independent assessors and to standardise the CSP assessment methodology for a better alignment of the assessment scope and costs.
Benefits
- Credibility and reputation: Both the Swift CSP assessment providers and their certified assessors will receive a Swift label highlighting that they are part of a widely recognised certification programme. This strengthens the positioning of Swift CSP assessment providers and certified assessors as trusted assessors within the financial industry. By obtaining the certification, the Swift CSP assessment providers and certified assessors demonstrate their commitment to upholding the highest security standards.
-
Market differentiation: The Swift CSP assessment providers and certified assessors will be published in a dedicated directory on swift.com and the KYC-SA application will indicate if a user has been subject to an assessment done by a Swift CSP certified assessor. By showcasing their compliance with Swift's rigorous security requirements, they show their competitive advantage. This differentiation can attract more customers who prioritise security.
- Collaboration and knowledge exchange: Participation in the certification program allows Swift CSP assessment providers to engage in certified assessors’ round tables and CSP working groups. Swift will provide additional guidance through documentation and newsletters. Swift can offer a platform for joint testimonials at Swift events or in event publications. Swift CSP assessment providers and certified assessors will have direct access to the CSP Subject Matter Experts. to support them more effectively while performing their customers assessments. This fosters collaboration, knowledge sharing, and best practice development, enabling providers to deliver even better CSP assessment services to their customers
What's covered?
Registered CSP assessment providers in the Swift Partner Programme will have to meet specific eligibility criteria and employ at a minimum of 2 Assessors that have successfully completed the Swift CSP Assessor Certification by passing the corresponding exam. Registered Swift CSP assessment providers and Swift CSP Certified Assessors will be promoted and visible in the dedicated Swift CSP Certified Assessors Directory (on swift.com and in the KYC-SA application). Specific report templates and effort estimates for standardisation and cost containment will be made available. Swift CSP Certified Assessors will be subject to quality assessments by Swift. Working with a Swift CSP Certified Assessor remains optional for Swift users.
Companies that want to be listed in the Swift CSP Certified Assessors Directory must satisfy the following eligibility criteria:
- demonstrate at least 2 years of experience with assessments against recognised security control frameworks such as PCI DSS, ISO 27002, NIST SP 800-53, SOC-2, NIST Cybersecurity Framework or the CSP/CSCF framework. Other industry standards are permissible if they provide the same level of robustness
- pass the basic Swift due diligence procedure
- commit to a code of conduct regarding pricing, scope definition, testing and key deliverables
- certify a minimum of 2 Swift CSP Assessors
- register in the Swift Partner programme and subscribe to the Swift CSP Assessor certification
- agree to the Swift confidentiality clauses as defined in the Swift General Terms and Conditions
How to apply for the Swift CSP Assessor Certification
1. Register
If your organisation is new to Swift, a swift.com user account is required to be created (ideally by the person who will be the contact person for this process). This will grant access to the relevant application forms that are required to be submitted.
- Carefully read the Swift Partner Programme Terms and Conditions
- Create an account on swift.com.
2. Carefully read the following document
Make sure you have understood the details of the Swift CSP Assessor certification.
3. Submit a business interest form
- Submit a Partner Business Interest Form to provide details about your experience in the field of delivering cyber security assessments (Choose CSP Assessor Certification from drop-down menu).
If you are already a registered provider, please provide your PIC in that form.
The submission of this business form applies to new providers and to existing providers.
- We will review your request and then confirm your eligibility.
- If your company is new to Swift, you will need to register it in the Swift Partner Programme first
- If you already have a PIC (Partner Identifier Code), continue reading from step 4
4. Submit the Swift CSP Assessor Certification registration form
Once Swift has confirmed your registration in the Partner Programme, you will be required to complete and submit the Swift CSP Assessor Certification registration form (available from November 2023).
You will be asked to provide the names and current certifications of the assessors you wish to certify.
The submission of this form will trigger the billing process, as per details of Swift CSP Assessors Certification and Assessment Providers Framework document.
by submitting this form, you agree to the Terms and Conditions that apply, see the Swift CSP Assessor Certification Framework.
5. Certify your individuals to get published in the directory
- A minimum of two assessors from the applicant provider will need to take and pass the exam as laid down in the Swift CSP Assessors Certification and Assessment Providers Framework.
- Start your preparation by completing the Swift CSP Certified Assessor courses in Swift Smart (Swift online training platform).
- Information will be shared to schedule the exam at our external provider - Prometric, in one of their testing centres worldwide, or via their remote option.
- The passing of the exam by the 2 assessors will lead to granting the provider and the Swift CSP Certified Assessor each a Swift label that they can use to promote their assessment services.
- After being published, the provider can increase the number of assessors to be certified, update their information or remove assessors no longer being employed by the provider, and update Provider published assessment coverage by submitting the CSP Assessor Certification Maintenance Form.
Registration on swift.com and an e-ordering profile are required to submit the registration forms.
- To register on swift.com, click here
- To request an e-ordering profile, please follow this link, then click on Accesses > Edit, select Ordering and save your profile. The swift.com administrator of your organisation will need to approve this request
For help, see the swift.com registration and administration user guide and the related Knowledge Base article