What is SWIFT Customer Security Programme (CSP)?
SWIFT Customer Security Programme (CSP) is a dedicated programme to support organisations to reinforce security of their SWIFT-related systems. SWIFT CSP has a set of controls aiming to address the security of the environment, managing fraud and preventing future cyber-attacks.
The f-CSP is a primarily on-site activity completed by a security assessor against the requirements of SWIFT CSP and to the testing procedures specified in the CSP framework. The f-CSP consists of interviews, documentation review, observation of processes, and system configurations and will require system sampling, evidence collection, and retention.
Sysnet will appoint an assessor who will then begin the assessment process. This will initially consist of a request for access to your supporting documentation and processes to understand the scope. These will be evaluated, usually remotely, and an opinion formed on their effectiveness and alignment to the intent of the CSP Standard.
The assessor will also choose a representative sample of people, processes and technologies to assess. The assessor will liaise with you to schedule and ensure timely completion of all on-site interview and observation tasks necessary to fulfil the testing procedures.
On completion of a successful f-CSP, Sysnet will provide full documentation of the assessment in attestation document. The assessor will ensure the correct completion of the attestation asserting CSP compliance.
By undertaking the SWIFT CSP, this provides your organisation a minimum benchmark to meet along with the rest of the SWIFT community.
An organisation needs to be aware that cyber-attack is a real threat and an organisation can review the controls and address all the requirements necessary to protect the SWIFT environment. Your organisation can apply the framework and controls to other areas of your business.