Directory of CSP assessment providers - to be discontinued from 31 March 2024
Swift has created a Directory of CSP assessment providers for your reference when looking for assessment providers in your country. These companies can help you to assess your level of compliance toward the implementation the CSP mandatory and advisory controls that apply to your connectivity configuration with Swift.
In listing firms in the Directory of CSP assessment providers, Swift has taken into account certain criteria, including:
- Assessments services experience & credentials
- Strategic focus on cyber security services
- Good reputation & commitment to customers in the financial industry
It is important to note that Swift has not checked or validated the individual qualifications of the CSP assessment providers listed in the directory; nor has Swift verified that providers listed in the directory have a history of Swift expertise.
Swift does not certify providers listed on the directory, however, every company listed on the directory has been requested to follow a CSP curriculum to acquire or maintain its knowledge and understanding about the programme. Its presence in the directory reflects a successful completion of the CSP curriculum.
Customer due diligence
You are responsible for completing your own due diligence when selecting and contracting CSP assessment providers or any other entity offering such services. You should, for instance, verify that individual consultants working for the selected provider:
- Have sufficient training and knowledge of Swift and Swift security – including understanding of the Swift security control framework and detailed mandatory and advisory controls
- Hold recognised industry qualifications: consultants should maintain industry recognised security qualifications or certifications such as QSA, CISSP, CISA, CISM, ISO, SANS.
- Are otherwise suitable for your needs and purposes
Beware that Swift requires an assessment, not an audit. This difference has an impact in terms of task magnitude and costs, take this into account when you select a company.
Assessments can be performed by a provider not featured on the directory.
Customers are free to choose any company outside the directory.
Swift has created a CSP Certified Assessors Directory for your reference when looking for assessment providers in your country. These companies have met specific eligibility criteria and employ a minimum of 2 Assessors who have successfully completed the Swift CSP Assessor certification by passing an exam. They can help you to assess your level of compliance toward the implementation of the CSP mandatory and advisory controls that apply to your connectivity configuration with Swift.
Albania; Andorra; Armenia; Austria; Azerbaijan; Belarus; Belgium; Bosnia & Herzegovina; Bulgaria; Croatia; Cyprus; Czechia; Denmark; Estonia; Faroe Islands; Finland; France; Georgia; Germany; Gibraltar; Greece; Guernsey; Hungary; Iceland; Ireland; Isle of Man; Italy; Jersey; Kazakhstan; Kosovo; Kyrgyzstan; Latvia; Liechtenstein; Lithuania; Luxembourg; Malta; Moldova; Monaco; Mongolia; Montenegro; Netherlands; North Macedonia; Norway; Poland; Portugal; Romania; Russia; San Marino; Serbia; Slovakia; Slovenia; Spain; Sweden; Switzerland; Tajikistan; Turkmenistan; Ukraine; United Kingdom; Uzbekistan; Vatican City