SWIFT Assessment Guidelines
Our Customer Security Programme sets benchmark security practices, critical to defending against, detecting and recovering from cybercrime. The Independent Assessment Framework, is a significant milestone in our security programme. It reinforces the level of assurance provided by self-attestations by mandating independent assessments by third parties.
To perform gap analyses for SWIFT member organisations and help them enriching and improving their level of compliance with the Customer Security Controls Framework, you need to understand each of the controls, each of the architecture components in scope, and how to verify evidence for each SWIFT infrastructure type.
SWIFT has designed a new Assessment Guidelines workshop to help you conduct more efficient and robust assessments. Aimed at auditors, risk managers and IT assessors, the workshop is tailored to the business and technical contexts in which you are operating. It demonstrates how to interpret and comply with mandatory and advisory controls, which evidences are best collected, and how to audit objectively based on security best practices.
The workshop will guide you through the necessary fundamentals:
- Carry out your responsibilities in relation to the Customer Security Programme
- Gain a broader industry perspective
- Ensure you have the necessary technical capabilities
- Review security best practice scenarios and field compliance experience with a SWIFT expert
The workshop is structured around a blend of theoretical and practical modules. The theory includes targeted information to help collect and analyse evidence for the design, implementation and operating effectiveness of each control. The practical elements of the workshop provide unique opportunities to explore real-life case studies and discuss your feedback as a group.