Directory of CSP assessment providers
SWIFT has created a Directory of CSP assessment providers for your reference when looking for assessment providers in your country. In listing firms in the Directory of CSP assessment providers, SWIFT has taken into account certain criteria, including:
- cyber security services experience & credentials
- strategic focus on cyber security services
- good reputation & commitment to customers in the financial industry
It is important to note that SWIFT has not checked or validated the individual qualifications of the CSP assessment providers listed in the directory; nor has SWIFT verified that providers listed in the directory have a history of SWIFT expertise. Please also note that you can opt to contract with other providers that are not featured in the Directory.
Customer due diligence
You are responsible for completing your own due diligence when selecting and contracting CSP assessment providers or any other entity offering such services. You should, for instance, verify that individual consultants working for the selected provider:
- Have sufficient training and knowledge of SWIFT and SWIFT security – including understanding of the SWIFT security control framework and detailed mandatory and advisory controls
- Hold recognised industry qualifications: consultants should maintain industry recognised security qualifications or certifications such as QSA, CISSP, CISA, CISM, ISO, SANS.
- Are otherwise suitable for your needs and purposes
Should you wish to be part of the directory, please follow these steps:
- Create an account on swift.com
- Complete a business interest form (login with your swift.com account is required) and submit it to SWIFT. We will review your request and confirm your eligibility.
Should you have any questions, please contact us.