Swift CSP Certified Assessors
Table of contents
Overview
Swift understands the critical role played by Customer Security Programme (CSP) assessment providers in supporting and maintaining the security and integrity of Swift users. The purpose of the Swift CSP Assessor Certification is to raise the expertise of independent assessors and to standardise the CSP assessment methodology for a better alignment of the assessment scope and costs.
Benefits
- Credibility and reputation: Both the Swift CSP assessment providers and their certified assessors will receive a Swift label highlighting that they are part of a widely recognised certification programme. This strengthens the positioning of Swift CSP assessment providers and certified assessors as trusted assessors within the financial industry. By obtaining the certification, the Swift CSP assessment providers and certified assessors demonstrate their commitment to upholding the highest security standards.
-
Market differentiation: The Swift CSP assessment providers and certified assessors will be published in a dedicated directory on swift.com and the KYC-SA application will indicate if a user has been subject to an assessment done by a Swift CSP certified assessor. By showcasing their compliance with Swift's rigorous security requirements, they show their competitive advantage. This differentiation can attract more customers who prioritise security.
- Collaboration and knowledge exchange: Participation in the certification program allows Swift CSP assessment providers to engage in certified assessors’ round tables and CSP working groups. Swift will provide additional guidance through documentation and newsletters. Swift can offer a platform for joint testimonials at Swift events or in event publications. Swift CSP assessment providers and certified assessors will have direct access to the CSP Subject Matter Experts. to support them more effectively while performing their customers assessments. This fosters collaboration, knowledge sharing, and best practice development, enabling providers to deliver even better CSP assessment services to their customers
What's covered?
Registered CSP assessment providers in the Swift Partner Programme will have to meet specific eligibility criteria and employ at a minimum of 2 Assessors that have successfully completed the Swift CSP Assessor Certification by passing the corresponding exam. Registered Swift CSP assessment providers and Swift CSP Certified Assessors will be promoted and visible in the dedicated Swift CSP Certified Assessors Directory (on swift.com and in the KYC-SA application). Specific report templates and effort estimates for standardisation and cost containment will be made available. Swift CSP Certified Assessors will be subject to quality assessments by Swift. Working with a Swift CSP Certified Assessor remains optional for Swift users.
Companies that want to be listed in the Swift CSP Certified Assessors Directory must satisfy the following eligibility criteria:
- demonstrate at least 2 years of experience with assessments against recognised security control frameworks such as PCI DSS, ISO 27002, NIST SP 800-53, SOC-2, NIST Cybersecurity Framework or the CSP/CSCF framework. Other industry standards are permissible if they provide the same level of robustness
- pass the basic Swift due diligence procedure
- commit to a code of conduct regarding pricing, scope definition, testing and key deliverables
- certify a minimum of 2 Swift CSP Assessors
- register in the Swift Partner programme and subscribe to the Swift CSP Assessor certification
- agree to the Swift confidentiality clauses as defined in the Swift General Terms and Conditions
How to become a Swift CSP Assessment Provider?
1. Create a swift.com user account
If your organisation is new to Swift, a swift.com user account is required to be created (ideally by the person who will be the contact person for this process). This will grant access to the relevant application forms that are required to be submitted.
- Carefully read How to create a swift.com user account
- Create a swift,com user account on swift.com
If you already have a swift.com user account, continue reading from step 2.
2. Carefully read the following document
Make sure you have understood the details and eligibility criteria of the Swift CSP Assessment Providers and Certified Assessors Framework. Swift CSP Assessment Providers and Certified Assessors Framework
3. Submit a Business Interest form
- Complete and submit a Partner Business Interest Form (please choose Swift CSP Assessor Certification as Business Interest) to provide details about your experience in the field of delivering cyber security assessments.
If you are already a registered provider, please provide your PIC (Partner Identification Code) in the Business Interest Form. - Swift will review your request and confirms acceptance or rejection.
- If your company is new to Swift, you will be requested to register it in the Swift Partner Programme as next step.
- If you already have a PIC (Partner Identifier Code), continue reading from step 4
4. Submit the Swift CSP Certified Assessors Registration form
Once Swift has confirmed your registration in the Partner Programme, you will be required to complete and submit the Swift CSP Certified Assessors Registration form.
You will be asked to provide the names and current certifications of the assessors you wish to certify.
The submission of this form will trigger the billing process, as per details of Swift CSP Assessment Providers and Certified Assessors Framework document.
By submitting the registration form, you agree to the Terms and Conditions that apply. For more information please refer to the Swift CSP Assessment Provider and Certified Assessor Framework and the Swift Partner Programme T&C.
5. Certify your individuals
A minimum of two assessors from the applicant provider will need to take and pass the exam as laid down in the Swift CSP Assessment Providers and Certified Assessors Framework.
For more information on the assessor certification process, please refer to How to become a Swift CSP Certified Assessor section
6. Get listed as Swift CSP Assessment Provider
Once you are confirmed as a Swift CSP Assessment Provider, Swift will list you in the Swift CSP Assessment Providers and Certified Assessors Directory on swift.com with the mention “Staff certification in progress” until you have the first 2 application assessors certified.
Once the requirement of ‘having a minimum of two assessors from the applicant provider passed the exam’ is met:
- you will receive the Swift CSP Assessment Provider label
- your listing in the directory on swift.com will be updated to reflect the number of Swift CSP Certified Assessors
How to become a Swift CSP Certified Assessor?
As a pre-requisite, please verify that the provider you work for has successfully completed the steps under How to become a Swift CSP Assessment Provider.
1. Prepare for the exam
Prepare for the exam by following the recommended Swift CSP Certified Assessor training modules on Swift Smart.
The resources and study guidelines to prepare for the exam are available under Swift Smart’s Swift CSP Assessors Certification.
2. Take the exam
Swift will provide you with a unique eligibility key to schedule your exam appointment at Prometric (at one of the test centres worldwide or via their remote exam option). The eligibility key is valid for 6 months after creation.
Swift will inform you via email of the pass/fail grade of your exam.
3. Get listed as Swift CSP Certified Assessor
Once the requirement of ‘having a minimum of two assessors from the applicant provider passed the exam’ is met:
- you will receive the dedicated Swift CSP Certified Assessor label
- you will be listed as Swift CSP Certified Assessor (under the record of your provider) in the Swift CSP Assessment Providers and Certified Assessors Directory on swift.com
4. Remain compliant with the Framework T&C
After having passed the certification exam, it is required to maintain an adequate level of relevant knowledge to perform your CSP assessments.
For more information, please refer to chapter 3.8 Swift CSP Certified Assessor Continued Compliance of the framework document.
How to update information, add or remove a Swift CSP Certified Assessor?
Once your company is published as a CSP Assessment provider, you can manage the following by submitting the CSP Assessor Certification Maintenance Form (possible impact on the annual maintenance fee is detailed on the form itself):
- add/remove Swift CSP Certified Assessors
- update your assessment coverage or contact information
Registration on swift.com and an e-ordering profile are required to submit the registration forms.
- To register on swift.com, click here
- To request an e-ordering profile, please follow this link, then click on Accesses > Edit, select Ordering and save your profile. The swift.com administrator of your organisation will need to approve this request
For help, see the swift.com registration and administration user guide and the related Knowledge Base article