SWIFT customers must comply with the Customer Security Controls Framework (CSCF) to ensure security improvement and transparency. SWIFT requires all customers to support their attestation with an independent assessment. Users must be complied with SWIFT Customer Security Controls Policy, irrespective of their architecture type. For example, users connecting through a service provider (such as a service bureau, shared connection provider, Alliance Lite2, Alliance Lite2 for Business Applications (L2BA) application provider, or a group hub) must still attest.
CERRIX can provide the entire content of the CSP framework including security principles, risk library, control objectives and the set of required controls. This makes it possible for you to implement SWIFT in a rapid way, establish a risk-control cycle and be prepared for external audits.
ICFR (Internal Control over