{"id":46312,"date":"2023-11-06T14:54:24","date_gmt":"2023-11-06T13:54:24","guid":{"rendered":"https:\/\/www.usd.de\/?p=46312"},"modified":"2023-11-06T14:54:25","modified_gmt":"2023-11-06T13:54:25","slug":"swift-expert-tip-gap-analysis","status":"publish","type":"post","link":"https:\/\/www.usd.de\/en\/swift-expert-tip-gap-analysis\/","title":{"rendered":"SWIFT Expert Tip: Combine Your Current SWIFT Assessment with a Gap-Analysis for CSCFv2024"},"content":{"rendered":"\n

SWIFT users are required by the Customer Security Controls Framework (CSCF<\/a>) to demonstrate compliance with at least all mandatory controls through an annual independent assessment. In a SWIFT assessment of this kind, the security of an organization's SWIFT infrastructure and SWIFT systems is checked to ensure that they are protected against potential security threats and vulnerabilities.<\/p>\n\n\n\n

November and December are typical months for the annual SWIFT Assessment<\/a>. You are therefore probably in the middle of preparing for or in the middle of your current SWIFT CSCFv2023 assessment. Have you ever considered using your current assessment to carry out a gap analysis in preparation for the next CSCFv2024 assessment?<\/p>\n\n\n\n

\n
\n
<\/div>\n\n\n\n

Tobias Weber, Managing Security Consultant and SWIFT Auditor at usd AG, explains the advantages of this approach<\/strong> and also takes a look at the upcoming changes<\/strong> under CSCFv2024:<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
<\/div>\n\n\n\n

Combine current SWIFT Assessment with Gap-Analysis<\/h2>\n\n\n\n

The phases of a SWIFT Assessment year usually run in the same way: the corresponding assessments are always carried out for all SWIFT users concerned from July of each year until the end of the year, so that they receive their report in January at the latest and can prove their compliance with the security requirements. At the same time, an update of the CSCF for the following year is regularly published in July.<\/p>\n\n\n\n

This means that SWIFT is not only giving users a transition phase of roughly one year for the newly introduced frameworks, but is also enabling a joint gap analysis alongside the upcoming assessment. Use this opportunity to make the most of the transition phase until your SWIFT Assessment in the second half of 2024. Take an early look at the changes in newly published controls and determine which implementations are necessary to fulfill by the next assessment. <\/p>\n\n\n\n

<\/div>\n\n\n\n

CSCFv2024 - Changes at a glance<\/h2>\n\n\n\n

In order to be well prepared, SWIFT users should familiarize themselves with the changes at an early stage. If you take a look at the CSCFv2024<\/a>, the following 3 key takeaways can be noted:<\/p>\n\n\n\n