SITUATION
In short advance of a December 31 attestation deadline, an American-based corporation that conducts business worldwide retained FTI Cybersecurity to perform an independent SWIFT Customer Security Program (CSP) assessment.
OUR ROLE
FTI Cybersecurity worked in lockstep with the client’s information security and global treasury departments to conduct the assessment in a short window to meet the deadline. After an initial brief with the client leads, our team began to review evidentiary artifacts provided by the client against the 15 SWIFT required controls. The FTI team assessed the client’s control disposition based on the evidence, provided daily status reports, documented findings, and shared technical and documentation recommendations to enhance or improve the controls.
OUR IMPACT
FTI Cybersecurity successfully served as an independent, external assessor, providing an attestation letter and final briefing on the CSP assessment before the deadline. While FTI found there was a notable lack of formalized documentation, the overall control disposition was in place.