Question 1

What are the possible impacts for a SWIFT user to be non-compliant to CSP? (Select the two correct answers that apply)

•Swift Customer Security Controls Policy

•Swift Customer Security Controls Framework v2025

•Independent Assessment Framework

•Independent Assessment Process for Assessors Guidelines

•Independent Assessment Framework - High-Level Test Plan Guidelines

•Outsourcing Agents - Security Requirements Baseline v2025

•CSP Architecture Type - Decision tree

•CSP_controls_matrix_and_high_test_plan_2025

•Assessment template for Mandatory controls

•Assessment template for Advisory controls

•CSCF Assessment Completion Letter

•Swift_CSP_Assessment_Report_Template

Options :

A : To be reported to their supervisors (if applicable)

B : To be seen as non-compliant to their counterparts in KYC-SA

C : To be contacted by SWIFT to provide the CSP assessment report and detailed information about the reason of non-compliance

D : To be delisted from the BIC directory

Answer: B,C

Question 2

What does the CSCF expect in terms of Database Integrity? (Choose all that apply.)

Options :

A : Nothing is needed when the messaging or connector integrates/embeds an integrity check functionality at each Swift transaction record level.

B : When a database is used by a messaging interface or connector, the related hosted database and its supporting system must be protected as a Swift-related component and exceptions alerted

C : Alerts generated from performed integrity checks are captured and analysed for appropriate treatment

Answer: B,C

Question 3

The only type of HSM devices offered by Swift are HSM tokens and HSM boxes.

Options :

A : TRUE

B : FALSE

Answer: A

Question 4

A Swift user has remediated an exception reported by the assessor. What are their obligations before updating

and submitting an attestation reflecting the new compliance level?

Options :

A : The exception must be re-assessed by an independent assessor. The assessor can be different to the one who initially raised the exception

B : The exception must be re-assessed by the same independent assessor that raised the exception

C : The first line of defense can confirm their level of compliance using a self-assessment approach

D : None, if the remediation has been completed, a new attestation can be submitted reflecting the compliance of the control

Answer: A

Question 5

A Swift user can only exchange FIN messages via the Swift network.

Options :

A : TRUE

B : FALSE

Answer: B

Free CSP-Assessor Mock Exam – Practice Online Confidently

Buying Options: