FedLine is a colelction of web-based electronic systems that provide access to Federal Reserve Bank Services, such as:
Organizations that use the Federal Reserve FedLine Solutions are obligated to participate in the FedLine Assurance Program. The FedLine Assurance Program is risk-based and informed by industry best practices, federal standards, and relevant supervisory guidance. The program engages your Organization's senior management in the FedLine security review process to encourage holistic risk management practices and risk-based decision-making.
Starting in 2021, all financial institutions that utilize the Federal Reserve Banks’ FedLine ® Solutions products are required to conduct a Security and Resiliency Assurance assessment. Following the assessment, each institution must attest to their compliance with operating guidelines for each applicable product. Failure to do so may result in a non-compliance notification to regulators by a Federal Reserve Bank.
- Are you ready to attest?
- Do you have an assessment program ready to go?
- Do you have the time and subject matter knowledge to complete the assessment?
We can help put your institution on the path to attestation. Whether you have a simple FedLine Web ® implementation using two computers or a highly distributed FedLine Advantage ® setup spanning multiple locations, our Fedline Assurance Program Audit can be tailored to your environment
Our team of skilled auditors come from IT, Information Security, and Payment Security backgrounds and have had experience with all the FRB Services offerings from installation, operation, maintenance, migration, and administrative perspectives.
As applicable to your risk and product-based profile, each of the following areas associated with your FedLine Solutions implementation will be reviewed by an independent and qualified auditor to give your team actionable findings and recommendations as you prepare for a confident and honest attestation:
- PC Controls
- Hardware Controls
- Middleware Controls
- Network Controls
- Operational Controls
- Documentation & Data
- Assurance
The 10-D Security Difference
- We understand the grey areas of regulation and guidance.
- Our auditing process has been reviewed and approved by regulators.
- We have nationwide auditing experience with ALL types and sizes of institutions.
- Our proprietary tools capture and review key data in a fraction of the time.
- We provide concise, professional, and easy to read reports delivered promptly.
You would benefit from a 10-D
Independent IT Audit and Cybersecurity Assessment if
- You are required to comply with FFIEC, GLBA, PCI, SOX, HIPAA, or HITECH.
- You have IT assets containing personally identifiable information (PII) or financial transaction data.
- You have IT assets containing proprietary information or intellectual property.
- You want to ensure that your general controls are sufficiently designed and appropriately implemented to provide information security.