TX-RAMP / FED-RAMP
Texas Risk and Authorization Management Program (TX-RAMP)
In the 87th Legislative Session, the Texas Legislature passed Senate Bill 475, requiring the Texas Department of Information Resources (DIR) to establish a state risk and authorization management program that provides “a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency.” To comply, DIR established a framework for collecting information about cloud services security posture and assessing responses for compliance with required controls and documentation. Texas Government Code 2054.0593 mandates that state agencies as defined by Texas Government Code 2054.003(13) must only enter or renew contracts to receive cloud computing services that comply with TX-RAMP requirements beginning January 1, 2022. Learn more about TX-RAMP
| Level 1 | January 1, 2023 | for public/non-confidential data |
| Level 2 | January 1, 2022 | for confidential/regulated data |
- Public/non-confidential data stored in the Cloud (Level 1)
- Confidential/regulated data stored in the Cloud (Level 2)
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP empowers agencies to use modern cloud technologies, with an emphasis on security and protection of federal information.