TAC §202 & Control Standards


Texas Administrative Code (TAC) Chapter §202 establishes a baseline of security standards for Texas state agencies and institutions of higher education.

Setting security standards at the federal level is FISMA, which stands for the Federal Information Security Management Act. FISMA requires federal agencies and their contractors to safeguard their information systems and assets. The National Institute of Standards and Technology, known as NIST, helps develop standards and guidelines for FISMA.

chart displaying how revised TAC 202 aligns with FISMA

Control Standards Catalog

The Control Standards Catalog was initiated by DIR to help state agencies and higher education institutions implement security controls. It specifies the minimum information security requirements that state organizations must employ to provide the appropriate level of security relevant to level of risk.

For an example of an implemented control standards catalog, visit Texas A&M University's Information Security Controls Catalog.

Control Crosswalk

The Control Crosswalk maps the DIR Control Standards Catalog to industry standards, regulatory requirements, and compliance mandates. The Control Crosswalk allows you to consolidate a lot of steps. For instance, many agencies must meet state requirements, federal requirements, and even certain industry-specific requirements.

Each organization has a customizable version of the controls catalog within the SPECTRIM portal.  For each control, your organization can set the organizationally defined requirements and map to applicable authoritative sources.  This provides a view of which regulations and standards are fulfilled by your implementation of the control standards catalog.

Rules and Legislation

Information about file formats