TX-RAMP Resources Library

On this page:


General Resources

Cloud Provider Resources

Archived Resources


Welcome to the TX-RAMP Resources page to view all of the TX-RAMP resources available to help guide your organization and prepare for the upcoming impacts of TX-RAMP. Resources are developed based on DIR TX-RAMP submissions to help you through the TX-RAMP submission process.

TX-RAMP Process Overview
Overview of the Texas Risk and Authorization Management Program (TX-RAMP) process and estimated timeline presentation for the April 2023 video.

TX-RAMP Program Manual 2.0

TX-RAMP Security Controls Baselines 2.0

TX-RAMP Certified Cloud Products

NIST Definition of Cloud Computing
Cloud computing definitions are based on the National Institute of Standards and Technology

TAC 202
Learn more about Texas Administrative Code 202 and information security guidelines for state agencies and institutions of higher education.

TGC 2054
Learn more about Texas Government Code 2054.0593 that authorizes TX-RAMP.


TX-RAMP Agency Guide - Cloud Service Identification Template
Template agencies can customize to help staff undergo an initial discovery phase and identify if a service is in scope of TX-RAMP.

TX-RAMP Assessment Request Online Form

TX-RAMP Vendor Portal

StateRAMP Templates and Resources
Developed by StateRAMP, these templates provide in-depth examples of System Security Plan (SSP), information security policies, and other documents.

FedRAMP Templates and Resources
Developed by FedRAMP, these resources provide a variety of guidance including System Security Plan (SSP), Plan of Action and Milestones (POAandM), and other documents.

TX-RAMP Security Plan
TX-RAMP Security Plan Workbook template. The workbook is a required document for cloud service providers seeking a TX-RAMP Certification and must be completed, attached, and submitted through the TX-RAMP assessment vendor questionnaire via the SPECTRIM Vendor Portal.

TX-RAMP Provisional Certification Extension Request
The TX-RAMP Program Manual permits DIR to grant extensions to provisional certification under certain conditions. Requests are granted at the discretion of DIR. Please refer to the TX-RAMP Program Manual for additional information concerning provisional certification extensions.

TX-RAMP Vendor Guide - Completing the Assessment Questionnaire
Guide for Cloud Service Providers to complete the TX-RAMP Assessment.

TX-RAMP Overview Points and Scoping 
TX-RAMP overview and guidance on scoping as a result of the TX-RAMP Manual updates effective December 2022.

TX-RAMP Process Overview
Overview of the Texas Risk and Authorization Management Program (TX-RAMP) process and estimated timeline April 2023.


Archived Resources

These archived resources below are for historical reference. For new submissions, please use the Resources section above.

TX-RAMP Program Manual
Last updated: 11/10/2022
Details about the Texas Risk and Authorization Management Program

TX-RAMP Security Controls Baselines
Last updated: 12/08/2021
Specific technical controls required as a security control baseline for each respective TX-RAMP level's assessment criteria.

TX-RAMP SPECTRIM Overview Webinar
Last Updated: TBD
Walkthrough of TX-RAMP with SPECTRIM.

TX-RAMP Overview for Agencies
Last Updated: 11/19/21
Overview of the Texas Risk and Authorization Management Program (TX-RAMP) targeted for a state agency audience. Presented by DIR's Office of the Chief Information Security Officer on November 16, 2021.

TX-RAMP Overview for Vendors
Last Updated: 11/23/21
This webinar will provide an overview of the Texas Risk and Authorization Management Program (TX-RAMP) and associated program manual for vendors.

About File Formats

Some documents on this page are in the PDF format. Please download the Adobe Reader in order to view these documents.