Security Risk & Compliance Services

What is Risk and Compliance? 

RC Services help customers assess, manage, and mitigate risks through Services such as controlled penetration testing and security vulnerability assessments.  In addition, RC Services assist customers in validating and meeting compliance obligations of state, federal, or industry regulations.  

  • Penetration Testing 

  • Security Risk Assessments 

  • Cloud Compliance 

  • Vulnerability Scanning 

  • Web Application Vulnerability Scanning 

Penetration Testing   

Penetration (pen) testing, sometimes called ethical hacking, can help identify cybersecurity vulnerabilities and show the direct impact of a process that is bad or not working as intended.  Pen testing can help you find and fix your security weaknesses before the bad guys find and exploit them. 

Security Risk Assessment   

Standard security measures are often ineffective against advanced cyberthreats.  Security Risk Assessments, including Election Security and Texas Cybersecurity Framework Assessments, can help identify gaps in your environment and deliver a comprehensive analysis of your security posture to help you prepare your organization to defend against persistent cyberattacks. 

Cloud Compliance  

Security compliance reviews of hosted service providers (and other cloud service providers), annual re-certifications, and validation of certifications for new hosted service providers can assist in meeting audit requirements. 

Vulnerability Scanning  

This in-depth technical review of your current security posture, including vulnerabilities discovered in your network, devices, and mobile applications, will deliver assigned risk ratings and recommend remediation activities to help you achieve mission-focused objectives.  

Web Application Vulnerability Scanning 

Comprehensive scanning, testing, and validation of web-based applications will generate results, work products and documentation to help your IT security team protect against detected vulnerabilities and satisfy external auditor requirements. 

Benefits of Risk and Compliance 

  • Help meet compliance obligations for security and privacy regulations. 

  • Demonstrate due diligence expected by security savvy constituents.  

  • Help benchmark security posture and maintain operations continuity in situations of internal IT turnover.  

  • Help reduce risks of a data breach and its impact on the public, employees and mission.  

  • Help identify weaknesses and optimize defenses within your operating environment. 

  • Provide actionable recommendations for improving security. 

Managed Security Services is delivered through a contract between the Texas Department of Information Resources and AT&T. All DIR customers including state agencies, institutions of higher education, and local government entities are eligible to use the Managed Security Services contract. (Insert link to contract) 

Learn More

To learn more about the STS program, its many services and how to become a STS customer, visit us online

How to Order

Current STS Customers can request this service using the STS Service Catalog 

New STS Customers: If you are interested in this service, email DIR. A representative will contact you to discuss the options that best fit your business needs. 

About File Formats

Some documents on this page are in the PDF format. Please download the Adobe Reader in order to view these documents.