Skip to main content
Achieve Texas Risk and Authorization Management Program certification for state agencies.
The Texas Risk and Authorization Management Program (TX-RAMP) provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies. It is modeled on FedRAMP and StateRAMP.
TX-RAMP certification is required for cloud service providers offering services to Texas state agencies.

Who needs TX-RAMP?

Cloud providers

Vendors offering cloud services to Texas state agencies.

GovTech companies

Organizations selling SaaS to the Texas public sector.

Key components

Level 1 certification

For services handling low-impact or non-confidential data.

Level 2 certification

For services handling moderate or high-impact confidential data.

Continuous monitoring

Ongoing security monitoring and reporting after certification.

Control baseline

Security controls aligned with FedRAMP and NIST 800-53.

How DSALTA helps with TX-RAMP

1

Activate TX-RAMP

Select TX-RAMP and your target level. DSALTA maps the control baseline to controls.
2

Review mapped controls

Review the NIST 800-53-aligned controls and assign owners.
3

Collect evidence automatically

Connect integrations to gather technical evidence.
4

Document the SSP

Build your System Security Plan with DSALTA’s guidance.
5

Prepare for certification

Organize evidence for the TX-RAMP assessment.

Frequently asked questions

Level 1 for low-impact data; Level 2 for moderate/high-impact confidential data. The agency’s data classification determines the requirement.
TX-RAMP recognizes FedRAMP and StateRAMP authorizations, often allowing reciprocity that reduces duplicate work.