More specifically, as part of the TX-RAMP scoping & gap assessment, we will provide a Prioritization Plan for Remediation (PPR), which will outline the controls gaps found, the tools and solutions needed to repair all gaps, as well as helpful documents - like our policy templates - for completing the assignment. Additionally, we can also design and implement scalable, efficient ongoing continuous monitoring programs for organizations seeking TX-RAMP authorization.

Industry Leading NIST 800-53 Policies, Procedures, Programs, and Plans

In need of world-class NIST Risk Management Framework (RMF) documentation? Arlington has you covered with the Arlington Security Portal (ASP).  ASP is an online repository of world-class, industry leading security and privacy policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on NIST SP 800-53, Revision 5. Additionally, ASP includes documents for ISO 27001/2 compliance, data privacy, healthcare, financial services, and much more.  While FedRAMP does offer a baseline of policy templates, organizations still need to develop a large number of various programs and plans - and that’s where ASP has you covered.

Additionally, our TX-RAMP advisory services also include the following:

Developing NIST specific programs and plans: with Arlington, we offer much more than just NIST SP 800-53 policies and procedures, rather, we can develop the following programs and plans:

• Insider Threat Program
• Privacy Program Plan
• Business Continuity Plan
• Data Governance Program
• Incident Response Plan
• Configuration Management Plan

Developing a NIST specific Continuous Monitoring (ConMon) Program: Establishing and implementing NIST SP 800-53 controls is one-thing, but it also requires a continuous monitoring (ConMon) program to be in place for ensuring the controls are functioning as designed. Let Arlington develop a customized ConMon program for your organization, one that fulfills critical TX-RAMP requirements.

History of TX-RAMP

Sen. Bill 475 was passed by the Texas Legislature during the 87th Legislative Session, which mandates that the Texas Department of Information Resources (DIR) create a state risk and authorization management program that offers "a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency."  In order to comply, DIR established a framework for gathering data regarding the security posture of cloud services and evaluating responses for adherence to necessary controls and documentation. Texas Government Code 2054.0593 mandates that state agencies as defined by Texas Government Code 2054.003(13) must only enter or renew contracts to receive cloud computing services that comply with TX-RAMP requirements beginning January 1, 2022

About Arlington

We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®.  Learn more at arlingtonintel.com.