TX-RAMP · Advisory Service Components

For organizations with internal technical capability that need TX-RAMP expertise to earn certification and keep it

Texas agencies, higher education, and other covered entities use TX-RAMP to reduce procurement risk for in-scope cloud computing services. Certification is required for covered contracts, and the contracting agency determines the minimum certification level required. Provisional status can support contracting while you complete full certification, but the clock is real and the expectation is that you will reach Level 1 or Level 2 within the allowed window unless you maintain an accepted status through an external RAMP path. Most firms hand you a workbook and a checklist. We build a coherent TX-RAMP submission that aligns the workbook, diagrams, attachments, and evidence so DIR can certify without chasing contradictions.

  • Gap Assessment For organizations evaluating the TX-RAMP journey. A technical review against the Level 1 baseline of 117 controls or the Level 2 baseline of 223 controls, focused on what creates review friction: identity assurance, auditability, configuration control, vulnerability management, incident handling, and boundary clarity. You receive a prioritized remediation roadmap mapped to certification path and timeline, plus a scope sanity check so you do not certify the wrong thing.
  • Phase 0: Discovery Fast Track For organizations committed to full certification. Accelerated discovery that skips the slow handoff and moves straight into build. We normalize inventory, establish boundary truth, and draft the control ownership and evidence map so workbook writing is grounded from the first entry. This avoids the most common TX-RAMP failure pattern: writing narrative first, then discovering the architecture does not support it.
  • Advisory The certification package build. We create your complete TX-RAMP submission: Security Plan Workbook entries written with implementation detail, boundary and data flow diagrams that match the workbook, and supporting policies and procedures that reflect the way you operate. DIR can request additional documentation or artifacts during review, so we keep your artifact set evidence ready and internally consistent, not “template complete.”
  • Bastion: Assessment Support We stay until you are certified. Submission packaging, portal readiness, SPECTRIM workflow support, and response coordination for clarification requests. DIR expects responsiveness to outreach. We run the response loop so you do not lose position in the queue and you do not answer the same question three different ways across three different artifacts.

Every deliverable is custom-written for your service and your architecture. No recycled workbook language. No generic diagrams. No content that collapses under follow up. The submission reads like an engineered system because it is anchored to one.

Includes:

  • Gap Assessments
  • Phase 0 (Fast Track) Discovery
  • System Security Plan (SSP)
  • Authorization Boundary Diagrams
  • Policies, Procedures & Plans
  • Bastion Assessment Support
  • Agency Liaison Services
  • DIR Submission Support
  • Evidence Traceability and Clarification Response Playbooks
Enter the Dojo