What is TX-RAMP?
TX-RAMP is a state risk and authorization management program that seeks to standardize the approach Texas state agencies take to assess the security measures taken by cloud software applications that the agency might use.
State agencies in Texas are required to only work with cloud software vendors who are either TX-RAMP approved or who are not subject to TX-RAMP.
See: Texas Risk and Authorization Management Program (TX-RAMP)
Is ScreenSteps Compliant With TX-RAMP?
The ScreenSteps Knowledge Base and Training Software falls into a category of software that is not subject to TX-RAMP.
From the "Texas Risk and Authorization Management Program Manual, Section IV - A: Characteristics and Categories of Cloud Computing Services Not Subject to TX-RAMP"
Certain cloud computing services are out-of-scope of TX-RAMP due to the unique characteristics of the cloud computing service. These are only out-of-scope of TX-RAMP provided that the cloud computing service does not: (1) create, process, or store confidential state-controlled data (except as needed to provide a login capability, e.g. username, password, email) or connect with agency systems or networks that create, process, or store confidential state-controlled data such that any security incident might affect such systems or networks.
The below cloud computing services are considered out of scope of TX-RAMP:
- ….
- Cloud computing services used to deliver training that do not create, process, or store confidential information;
- ….
ScreenSteps is typically used by universities, school districts, and state agencies to store non-sensitive procedural and training information - not confidential state-controlled data. ScreenSteps does not store any personal information beyond username, password, and email addresses for end-users.
Because of the nature of the data that is stored in ScreenSteps, it is not typically subject to TX-RAMP requirements.
Is ScreenSteps Secure?
ScreenSteps is a SOC 2 Service Organization which means we take information security very seriously. You can read more about our SOC 2 Type II attestation and what SOC 2 means here:
What is SOC 2 Compliance? What Does it Mean for Software Customers?
What if I have more questions about ScreenSteps and TX-RAMP
If you have any additional questions, please don't hesitate to contact us. A member of our team will be happy to answer any security or TX-RAMP questions that you may have regarding the ScreenSteps platform.
0 Comments
Add your comment