Please use this form to request a TX-RAMP Assessment.
Important Notes:
• Assessment requests should be submitted by the cloud service provider/manufacturer of the service. Cloud resellers should work with the cloud service provider/manufacturer to coordinate the assessment process as necessary. DIR will not accept assessment responses for a target cloud service from an organization other than the cloud service provider/manufacturer.
• If you are a SaaS provider, please indicate the CSP as the organization that is responsible for the development/operations of the software, not the underlying IaaS provider if using a subservice organization.
• Cloud services with existing verified status/authorizations through FedRAMP and StateRAMP do NOT need to complete this form. DIR will leverage the StateRAMP Authorized Vendors List and FedRAMP Marketplace to directly certify the applicable cloud services under TX-RAMP at the corresponding impact level.
• This form should be submitted for each independent cloud service seeking certification. If information systems have varying control implementations, then they likely require individual certifications. Modular SaaS platforms that operate in a single environment but are licensed or sold individually likely require a single assessment and certification.
• Organizations may submit an initial request for Provisional Certification and a subsequent request for a TX-RAMP Level 1 or Level 2 Certification as needed.
Please provide a brief description of your company.
Please use the specific product/service name as listed on the company's website. If the product has multiple names, use the optional comments field to provide further information.
Please link to the direct informational URL of the cloud service/product that you would like to be considered for assessment. Do not include custom links based on customers or generic links relating to the company.
Provide a brief synopsis of the cloud computing service. This is the information that will be displayed on the listing of certified services. Please do not include customer-specific information.
For SaaS Providers, the cloud service provider/manufacturer is not the underlying IaaS/PaaS provider. The manufacturer in this context is the entity responsible for the security of the product being offered overall, regardless of if the service is delivered through the use of multiple cloud providers.
Provide a rationale and any relevant information as to the selected priority.
Note: this is the date requested for the assessment questionnaire to be launched to the respondent. This is not a guaranteed date for beginning the assessment, but helps identify the providers ability to readily provide information and documentation required by the assessment. This question requires a valid date format of MM/DD/YYYY.
This question requires a valid date format of MM/DD/YYYY.
The due date is required to be populated prior to launching the assessment questionnaire. You may submit a questionnaire early, but unsubmitted questionnaires are automatically deleted 180 days after the due date. Please select a reasonable due date to ensure the questionnaire is not deleted. This question requires a valid date format of MM/DD/YYYY.