If you enter or renew contracts to receive cloud computing services in the new year, expect the process to take more time.
Senate Bill 475, passed by the Texas Legislature, requires the Texas Department of Information Resources (DIR) to establish a state risk and authorization management program that provides “a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency.”
To comply, DIR established a framework for collecting information about cloud services security and assessing compliance with required controls and documentation. Beginning Jan. 1, 2022, Texas Government Code § 2054.0593 mandates that state agencies (including Texas Woman’s) must only enter or renew contracts to receive cloud computing services that comply with TX-RAMP requirements.
TWU is currently working through the implementation of these new requirements, along with all other state entities and institutions of higher education. Any cloud service contract being renewed after Dec. 31 will be subject to the TX-RAMP certification process and will involve Texas Woman’s, DIR, and the respective cloud vendor. Renewals taking place in 2022 will have additional vetting that will have to take place and will significantly increase the amount of time to procure cloud services.
Contact Procurement Services at email@example.com if you have any questions or concerns.