Cybersecurity resources
Information Resources and Security Requirements
Information Security and Privacy Controls Standard Catalog
The TxDOT Information Security and Privacy Controls Standards Catalog (Catalog) provides the complete set of the minimum security controls for information systems that process, store, transmit, or maintain TxDOT data. SHA256 Hash Value: 78C14DF3417818F7CD01724D78BFFCCC3921D73A41DBCE50A95E8F4508CDDCB9
Information Security and Privacy Controls Standard Catalog (Excel Version)
Excel version of the TxDOT Information Security and Privacy Controls Standards Catalog. SHA256 Hash Value: E98CAD89437C0D77B17EAA1C3155F2596B0AEAFB3BA65371B965E4D733D478B2
TxDOT Data Classification Policy
Establishes the framework for classifying TxDOT data. Link last updated Sept. 19, 2022. SHA256 Hash Value: 831395574693A077ADB0358B8BF1FD1B896848F3D83DE9E5EC5A58BBCAC19920
TxDOT Security Questionnaire: A document used by TxDOT to evaluate whether third parties who process, store, transmit, or maintain TxDOT data meet security requirements to be considered for contract award or renewal. SHA256 Hash Value: 858E8DDA24623B90B9CAAD1D8A450CD9B8E1A10CE748FFDBC0D99313DC0748BA
TxDOT Security Questionnaire - NEVI: This specialized TxDOT Security Questionnaire is used by vendors applying for federal National Electric Vehicle Infrastructure (NEVI) transportation grants as an attestation of compliance with TxDOT security requirements.
TxDOT Information Security Risk and Authorization Management Program (IS-RAMP): This standard establishes requirements for TxDOT’s third parties to access, store, transmit, use, or create TxDOT data.
TX-RAMP Evaluation Request
Contractors who maintain a current TX-RAMP Provisional Certification and would like to apply that certification toward current TxDOT contracts or active procurements must complete a TX-RAMP Evaluation Package. NOTE: CONFIDENTIAL when complete.
TX-RAMP Level 1 Evaluation Control Attestation
Contractors with a TX-RAMP Provisional Certification of a system seeking to provide business and services to TxDOT are to complete this workbook, providing contractor attestations of compliance with security controls in scope for TX-RAMP Level 1 requirements. The contractor should complete the identified areas of the System Information and TX-RAMP Level 1 tabs.
TX-RAMP Level 2 Evaluation Control Attestation
Contractors with a TX-RAMP Provisional Certification of a system seeking to provide business and services to TxDOT are to complete this workbook, providing contractor attestations of compliance with security controls in scope for TX-RAMP Level 2 requirements. The contractor should complete the identified areas of the System Information and TX-RAMP Level 2 tabs.
GDE-01-604 Reconnection Attestation Guideline
The Reconnection Attestations Guideline describes the minimum requirements that organizations that have been compromised must provide to TxDOT to affirm that their operations are secure and remain compliant with TxDOT security policies.