Common use of Security Controls for State Agency Data Clause in Contracts

Security Controls for State Agency Data. In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the contract. Health and Human Services Contract Affirmations v. 1.9 Effective July 2021 44. Cloud Computing State Risk and Authorization Management Program In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.0593, Contractor acknowledges and agrees that, if providing cloud computing services for System Agency, Contractor must comply with the requirements of the state risk and authorization management program and that System Agency may not enter or renew a contract with Contractor to purchase cloud computing services for the agency that are subject to the state risk and authorization management program unless Contractor demonstrates compliance with program requirements. If providing cloud computing services for System Agency that are subject to the state risk and authorization management program, Contractor certifies it will maintain program compliance and certification throughout the term of the Contract.

Security Controls for State Agency Data. In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the contract Contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the contractContract. Health and Human Services Contract Affirmations v. 1.9 2.2 Effective July 2021 May 2022 44. Cloud Computing State Risk and Authorization Management Program (TX-RAMP) In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.0593, Contractor acknowledges and agrees that, if providing cloud computing services for System Agency, Contractor must comply with the requirements of the state risk and authorization management program and that System Agency may not enter or renew a contract with Contractor to purchase cloud computing services for the agency that are subject to the state risk and authorization management program unless Contractor demonstrates compliance with program requirements. If providing cloud computing services for System Agency that are subject to the state risk and authorization management program, Contractor certifies it will maintain program compliance and certification throughout the term of the Contract.