In recent years the Department of Transportation (TxDOT) experienced a ransomware attack that infected their systems and forced the administrators to shut down the systems to avoid the propagation of the ransomware. This event forced the agency to take steps to prevent further damages to its systems and its vendor networks. As a result, initiative were put forth to implement tighter Information security safeguards across all their systems, including all vendors that conduct business with the State of Texas.

Organizations that sell services to the State of Texas must now comply with legislation and adhere to strict regulatory requirements to prevent or limit damage from future attacks. State vendor's must now implement higher control standards across all its applications, systems development, people management, data and network security.


We understand that many small businesses currently lack the appropriate resources necessary to defend against these attacks, which increases the likelihood that cybercriminals will to put their government contracts and relationships in jeopardy.
A business's responsibility to commit to the industry-standard controls can be a challenge, but a compliant company culture establishes an organization's trustworthiness, integrity, and maturity in the industry landscape.


The architecture, engineering, and construction (AEC) industry is increasingly becoming digital and more prone to cyber-attacks. At  5 Factor Technology we have a history of assisting (AEC) firms with the new updated TXDOT compliance requirements. Our team has several tools, standards, methods, and frameworks to address the growing concern of working in the Information security environment.
Our team of experts have over 30+ years of Information security experience. Our team has the real world experience our clients face, we bring tested and proven holistic solutions with a hassle-free, hands-free approach. Through relentless innovation and an unprecedented commitment to 5-star customer service, 5 Factor Technology is here as a trusted partner to get your organization to maturity.


Information Security and Privacy Controls Standard Catalog (v2.2)
The TxDOT Information Security and Privacy Controls Standards Catalog (Catalog) provides the complete set of the minimum security controls for information systems that process, store, transmit, or maintain TxDOT data.

SHA256 Hash Value: 78C14DF3417818F7CD01724D78BFFCCC3921D73A41DBCE50A95E8F4508CDDCB9

Information Security and Privacy Controls Standard Catalog (v2.2) (Excel Version):
Excel version of the TxDOT Information Security and Privacy Controls Standards Catalog.
SHA256 Hash Value: E98CAD89437C0D77B17EAA1C3155F2596B0AEAFB3BA65371B965E4D733D478B2

TxDOT Data Classification Policy:
Establishes the framework for classifying TxDOT data.
SHA256 Hash Value: 831395574693A077ADB0358B8BF1FD1B896848F3D83DE9E5EC5A58BBCAC19920

TxDOT Security Questionnaire (v1.0):
A document used by TxDOT to evaluate whether third parties who process, store, transmit, or maintain TxDOT data meet security requirements to be considered for contract award or renewal.

SHA256 Hash Value: 858E8DDA24623B90B9CAAD1D8A450CD9B8E1A10CE748FFDBC0D99313DC0748BA

TxDOT Information Security Risk and Authorization Management Program (IS-RAMP):
This standard establishes requirements for TxDOT’s third parties to access, store, transmit, use, or create TxDOT data.