Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
ISMAP overview
The Information System Security Management and Assessment Program (ISMAP) is a cloud services assessment program administered by the Japanese government. The program was officially announced on 26 May 2020. It ensures appropriate security in government cloud services procurement by evaluating and registering cloud services that meet the Japanese government security requirements. Cloud service providers who want to participate in public sector procurement programs can apply for ISMAP certification. An independent third-party auditing firm approved by ISMAP administers the certification. Japanese government agencies can then procure cloud services from cloud service providers registered with ISMAP instead of conducting their own individual assessments.
For more information about ISMAP, see the official ISMAP web site.
Microsoft and ISMAP
Microsoft cloud services are assessed and certified under ISMAP as shown on the official ISMAP cloud services list. An independent third-party auditing firm approved by ISMAP conducted the assessment. Microsoft products and services provide comprehensive compliance assurances to help your organization comply with national, regional, and industry-specific requirements.
Applicability
The following Azure regions are in scope for ISMAP certification as shown on the official ISMAP cloud services list:
- Japan East
- Japan West
- 40 more regions worldwide that are available to Japanese customers under contract, excluding Azure Government and Azure China regions.
Services in scope
The following Microsoft cloud services are in scope for ISMAP certification as shown on the official ISMAP cloud services list:
- Azure, Dynamics 365, and other Microsoft online services
- Office 365 services
Audit reports and certificates
You can find evidence of Microsoft ISMAP certification on the official ISMAP cloud services list.
Frequently asked questions
Who does ISMAP certification apply to?
ISMAP certification applies to cloud services that Japanese government agencies can access through public sector procurement programs. ISMAP ensures appropriate security in government cloud services procurement by evaluating and registering cloud services that meet the Japanese government security requirements.
Where can I get more information on ISMAP requirements?
For more information about ISMAP, see the official ISMAP web site.
Where can I get more information about Microsoft approach to ISMAP?
For more information about Microsoft approach to ISMAP, see Microsoft approach to compliance: ISMAP (Japanese).