25 lines
1.1 KiB
Org Mode
25 lines
1.1 KiB
Org Mode
:PROPERTIES:
|
|
:ID: auto-ismap
|
|
:CREATED: [2026-05-23 Sat]
|
|
:END:
|
|
#+title: is moderate — few non-Japanese vendors target APPI specifically, and the 2022
|
|
#+filetags: :passepartout:compliance:framework:ismap:
|
|
|
|
is moderate — few non-Japanese vendors target APPI specifically, and the 2022
|
|
amendments added requirements that created compliance gaps.
|
|
|
|
** ISMAP (Government Information System Security Management and Assessment Program)
|
|
|
|
Japan's government cloud security program — analogous to FedRAMP. Cloud services
|
|
used by Japanese government agencies must be ISMAP-authorized. Managed by the
|
|
Digital Agency and the Information-technology Promotion Agency (IPA).
|
|
|
|
Who must comply: Cloud service providers selling to Japanese national and local
|
|
government agencies.
|
|
|
|
Why it matters: Like FedRAMP, ISMAP is a procurement gate. Authorization is
|
|
time-consuming and expensive. A compute marketplace provider with ISMAP
|
|
authorization has exclusive access to the Japanese government market. First-mover
|
|
advantage is significant — as of 2025, fewer than 100 services are ISMAP-registered.
|
|
|