0a8e77e949
- Moved everything from ideas/passepartout/ to projects/passepartout/ - Moved legal structures to projects/flags/ - Created missing _index.org files for all subdirectories - Stripped redundant passepartout- prefix from filenames - Rewrote root _index.org as generalized brain index (projects + concepts) - Updated Hugo nav to Projects/Concepts - Updated build script section descriptions - Deleted stale ideas/passepartout-economics.md orphan
1.2 KiB
ISMAP (Government Security Framework — Japan)
is moderate — few non-Japanese vendors target APPI specifically, and the 2022 amendments added requirements that created compliance gaps.
ISMAP (Government Information System Security Management and Assessment Program)
Japan's government cloud security program — analogous to FedRAMP. Cloud services used by Japanese government agencies must be ISMAP-authorized. Managed by the Digital Agency and the Information-technology Promotion Agency (IPA).
Who must comply: Cloud service providers selling to Japanese national and local government agencies.
Why it matters: Like FedRAMP, ISMAP is a procurement gate. Authorization is time-consuming and expensive. A compute marketplace provider with ISMAP authorization has exclusive access to the Japanese government market. First-mover advantage is significant — as of 2025, fewer than 100 services are ISMAP-registered.