AWS Security Blog

AWS achieves its first ISMAP certification in Japan

Earning and maintaining customer trust is an ongoing commitment at Amazon Web Services (AWS). Our customers’ industry security requirements drive the scope and portfolio of the compliance reports, attestations, and certifications we pursue. We’re excited to announce that AWS has achieved certification under the Information System Security Management and Assessment Program (ISMAP) program, effective from March 12, 2021 to March 31, 2022. The certification scope includes a total of 123 AWS services across the AWS Asia Pacific (Tokyo) Region and the newly launched Asia Pacific (Osaka) Region. The ISMAP program was launched in June 2020, and now AWS is among the first few cloud service providers (CSPs) to achieve the certification.

ISMAP is a Japanese government program for assessing the security of public cloud services. The purpose of ISMAP is to provide a common set of security standards for CSPs to comply with as a baseline requirement for government procurement. ISMAP introduces security requirements for the cloud domains, practices, and procedures that CSPs must implement. CSPs must engage with an ISMAP-approved third-party assessor to assess compliance with the ISMAP security requirements in order to apply as an ISMAP-registered CSP. The ISMAP program will evaluate the security of each CSP and register those that satisfy the Japanese government’s security requirements. Upon successful ISMAP registration of CSPs, government procurement departments and agencies can accelerate their engagement with the registered CSPs and contribute to the smooth introduction of cloud services in government information systems.

The achievement of this certification demonstrates the proactive approach AWS has taken to meet compliance requirements set by the Japanese government and to deliver secure AWS services to our customers. Service providers and customers of AWS can use the ISMAP certification of AWS services to support their own ISMAP certification programs. The full list of 123 ISMAP-certified AWS services is available on the AWS Services in Scope by Compliance Program webpage. You can confirm the AWS ISMAP certification status and find detailed scope information on the Information-technology Promotion Agency (IPA) ISMAP webpage.

As always, we are committed to bringing new services and Regions into the scope of our ISMAP program, based on your business needs. To learn more about the AWS ISMAP certification, see AWS ISMAP. If you have any questions, don’t hesitate to contact your AWS Account Manager.

If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.


Niyaz Noor

Niyaz is a Security Audit Program Manager at AWS, leading multiple security certification programs across the Asia Pacific, Japan, and Europe Regions. During his career, he has helped multiple cloud service providers obtain global and regional security certification. He is passionate about delivering programs that build customers’ trust and provide them assurance on cloud security.