I'd like information about FISC
Security By Design

In December 1985, the Center for Financial Industry Information Systems (FISC) established security guidelines for using computer systems in banking and related financial institutions. These guidelines, known as FISC Security Guidelines, are broadly recognized and used by many Japanese financial institutions in the architecture and operation of their computer systems.

The Financial Services Agency’s (FSA) Financial Inspection Manual lists the FISC Security Guidelines as a document that inspectors can reference while conducting inspections at financial institutions.

For more information, see the following resources:

  • AWS information on the FISC Security Guidelines (8th Edition):

Download the Japanese Version

Download the English Version

  • AWS information on the FISC Security Guidelines (Revised Supplements to the 8th Edition):

Download the Japanese Version

  • Risk and Compliance Whitepaper. This document provides information on third-party attestations, certifications which AWS maintains and various compliance programs. It also provides information on security requirements such as the Consensus Assessment Initiative Questionnaire (CAIQ) of the Cloud Security Alliance (CSA).

The FISC Security Guidelines include a wide range of measures for the categories of Facility Guidelines, Operational Guidelines and Technical Guidelines. When customers use the AWS environment, it is necessary to review and clarify the responsibility on measures to be performed by AWS and by customers based on the Shared Responsibility Model according to each requirement. The following AWS solution providers’ websites provide information about review points and measures summarized based on the Shared Responsibility Model. For more information on AWS Partners, visit the AWS Partner Network.

 

Contact Us