The Information System Security Management and Assessment Program (ISMAP) is a
Japanese government program to assess the security of public cloud service providers (CSP). ISMAP approves independent third-party auditors who evaluate and register CSPs and their services to ensure they meet specific security requirements set by the Japanese government, enabling agency usage without the added burden and cost of agency-led assessments.
Reports and other documentation
View the IBM Cloud IaaS and PaaS registration listed on the ISMAP website. (Listing is in
Japanese and resides outside IBM.com.)
IBM Cloud IaaS and PaaS were certified for ISMAP by an independent, third-party and certified auditor. The IBM Cloud ISMAP certification helps Japanese government agencies leverage IBM Cloud workloads while meeting security requirements.
IBM Service Descriptions (SD) indicate if a given offering has achieved and maintains ISMAP compliance status. Services below are assessed each year by an independent third-party auditor.
IBM Cloud services that have maintained ISMAP certification, including:
IBM Cloud Backup
IBM Cloud Bare Metal
IBM Cloud Block Storage
IBM Cloud Container Registry
IBM Cloud Direct Link (on Classic "1.0"; Connect, Dedicated, Dedicated Hosting, Exchange)
IBM Cloud File Storage
IBM Cloud Hardware Security Module
IBM Cloud Kubernetes Service
Red Hat OpenShift on IBM Cloud
IBM Cloud Load Balancer
IBM Cloud Object Storage
IBM Cloud Object Storage (IaaS)
IBM Cloud Secrets Manager
IBM Cloud Virtual Servers
IBM Event Streams for IBM Cloud (Enterprise)
IBM Event Streams for IBM Cloud (Standard)
IBM Key Protect for IBM Cloud
IPSec VPN
SAP-Certified Cloud Infrastructure