IBM Cloud® compliance: ISMAP
Illustration showing two people standing on platforms, with one person looking at a map display and the other regarding a security shield
What is ISMAP?

The Information System Security Management and Assessment Program (ISMAP) is a
Japanese government program to assess the security of public cloud service providers (CSP). ISMAP approves independent third-party auditors who evaluate and register CSPs and their services to ensure they meet specific security requirements set by the Japanese government, enabling agency usage without the added burden and cost of agency-led assessments.

Reports and other documentation
View the IBM Cloud IaaS and PaaS registration listed on the ISMAP website. (Listing is in Japanese and resides outside ibm.com.)
IBM position

IBM Cloud IaaS, PaaS and VPC were certified for ISMAP by an independent, third-party and certified auditor. The IBM Cloud ISMAP certification helps Japanese government agencies leverage IBM Cloud workloads while meeting security requirements.

IBM Service Descriptions (SD) indicate if a given offering has achieved and maintains ISMAP compliance status. Services below are assessed each year by an independent third-party auditor.

Services

IBM Cloud services that have maintained ISMAP certification, including:

IBM Cloud Backup
IBM Cloud Backup for VPC
IBM Cloud Bare Metal
IBM Cloud Bare Metal Servers for VPC
IBM Cloud Block Storage
IBM Cloud Block Storage for Virtual Private Cloud
IBM Cloud Block Storage Snapshots for VPC
IBM Cloud Container Registry
IBM Cloud Direct Link (on Classic "1.0"; Connect, Dedicated, Dedicated Hosting, Exchange)
IBM Cloud Direct Link Connect (2.0)
IBM Cloud Direct Link Dedicated (2.0)
IBM Cloud DNS Services
IBM Cloud File Storage
IBM Cloud Flow Logs for VPC
IBM Cloud Hardware Security Module
IBM Cloud Kubernetes Service
IBM Cloud Load Balancer
IBM Cloud Object Storage
IBM Cloud Object Storage (IaaS)
IBM Cloud Secrets Manager
IBM Cloud Transit Gateway
IBM Cloud Virtual Private Cloud
IBM Cloud Virtual Private Cloud - Load Balancer for VPC: Application Load Balancer and Network Load Balancer
IBM Cloud Virtual Private Cloud – VPN for VPC : Site-to-Site Gateway and Client-to-Site Server
IBM Cloud Virtual Private Endpoint for VPC
IBM Cloud Virtual Server for VPC
IBM Cloud Virtual Server for VPC - Auto Scale for VPC
IBM Cloud Virtual Server for VPC - Dedicated Host for VPC
IBM Cloud Virtual Servers
IBM Event Streams for IBM Cloud (Enterprise)
IBM Event Streams for IBM Cloud (Standard)
IBM Key Protect for IBM Cloud
IPSec VPN
Red Hat OpenShift on IBM Cloud
SAP-Certified Cloud Infrastructure

Take the next step

Questions about a compliance program? Need a protected compliance report? We can help.

See more compliance programs