Adobe Document Cloud now registered with Japanese Government Information System Security Management and Assessment Program (ISMAP)

Image credit: Adobe Stock/ The KonG.

With compliance being a continuous process and priority for Adobe, we are excited to share that Adobe Document Cloud has completed the Information System Security Management and Assessment Program (ISMAP) assessment and is now registered on the ISMAP Registry as of September 15, 2023.

This assessment signifies that Adobe Document Cloud meets the stringent requirements set forth by the ISMAP framework within Japan — providing assurance that public sector customers can continue to use Document Cloud for commercial enterprises (which includes Acrobat Pro (Acrobat Online Services), Acrobat Sign, and Acrobat Services APIs), thereby enabling agencies to easily adopt Document Cloud and enhance their own digital experiences.

The Japanese government introduced the ISMAP framework in June 2020. The aim was to ensure the security level of the government's cloud service procurement by evaluating and registering cloud services that meet the security requirements of the government in advance, thereby contributing to the smooth introduction of cloud services. ISMAP is a comprehensive framework with nearly 1,200 controls designed to manage and assess the security of information systems within an organization. It has a strategic approach that combines management practices, risk assessment, and control implementations to protect sensitive data from various threats. Japanese government agencies procure cloud services only from organizations and products listed on the ISMAP Cloud Service List.

The ISMAP framework is built upon the ISO 27000 series framework and continues to expand in a well-thought-out and curated list of nearly 1,200 controls. The Adobe Common Control Framework (CCF) is instrumental in ensuring that we continue to meet the requirements for ISMAP with minimal additional efforts. The Adobe CCF continues to be the pioneer for common controls within the industry and seeks to evolve to meet global security compliance frameworks and regulations such as SOC2, ISO 27001, 27017, 27018, FedRAMP, PCI DSS 3.2.1 & 4.0 (upcoming), IRAP, Spain ENS and many more.

As part of our ongoing effort to support security for our enterprise community, Adobe has open-sourced our CCF to help other organizations who are mapping out industry security and privacy standards for their organization. You are invited to download CCF today and adapt it for use in your organization.

If you have any questions, please contact your local customer success manager or sales representative.