Skip to main content
Last updated on

Information system Security Management and Assessment Program (ISMAP)

This page describes ISMAP compliance controls in Databricks.

ISMAP overview

ISMAP is a Japanese government initiative that certifies cloud service providers for handling government data. It involves independent assessment against the Japanese government's cloud security standards.

Key points

  • Applies to cloud service providers operating in Japan and handling government data.
  • Involves assessment by an accredited ISMAP assessor.
  • Focuses on compliance with Japanese government cloud security controls.

Enable ISMAP compliance controls

To configure your workspace to support processing of data regulated by the ISMAP standard, the workspace must have the compliance security profile enabled. Only specific preview features are supported for processing regulated data. For details on the compliance security profile, supported preview features, and supported regions, see Compliance security profile.

You are solely responsible for verifying that sensitive information is never entered in customer-defined input fields, such as workspace names, compute resource names, tags, job names, job run names, network names, credential names, storage account names, and Git repository IDs or URLs. These fields might be stored, processed, or accessed outside the compliance boundary.

To enable ISMAP compliance controls, see Configure enhanced security and compliance settings.