The Center for Financial Industry Information Systems
(“FISC”) conducts research on diverse topics, such as
technology utilization, risk controls and threat management
related to financial information systems. In collaboration
with its member institutions, the Financial Services Agency
and the Bank of Japan, FISC has established the FISC
Security Guidelines on Computer Systems for Financial
Institutions (“FISC Security Guidelines”).
The FISC Security Guidelines set the standard on security
measures for information systems of financial institutions.
The guidelines provide specific guidance on the contents of
the outsourcing agreement, confidentiality, contingency
planning, control over outsourced activities and data
Google Cloud has developed a
and control mapping to help our customers understand how our
control environment aligns with the FISC Security
Guidelines. Many of these controls are already implemented
as part of existing third-party audited compliance
offerings, such as our
In addition, Google Cloud’s contracts for financial
institutions in Japan address the contract requirements in
FISC Security Guideline 21. We have also mapped the controls
in Guideline 21 to the relevant sections of our financial
services contracts for both
to assist you with understanding how we can support you with
meeting the requirements and assess us as an outsourced
service provider. Google Cloud is committed to addressing
these requirements regardless of how financial institutions
choose to use our services.
Contact sales to request the FISC handbook.