Asia Pacific | Financial services

FISC (Japan)

The Center for Financial Industry Information Systems (“FISC”) conducts research on diverse topics, such as technology utilization, risk controls and threat management related to financial information systems. In collaboration with its member institutions, the Financial Services Agency and the Bank of Japan, FISC has established the FISC Security Guidelines on Computer Systems for Financial Institutions (“FISC Security Guidelines”).

The FISC Security Guidelines set the standard on security measures for information systems of financial institutions. The guidelines provide specific guidance on the contents of the outsourcing agreement, confidentiality, contingency planning, control over outsourced activities and data management.

Google Cloud has developed a FISC whitepaper and control mapping to help our customers understand how our control environment aligns with the FISC Security Guidelines. Many of these controls are already implemented as part of existing third-party audited compliance offerings, such as our ISO/IEC 27001, ISO/IEC 27017, and ISO/IEC 27018 certifications.

In addition, Google Cloud’s contracts for financial institutions in Japan address the contract requirements in FISC Security Guideline 21. We have also mapped the controls in Guideline 21 to the relevant sections of our financial services contracts for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

The FISC Control Mapping may be requested via sales, here.


ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more