Japan to introduce registry system for government cloud service providers
IT specialists at the Ministry of Economy, Trade and Industry (METI) and the Ministry of Internal Affairs (MIC) have published a proposal (J) for a new registry system to better safeguard the security of IT systems, such as cloud services, the Japanese government procures. Among others, the proposal will require a check by auditors whether the conditions for each service provided are met. After passing the audit, the suppliers will be recorded into a register. When introduced, procurement by the central government will only be possible for services listed in the registry. The new system is scheduled to be introduced in the fall of 2020.
In other countries, similar public auditing systems for public procurement of cloud services have already been introduced. The proposal for the new system is now open for 1 month for public comments (J), after which a formal decision is expected within the year.
It is still too early to see whether the new system will be an additional barrier for foreign suppliers to participate in public procurement in Japan. However, with large players in the cloud services market, such as Google and Amazon, it is expected that the system will be structured along international regulations with regard to information security.