Standard Guidelines for the Promotion of a Digital

Last Updated:: Jun 13, 2025

In order to realize a digital society, it is important for stakeholders to work together under "common rules" to create value.
The Standard Guidelines for the Promotion of a Digital Society are a compilation of common rules and reference documents on procedures and procedures for service and business reforms and the development and management of government information systems associated with these reforms, as well as various technical standards.

There are two types of positioning for each document:

Standard Guidelines (Normative): Documents specifying the contents to be observed as rules for the development and management of government information systems
Practical Guidebook (Informative): Reference documents

Previously, various guidelines were formulated under the name "Standard Guidelines for the Promotion of Digital Government," but from the perspective of promoting the Digital Agency not only within the government but also for society as a whole, the name of these document systems has been changed to the "Standard Guidelines for the Promotion of Digital Society" digitalisation.
The term "Digital Government" will continue to be used for documents that mainly define internal government procedures.

General documentation of government information systems

DS-100 Digital Government Promotion Standard Guidelines

Articles (PDF/2,532 kb) (updated June 5, 2024)
Consolidated (PDF/Word file) (ZIP / 2,953 kb) (updated June 5, 2024)

Last Updated: May 31, 2024
Document Positioning - Normative
Outline: Systematic government common rules that stipulate basic policies and matters concerning procedures and procedures and the roles of each organization within the government with regard to service and business reforms and the development and management of government information systems associated with these reforms

DS-110 Standard Guidelines for Promoting Digital Government

Articles (PDF/8,502 kb) (updated June 5, 2024)
Consolidated (PDF/Word file) (ZIP / 11,775 kb) (updated June 5, 2024)

Last Updated: May 31, 2024
Document Positioning - Informative
Summary: As a subdocument of the Standard Guidelines, a reference document that contains article-by-article explanations, etc. to facilitate understanding of the purpose and purpose of the Standard Guidelines

DS-120 Digital Government Promotion Standard Guidelines Practice Guidebook

Articles (PDF/23,783 kb) (updated June 5, 2024)
Consolidated (PDF/Word file) (ZIP / 44,471 kb) (updated June 5, 2024)

Last Updated: May 31, 2024
Document Positioning - Informative
Summary: A practical reference document that incorporates know-how and lessons learned as a sub-document of the Standard Guideline, the Annex to the Standard Guideline, and the Manual of the Standard Guideline

Various Templates ZIP (ZIP / 6,284 kb) (updated June 5, 2024)

DS-121 Agile Development Practice Guidebook

Articles (PDF/985KB)
Consolidated (PDF/Word file) (ZIP / 1,087 kb)

Last Updated: March 30, 2021
Document Positioning - Informative
Summary: In the development of government information systems, it is necessary to establish the option of agile development in addition to the traditional development style. This document summarizes the basic knowledge necessary to understand agile development first.

DS-130 Standard Guidelines Glossary

Articles (PDF/191KB)
Consolidated (PDF/Word file) (ZIP / 248 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Overview: glossary of standard guidelines

References

Process Review Implementation Procedure Set (ZIP / 397 kb) (updated April 3, 2023)
Please use it as a reference for process review.

(Reference) Standard Guidelines Training Materials (PDF / 11,657 kb)
Materials prepared for employees and other related parties to deepen their understanding of the outline of DS-100, DS-110, and DS-120.

Security Documentation

DS-200 Security-by-Design Guidelines for Government Information Systems

Articles (PDF/1,376 kb)
Consolidated (PDF/Word file) (ZIP / 1,806 kb)

Last Updated: January 31, 2024
Document Positioning - Informative
Outline: In order to efficiently ensure security for information systems, it is necessary to implement consistent security measures (security-by-design) from the planning to the operation of information systems. This document describes the contents of security implementation and requirements in each process and defines the roles of related parties in order to take a panoramic view of security measures in the system life cycle.

Reference _ Standards for Cloud Service ISMAP Controls (PDF / 235 kb)

* "Reference Materials _ Standards for Cloud Service ISMAP Management Measures" can be viewed only if the following two JIS standards have been purchased.
JIS Q 27014:2015 (ISO/IEC 27014:2013)
JIS Q 27017:2016 (ISO/IEC 27017:2015)

DS-201 Security Risk Analysis Guidelines for Government Information Systems - Combined Approach of Baseline and Business Damage -

Articles (PDF/2,200 kb)
Consolidated (PDF/Word/Excel file) (ZIP / 3,688 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Summary: To ensure the security of information systems, it is essential to be aware of risks and manage them reliably. There are various techniques for security risk analysis. This document introduces a procedure for risk analysis that combines a baseline and business damage, with the aim of balancing and improving work efficiency and analysis accuracy.
This document is specifically presented as an example of the procedures for security risk analysis in DS-200, Security by Design Guidelines for Government Information Systems.

DS-202 Technical Report on Security Considerations in the CI/CD Pipeline

Articles (PDF/980KB)
Consolidated (PDF/Word/Excel file) (ZIP / 1,533 kb)

Last Updated: March 29, 2024
Document Positioning - Informative
Summary: In modern applications built on modern technologies, the CI / CD pipeline is an essential information system component for optimizing the development process and security measures. Attackers have begun to focus on its value and target it. This document describes the CI / CD pipeline from a security point of view and guides the points to consider when considering protection measures.

DS-210 Zero Trust Architecture Implementation Policies

Articles (PDF/774KB)
Consolidated (PDF/Word file) (ZIP / 981 kb)

Last Updated: June 30, 2022
Document Positioning - Informative
Overview: With the expansion of the use of cloud services and changes in the business environment such as remote work, it has become difficult to completely prevent and defend against cyberattacks, which has become more sophisticated in recent years, only with the conventional border-type security model, and the application of zero trust concepts is required. This document explains the basic policies for applying zero trust and Architecture, and describes the points to consider when introducing them.

DS-211 Continuous Risk Assessment and Response (CRSA) Enterprise Architecture (EA)

Articles (PDF/751KB)
Consolidated (PDF/Word file) (ZIP / 1,067 kb)

Last Updated: January 31, 2024
Document Positioning - Informative
Description: Achieving stable and secure service delivery in a zero trust Architecture requires early detection and mitigation of government-wide cybersecurity risks. This paper describes the Architecture of a platform for information collection and analysis to continue this activity.

DS-212 Technical Report on Attribute-Based Access Control in Zero Trust Architecture Application Policies

Articles (PDF/799KB)
Consolidated (PDF/Word file) (ZIP / 723 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Description: In accordance with the principles of cloud-by-default, many tasks in government information systems in the future will be processed through cloud services. In order to maintain and improve robustness even in traditional business processing environments, it will be important to incorporate the concept of "zero trust cybersecurity", which adapts Architecture to new environments. The core of zero trust Architecture is to control access between each resource required for business processes from various information. This document is one of the access control models, and describes the overall technical content of attribute-based access control that utilizes attributes granted to resources, environmental information, etc.

Resources _ ABAC Implementation Example -Amazon Web Services (PDF / 537 kb)
Reference _ ABAC Implementation Example -Microsoft Azure Active Directory (PDF / 973 kb)

DS-220 Technical Report on Implementation of Cybersecurity Framework in Government Information Systems

Articles (PDF/1,016 kb)
Consolidated (PDF/Word file) (ZIP / 1,225 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Overview: With the increasing sophistication and complexity of cyberattacks, there is a need to strengthen cyber resiliency. Given the intrusion of threats, and the increasing emphasis on enhancing information security confidentiality, integrity, and availability-by recognizing detection, response, and recovery in addition to identification and defence-the NIST cybersecurity framework has attracted worldwide attention.
This technical report aims to describe the cybersecurity framework and provide key points for its implementation in government information systems.

DS-221 Guidelines for Introducing Vulnerability Diagnosis in Government Information Systems

Articles (PDF/1,148 kb)
Consolidated (PDF/Word file) (ZIP / 1,360 kb)

Last Updated: February 6, 2024
Document Positioning - Informative
Description: It is important to conduct vulnerability assessments to ensure cyber resilience in government information systems. This document describes criteria and guidelines for vulnerability adoption to enable the selection and procurement of the most appropriate vulnerability assessment.

DS-231 Technical Report on Cataloging Security Controls

Articles (PDF/599KB)
Consolidated (PDF/Word file) (ZIP / 769 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Overview: Cataloguing security controls refers to the assignment of unique identifiers to independent security controls and their classification in machine-readable form.
This will improve the efficiency, timeliness, accuracy, and consistency of system security assessments by facilitating traceability among control elements, automation of system configuration, etc. This paper provides an overview of security control cataloging.
The OSCAL (Open Security Controls Assessment Language) described in this document is an effort to catalog security controls, and its use is attracting attention. The OSCAL is a language developed by the NIST to express security controls in a machine-readable language. It can be described in three formats: XML, JSON, and YAML.
Example: OSCAL Format Description Example "Guidelines for the Establishment of Standards for Measures for Government Agencies (July 4, 2023 Version)" (ZIP / 298 kb) (Posted on September 20, 2024)
Using OSCAL , "Uniform Standards for cybersecurity Countermeasures for Government Agencies" , "Guidelines for the Establishment of Standards for Countermeasures for Government Agencies (FY 2023 Version) (PDF)" are described in XML, JSON, and YAML. & nbsp;
When each government agency defines security management measures based on the unified standards group for cybersecurity measures of government agencies, etc., the standards will be described more specifically. Therefore, by structuring the security management measures of each government agency in consideration of OSCAL , it is expected to contribute to the automation and mechanization of the formulation of security management measures, improve the efficiency of information sharing, improve the quality of security control evaluation, and save labor related to them.

Cloud Documentation

DS-310 Basic Policy on Appropriate Use of Cloud Services in Government Information Systems

Articles (PDF/391KB)
Consolidated (PDF/Word file) (ZIP / 459 kb)

Last Updated: September 29, 2023
Document Positioning - Normative
Outline: Annex to the Standard Guidelines for Government Information Systems, which sets the adoption of cloud services as the default (first choice) and shows the concept of using cloud services appropriately (smartly) instead of simply using cloud services.

Data Federation Documentation

DS-400 Government Interoperability Framework (GIF)

GitHub (external site)

October 13, 2022 We started publishing on GitHub (external site).

Document (updated March 28, 2025)

Zip Download

If GitHub is not available, get it from the integrated version.

Consolidated (PDF/Word/Excel file) (ZIP / 34,470 kb) (updated March 28, 2025)
Last Updated: March 25, 2025
Document Positioning - Informative
Overview: Provide " Government Interoperability Framework (Government Interoperability Framework) " (GIF) as a practical guidebook for realizing a society where data utilization and collaboration can be carried out smoothly. By organizing data using this framework, it is possible to design data that is highly scalable and easy to collaborate.

Trust Documentation

DS-500 Guidelines for Online identity verification Techniques in Administrative Procedures

Articles (PDF/1,506 kb)
Consolidated (PDF/Word file) (ZIP / 1,996 kb)

Last Updated: February 25, 2019
Document Positioning - Normative
Summary: Annex to the Standard Guidelines on Online digitalisation Techniques for identity verification Administrative Procedures

Reference Material - Interim Report for Revision (Fiscal Year 2022 (2022)) (PDF / 3,580 kb) (published on June 29, 2023)
Reference Material _ Interim Summary for Revision (Fiscal Year 2023 (2023)) (PDF / 2,123 kb) (updated on July 23, 2024)
Reference _ Summary for Revision (FY 2024 (FY 2024)) (PDF / 1,152 kb) (Published on April 1, 2025)
Reference _ "Guidelines for Online identity verification Techniques in Administrative Procedures" Q & amp; A (PDF / 387 kb) (posted June 17, 2024)

DS-531 Basic Concept on digitalisation of Disposition Notices

Articles (PDF/310KB)
Consolidated (PDF/Word file) (ZIP / 373 kb)

Last Updated: March 31, 2023
Document Positioning - Informative
Outline: With the aim of improving the convenience of individuals, corporations, etc. and the efficiency of administrative operations, in order to promote the digitalisation of disposition notices, etc. in the short term, common ideas and methods of responding to issues, etc. will be provided so that they can be used as references in practice.

Q & amp; A (PDF / 169 kb) digitalisation
Reference Material _ Flow Chart for Consideration of Examples of Short-Term Methods for digitalisation of Disposition Notices, etc.
PDF(189KB)/Excel(21KB)