Alert: False SCS Evaluation Solicitation Reports Rising

NISC

Changeflow GovPing Data Privacy & Cybersecurity Alert: False SCS Evaluation Solicitation Report...

Priority review Notice Added Final

Alert: False SCS Evaluation Solicitation Reports Rising

Japan NISC News

Published April 27th, 2026

Detected April 28th, 2026

Email

Summary

Japan's Ministry of Economy, Trade and Industry (METI), National Center of Incident readiness and Strategy for Cybersecurity (NISC), and Information-Technology Promotion Agency (IPA) issued an alert on April 27, 2026, warning businesses about fraudulent solicitation activities falsely claiming that the SCS (Supply Chain Security) Evaluation System is mandatory for commercial transactions. The alert specifically addresses misleading sales tactics asserting that companies without SCS evaluation will be excluded from bidding or face trading restrictions. The agencies clarify that the SCS Evaluation System, scheduled to launch by end of fiscal year 2026, is entirely voluntary with no regulatory trade restrictions, and no specific security products are required to meet evaluation standards. The government advises businesses to obtain accurate information directly from IPA and expects to publish evaluation guidelines in autumn 2026.

Published by NISC on cyber.go.jp . Detected, standardized, and enriched by GovPing. Review our methodology and editorial standards .

About this source

GovPing monitors Japan NISC News for new data privacy & cybersecurity regulatory changes. Every update since tracking began is archived, classified, and available as free RSS or email alerts — 6 changes logged to date.

View original document View source feed page

What changed

Japan's cybersecurity and information technology promotion agencies issued a joint alert on April 27, 2026, warning about an uptick in fraudulent business solicitations that misrepresent the voluntary SCS (Supply Chain Security) Evaluation System as mandatory for commercial transactions. The alert specifically targets misleading claims that companies lacking SCS evaluation will be excluded from bidding or face regulatory trading restrictions. The agencies clarify that the evaluation system, designed to promote cybersecurity measures between two companies in supply chain transactions, carries no regulatory trade restrictions and does not mandate any specific security products for compliance.

Businesses receiving unsolicited sales calls or communications asserting SCS evaluation is required for ongoing commercial relationships should treat these as suspicious. The legitimate evaluation system is scheduled for launch by end of fiscal year 2026, with official evaluation guidelines to be published in autumn 2026. All inquiries about the authentic program should be directed to IPA, the system's scheme owner, rather than third-party solicitors.

Archived snapshot

Apr 28, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

サプライチェーン強化に向けたセキュリティ対策評価制度（SCS 評価制度）に係る不適切な勧誘に御注意ください令和８年４月 27 日経済産業省商務情報政策局サイバーセキュリティ課内閣官房国家サイバー統括室制度・監督ユニット令和８年度末頃の制度開始を予定している「サプライチェーン強化に向けたセキュリティ対策評価制度」（SCS 評価制度）を引き合いに、「評価を取得していないと商取引が規制される」「今すぐ評価を取得しないと入札から除外される」といった営業活動による、製品・サービスの勧誘が報告されています。本制度は、２社間の取引契約等において、発注者が受注者に適切なサイバーセキュリティ対策の段階(★) を提示し、受注者に示された対策の実施を促すとともに、両者で実施状況を確認することを想定した任意の制

度であって、上記のような営業活動は、本制度の趣旨・目的とは異なるものです。本制度は、個社間における

商取引に関し規制措置を講じるものではなく、また、本制度の評価基準を達成するにあたっては、特定のセキュ

リティ対策製品の導入が必須とされているものではありませんので、御注意ください。

本制度は制度構築方針が令和８年３月に公表されましたが、今後、詳細を制度のスキームオーナーである独立行政法人情報処理推進機構（IPA）が構築し、周知して参りますので、IPA から正しい情報を入手い

ただくようお願いいたします。また、本制度の運用状況の監督をする経済産業省及び内閣官房国家サイバー

統括室としても、IPA と共に業界団体等を通じて適切な制度活用がなされるよう、普及啓発に努めてまいります。本制度の方針については、制度構築方針及び概要資料を御覧いただくと共に、よくある質問をまとめた FAQ も公表しておりますので、御参照ください。今後、本制度の要求事項・評価基準を満たす具体的な実装例などをまとめた評価ガイド等を、令和８年秋頃を目途に公表する予定です。

参考 URL：

情報処理推進機構(IPA) - サプライチェーン強化に向けたセキュリティ対策評価制度（SCS 評価制 • 度）経済産業省(METI) • 「サプライチェーン強化に向けたセキュリティ対策評価制度に関する制度構築方針」（SCS 評価制 o 度の構築方針）を公表しましたサプライチェーン強化に向けたセキュリティ対策評価制度に関する制度構築方針及び FAQ 等 o

o サプライチェーン全体のサイバーセキュリティ向上のための取引先とのパートナーシップの構築に向けて

情報処理推進機構(IPA) - サプライチェーン強化に向けたセキュリティ対策評価制度（SCS 評価制
度）を活用する中小企業向け支援策について
経済産業省(METI) - サイバーセキュリティお助け隊サービス（新類型）

Related changes

SCS Evaluation System, April 27th Warning Notice

Routine Apr 28, 2026 • Japan NISC News • Data Privacy & Cybersecurity

Japan Participates in NATO Locked Shields 2026 Cyber Defense Exercise

Routine Apr 25, 2026 • Japan NISC News • Data Privacy & Cybersecurity

Get daily alerts for Japan NISC News

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Japan NISC News nisc.go.jp/news

Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from NISC.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

April 28, 2026

Press inquiries →

Classification

Agency

NISC

Published

April 27th, 2026

Instrument

Notice

Branch

Executive

Joint with

METI IPA

Source language

ja

Legal weight

Non-binding

Stage

Final

Change scope

Minor

Who this affects

Applies to

Manufacturers Technology companies Healthcare providers

Industry sector

5112 Software & Technology

Activity scope

Product certification response Supply chain security

Geographic scope

Japan JP

Taxonomy

Primary area

Cybersecurity

Operational domain

Cybersecurity

Topics

Consumer Protection Product Safety

Alert: False SCS Evaluation Solicitation Reports Rising

Summary

About this source

What changed

Archived snapshot

Related changes

Source

About this page

Classification

Who this affects

Taxonomy

Browse Categories

Get alerts for this source

Subscribed!