We’re happy to announce that Oracle Cloud Infrastructure (OCI) has added another ISO certificate to our portfolio after successfully completing an audit for ISO/IEC 27701:2019.

International Organization for Standardization (ISO)/IEC 27701:2019 is an international standard for data privacy that provides a framework for organizations to establish, implement, maintain, and continuously improve a Privacy Information Management System (PIMS). ISO 27701 is an extension of Oracle’s ISO 27001 Information Security Management System (ISMS) certification and includes specific guidance and controls to support an effective PIMS. This certification demonstrates that OCI has implemented the required controls to protect customers’ data privacy and personally identifiable information processed on OCI. See the complete list of in-scope services on the Oracle Cloud Compliance page.

OCI has also successfully completed audits for our existing ISO 9001/20000-1/27001/27017/27018 programs. With these new compliance achievements, we’ve added over 20 new services to each program and expanded our regional scope to include Cardiff, UK, Dubai, UAE, and Santiago, Chile.

New services

  • Analytics Cloud

  • Autonomous Database on Dedicated Cloud at Customer Exadata Infrastructure (ADB-D)

  • Autonomous Database on Dedicated Exadata Infrastructure (ADB-D)

  • Autonomous Database on Shared Exadata Infrastructure (ADB-S)

  • Blockchain platform

  • Client Log service for software-as-a-service (SaaS) extensions and VB Studio

  • Cloud Guard

  • Content and Experience

  • Data Catalog

  • Data Integration

  • Data Safe

  • Fusion Analytics Warehouse

  • Integration

  • Logging Analytics

  • Logging

  • Management Agent

  • OS Management

  • Operations Insights

  • Optimizer

  • Search or Resource Query Manager

  • Service Connector Hub

  • Tagging

  • Gen2 Exadata Cloud@Customer

New regions

  • Chile Central (Santiago)

  • UAE East (Dubai)

  • UK West (Cardiff)

Conclusion

Oracle Cloud Infrastructure’s ISO certifications offer customers independent assurance about internal control, data protection, and regulatory compliance. These assurance reports play an important role in customers’ responsibilities including (but not limited to) internal corporate governance, risk management processes, vendor management programs, and regulatory oversight. Customers can use these third-party audits to assess how Oracle’s cloud services can meet their compliance and data-processing needs.

See our complete list of compliance programs on the Oracle Cloud Compliance page.