It’s important that the compliance programs Oracle Cloud Infrastructure (OCI) offers keep pace with our customers’ requirements and our regional expansion efforts. One of the ways OCI does this is by continuously examining our controls and conducting regular independent third-party assessments to monitor and evaluate the security, privacy, and confidentiality of our cloud services.
Today, we are pleased to announce the fall OCI assessments are complete and new compliance documents are now available for Cloud Computing Controls Catalog (C5), Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) Level 2, Health Insurance Portability and Accountability Act (HIPAA), Systems and Organization Controls (SOC) 1, 2, and 3, Payment Card Industry Data Security Standard (PCI DSS), International Organization for Standardization (ISO) 9001/20000-1/27701/27001/27017/27018, and Hebergeur de Donnees de Sante (HDS).
In addition to ensuring that seven new OCI services meet our security-first compliance bar, this assessment added four new Oracle Cloud data regions, including the recently launched EU Sovereign Cloud regions.
The following services and regions have been included in these reports:
New regions in scope
New services in scope
OCI provides a simplified way for customers to access audit reports and certificates on demand through the Compliance Documents service in the Oracle Cloud Console.
Oracle recognizes the importance of regular independent assessments of security and privacy controls against global standards like ISO, SOC, and CSA STAR. These compliance documents can help you conduct the necessary due diligence when leveraging OCI for your most critical workloads. Learn more on our Oracle Cloud Compliance webpage or contact one of our representatives.