OCI fall audit reports are now available

It’s important that the compliance programs Oracle Cloud Infrastructure (OCI) offers keep pace with our customers’ requirements and our regional expansion efforts. One of the ways OCI does this is by continuously examining our controls and conducting regular independent third-party assessments to monitor and evaluate the security, privacy, and confidentiality of our cloud services. 

Today, we are pleased to announce the fall OCI assessments are complete and new compliance documents are now available for Cloud Computing Controls Catalog (C5), Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) Level 2, Health Insurance Portability and Accountability Act (HIPAA), Systems and Organization Controls (SOC) 1, 2, and 3, Payment Card Industry Data Security Standard (PCI DSS), International Organization for Standardization (ISO) 9001/20000-1/27701/27001/27017/27018, and Hebergeur de Donnees de Sante (HDS).

In addition to ensuring that seven new OCI services meet our security-first compliance bar, this assessment added four new Oracle Cloud data regions, including the recently launched EU Sovereign Cloud regions.  

The following services and regions have been included in these reports:

New regions in scope

• Mexico Northeast, Monterrey, Mexico
• EU Sovereign Cloud, Frankfurt am Main, Federal Republic of Germany
• EU Sovereign Cloud, Spain Central, Madrid, Spain
• Serbia Central, Jovanovac, Serbia

New services in scope

• Desktop as a Service
• Document Understanding
• Netsuite Analytics Warehouse
• Operations Insights
• Oracle Cloud Migrations
• Queue
• Serverless Kubernetes

Find out more

OCI provides a simplified way for customers to access audit reports and certificates on demand through the Compliance Documents service in the Oracle Cloud Console.

Oracle recognizes the importance of regular independent assessments of security and privacy controls against global standards like ISO, SOC, and CSA STAR. These compliance documents can help you conduct the necessary due diligence when leveraging OCI for your most critical workloads. Learn more on our Oracle Cloud Compliance webpage or contact one of our representatives.