Overview

Global Information Security is responsible for security oversight, compliance and enforcement, and conducting information-security assessments leading the development of information security policy and strategy, as well as training and awareness at the corporate level. This organization serves as the primary contact for security incident response, providing overall direction for incident prevention, identification, investigation, and resolution.

Programs within Global Information Security are dedicated to preserving the confidentiality, integrity, and availability of Oracle information assets and the information assets entrusted to Oracle, including a focus on:

• Defining global corporate technical standards to enable security, privacy, and compliance
• Contributing to industry standards such as those issued by the International Organization for Standardization (ISO) and United States National Institute of Standards and Technology (NIST)
• Assisting lines of business security organizations with fostering a culture of security across regions and functional areas.

Information Security Manager Program

Global Information Security manages the Information Security Manager (ISM) Program. Information Security Managers serve as security advocates within their respective lines of business to increase awareness of and compliance with Oracle’s security policies, processes, standards, and initiatives.