Corporate Security Architecture
Overview
The corporate security architecture team guides Oracle’s IT departments and lines of business towards deploying information security and identity management solutions that advance Oracle's information security goals. The team works with Chief Security Officer and Global Product Security, and the development Security Leads to address key security topics and tooling.
Corporate Security Architecture (CSA) manages a variety of programs and leverages multiple methods of engaging with leadershipand operational security teams responsible for Oracle operations, services, cloud, and other lines of business.
Corporate Security Solution Assurance Process
CSSAP reviews are designed to help align systems with Oracle’s strategy and corporate policies. CSSAP helps to accelerate the delivery of innovative cloud solutions and corporate applications by requiring appropriate reviews:
- Pre-review: technical security management teams in each line of business must perform a pre-assessment of each project using the approved template
- CSSAP review: security architecture team reviews the submitted plans and performs a technical security design review
- Security assessment: based on risk level, systems and applications undergo security verification testing before production use
Oracle Cloud Program
Corporate Security Architecture (CSA) manages a cross-organization working group focused on security architecture, with the goal of collaboratively guiding security for Oracle cloud services. Participation includes members from Oracle cloud service development, operations, and governance teams.