We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

Oracle Information Protection Policy


Oracle’s formal Information Protection Policy provides guidelines for all Oracle personnel and business partners regarding information classification schemes and minimum handling requirements associated with those classifications.

Oracle categorizes information into four classes—Public, Internal, Restricted, and Highly Restricted—with each classification requiring corresponding levels of security controls, such as encryption requirements for data classified as Restricted or Highly Restricted.

Training and Awareness

Oracle’s mandatory training instructs employees about the company’s Information Protection Policy. This training also tests employee understanding of information asset classifications and handling requirements. Employees must complete this training when joining Oracle and must periodically repeat it thereafter. Reports enable managers to track course completion for their organizations.

Oracle Data Management and Retention

Oracle has formal requirements for managing data retention. These operational policies define requirements per data type and category, including examples of records in various Oracle departments.

System Inventory

Developing and maintaining accurate system inventory is a necessary element for effective general information systems management and operational security. Oracle’s Information Systems Asset Inventory Policy requires that an accurate and current inventory be maintained for all information systems holding critical and highly critical information assets in Oracle Corporate and cloud infrastructures.

Oracle policy specifies the data (or fields) which must be maintained about these information systems in the approved system inventory. The required technical and business information fall in the following categories:

  • Hardware details such as manufacturer, model number and serial number of the equipment, system or device
  • Physical location of the data center/facility and location within that building
  • Software details such as the operating system and applications and associated versions
  • Classification of information assets
  • Ownership information at the organizational and individual levels