Suppliers and Partners Security

Overview

Oracle suppliers and partners are required to protect the data and assets Oracle entrusts to them. These Supplier Information and Physical Security Standards detail the security controls that Oracle’s suppliers and partners are required to adopt when accessing Oracle or Oracle customer facilities, networks and/or information systems, handling Oracle confidential information, or controlling custody of Oracle hardware assets. Suppliers and partners are responsible for compliance with these standards, including ensuring that all personnel and subcontractors are bound by contractual terms consistent with the requirements of Oracle’s standards. These standards cover a wide range of requirements in the following critical areas:

  • Personnel/human resources security
  • Business continuity and disaster recovery
  • Information security organization, policy, and procedures
  • Compliance and assessments
  • Security incident management and reporting
  • IT security standards
  • Baseline physical and environmental security