Oracle offers FedRAMP-compliant and DISA P-ATO authorized infrastructure and software services. These services and solutions are assessed by a third-party assessment organization (3PAOs) to complete a readiness for the authorization and are continuously monitored for compliance requirements.
See a complete list of FedRAMP-compliant services at Oracle FedRAMP Marketplace.
FedRAMP is a security framework established to protect data confidentiality, integrity, and availability in cloud environments. Launched within the General Services Administration (GSA) in 2012, FedRAMP’s mission is to:
Oracle Cloud Infrastructure (OCI) can provide government customers with the stringent security standards necessary to protect the federal government's data. Oracle has obtained a P-ATO from the Joint Authorization Board (JAB) for FedRAMP High in its U.S. Government Cloud regions.
The following services are currently under government review for approval:
Oracle Aconex for Defense
Oracle B2C Service
Oracle Customer Experience Cloud
Oracle Enterprise Resource Planning
Oracle Human Capital Management
Oracle Talent Acquisition Cloud (Taleo)
Oracle Supply Chain Management
The Defense Information Systems Agency's mission is to provide, operate and defend global command and control and information-sharing capabilities for the entire Defense Department, national-level leaders, and coalition partners. The DISA Cloud Computing Security Requirements Guide (CC SRG) outlines how the US Department of Defense (DoD) assesses the security posture of non-DoD cloud service providers (CSPs) and how to grant a DoD Provisional Authorization (PA) to host DoD information and systems. The CC SRG defines the DoD Impact Levels which are a combination of the sensitivity of the information to be stored and/or processed in the cloud; and the potential impact of an event that results in the loss of confidentiality, integrity, or availability of that information:
The following services are currently under government review for approval:
Oracle Aconex for Defense
Oracle B2C Service
Oracle Enterprise Resource Planning
Oracle Customer Experience Cloud
Oracle Human Capital Management
Oracle Supply Chain Management
Oracle Cloud Marketplace provides a single platform where government customers can discover, evaluate, and launch a rich ecosystem of click-to-deploy images and end-to-end solution stacks provided by Oracle and third party independent software vendor (ISV) partners.
Federal agencies can purchase Oracle Cloud services quickly and easily through existing contracts that provide access to Oracle’s Generation 2 Enterprise Cloud and its comprehensive cloud computing services portfolio.
Oracle Cloud for Government helps agencies maximize IT investment, manage enterprise workloads, and build cloud native solutions for the future. It’s authorized to operate at a FedRAMP High JAB and Impact Level 4, providing compliant, highly secure, and resilient infrastructure and solutions for U.S. federal agencies, state and local offices, and government-affiliated entities.
Oracle National Security Regions (ONSRs) meet the highest level of U.S. Government classification standards and are designed and built for the U.S. DoD and Intelligence communities. Completely isolated from the internet, these air-gapped regions securely provide IaaS, PaaS, SaaS, and marketplace services, and enable mission owners to secure nation’s data, remove data silos, and innovate.
Oracle Cloud for Government enables an all-domain advantage for the U.S. Department of Defense (DoD) with cloud innovation and resilience. Oracle’s DISA IL5-authorized cloud environments support the DoD’s strategic objectives across multidomain warfighting capability.