Federal Risk and Authorization Management Program
Oracle’s FedRAMP-compliant cloud services span applications and infrastructure solutions across SaaS, PaaS, and IaaS, making it easier than ever for government agencies to digitally transform legacy mission systems securely, efficiently, and effectively.
FedRAMP solutions allows federal, state, and local agencies to migrate workloads to the cloud more securely, enabling government to focus on their core mission to deliver modern citizen services. By moving to the cloud, agencies can mitigate security risks, reduce operational costs, and stay on top of ever-changing citizen needs.
Oracle’s cloud infrastructure and applications follow rigorous processes and use effective security controls in all phases of cloud service development and operation. Oracle services are compliant with GSA’s FedRAMP standards, with engineered industry-leading security features that include encryption, optimization for critical workloads, and superior performance, with speeds 10x faster than other providers.
Oracle Cloud Infrastructure (FedRAMP High JAB P-ATO)
Oracle Cloud Infrastructure can provide government customers with the stringent security standards necessary to protect the federal government's data. Oracle has obtained a P-ATO from the Joint Authorization Board (JAB) for FedRAMP High in its U.S. Government Cloud regions.
- Auditing
- Block Storage
- Compute
- Database
- Exadata
- FastConnect
- Identity and Access Management
- Key Management
- Load Balancing
- Object Storage
- Virtual Cloud Networks
- File Storage
- Marketplace
- Streaming
- Notifications
- Oracle Container Engine for Kubernetes (OKE)
- Resource Manager
- Oracle Cloud Infrastructure Registry (OCIR)
- Monitoring
- Events
- Digital Assistant
- E-mail Delivery Service
- Cloud Shell Service
- Data Transfer Service
- Oracle Cloud VMWare Solution
- Oracle Autonomous Transaction Processing
- Oracle Autonomous Data Warehouse
- Oracle Cloud Infrastructure Data Catalog
- Connector Hub
- Oracle Cloud Infrastructure Data Integration
- Public Logging (includes VCN Flow Logs)
- Oracle Autonomous JSON Database
Oracle’s FedRAMP High cloud services include the following:
PaaS (OCI Gen2)
- Oracle Database Cloud Service
- Oracle Exadata Cloud Service
Oracle’s FedRAMP Moderate cloud services include the following:
PaaS (OCI Gen2)
- Oracle Database Cloud Service
- Oracle Exadata Cloud Service
SaaS
- Oracle Enterprise Resource Planning
- Oracle Human Capital Management
- Oracle Talent Acquisition Cloud (Taleo)
- Oracle Supply Chain Management
- Oracle Customer Experience Cloud
- Oracle B2C Service (Service Cloud, OPA, RightNow CX)
- Oracle Enterprise Performance Management (FedRAMP Low)
- Oracle Aconex for Defense
Managed Services
- Federal Managed Cloud Service
*This website aims to assist in understanding the FedRAMP compliance efforts and milestones in place relevant to Oracle Cloud Services. Oracle recognizes the importance of information protection and continually works to strengthen and improve the security controls and practices it has for these services. Not all achievements reflected on this page are applicable to all Oracle Cloud Services’ part IDs or within all geographic regions where such services are offered.
Learn About FedRAMP
FedRAMP is a security framework established to protect data confidentiality, integrity, and availability in cloud environments. Launched within the General Services Administration (GSA) in 2012, FedRAMP’s mission is to:
- Accelerate adoption of secure cloud products and of government-authorized secure cloud solutions and assessments
- Build confidence in cloud-based products and deployment architectures
- Achieve collaboration, agreement, and consistency for all cloud products deployed within the government—within or outside of the FedRAMP marketplace
- Develop and certify security deployment methods
- Drive digital transformation through emerging technologies, including automation, real-time analytics, and more to better support government’s mission