Compliance
Learn about the compliance certifications and service management responsibilities Oracle Database@Azure
Shared Responsibility between Oracle and Microsoft Azure
Oracle Database@Azure is an Oracle Cloud Infrastructure (OCI) database service that runs Oracle Database workloads in a customer's Azure environment. When the customer implements this solution, they deploy resources in two cloud environments: database resources are in Azure, while the database administration control plane is in OCI. This lets the customer deploy Oracle Database products in their Azure environment while OCI maintains administration capabilities.
Azure-based applications access Oracle Databases directly from within the customer's Azure environment. The customer performs most database administration operations in the Azure console as well. Maintaining the database control plane in OCI lets Oracle Database@Azure be easily managed and upgraded with the latest operational and administrative capabilities.
All hardware for Oracle Database@Azure uses Azure networking. Oracle’s responsibility for monitoring the data center control environments is included within the scope of the System. Oracle Database@Azure uses Azure's Identity and Access Management integration to manage user and group access for the customer's Oracle database resources. Azure networking and Identity and Access Management are not within the scope of the System.
While an OCI tenancy is required, day-to-day operations and visibility are centralized within the Azure environment, reflecting a shared responsibility model between Oracle and Azure.
Oracle Database@Azure Compliance Certifications
As of August 2025, the following compliance certifications have been completed for Oracle Database@Azure.
Table 1-1
| Audit Program | Location | Scope for Oracle Database@Azure |
|---|---|---|
| SOC1 (System and Organization Controls) | Global | Supported |
| SOC2 (System and Organization Controls) | Global | Supported |
| SOC3 (System and Organization Controls) | Global | Supported |
| HIPAA (Health Insurance Portability and Accountability Act) | Global | Supported |
| C5 (Cloud Computing Compliance Controls Catalog – Germany) | Global | Supported |
| CSA STAR Attestation | Global | Supported |
| CSA STAR Certification | Global | Supported |
| HDS (Hébergement de Données de Santé – France) | Global | Supported |
| ISO/IEC 9001 (Quality Management) | Global | Supported |
| ISO/IEC 20000-1 (Service Management) | Global | Supported |
| ISO/IEC 27001 (Information Security Management) | Global | Supported |
| ISO/IEC 27017 (Information Security for Cloud Services) | Global | Supported |
| ISO/IEC 27018 (Personally Identifiable Information in Public Clouds) | Global | Supported |
| ISO/IEC 27701 (Privacy Information Management) | Global | Supported |
| ISO/IEC 22301 (Business Continuity Management) | Global | Supported |
| PCI DSS (Payment Card Industry Data Security Standard) | Global | Supported |
| HITRUST (Health Information Trust Alliance) | Global | Supported |
| MTCS (Multi-Tier Cloud Security -Singapore) | Singapore | Supported |
| GSMA (GSM Association) | Global | Supported |
| IRAP (Infosec Registered Assessors Program - Australia) - PROTECTED | Australia | Supported |
| ISMAP (Information system Security Management and Assessment Program - Japan) | Japan | Supported |
| FISC (Center for Financial Industry Information Systems - Japan) | Japan | Supported |
For detailed information on the compliance certifications visit Microsoft service trust portal and Oracle compliance website. If you have further questions about Oracle Database@Azure compliance, contact your account team, or get information through Oracle and Microsoft support for Oracle Database@Azure.
Listing and Downloading Compliance Documents
List a Compliance Document
- From the OCI Console, select Identity and Security, and then select Compliance. From the Compliance Documents page, you can view all the documents that you have permission.
- By default, the Compliance Documents page shows documents sorted alphabetically by name. To sort the list differently, choose one of the following options:
- Select the arrow next to Name field. You can sort the list alphabetically by the name. From the default order, selecting the Name field again will reverse the list to show documents in reverse alphabetical order.
- Select the arrow next to Doc Type field. You can sort the list alphabetically by document type.
- Select the arrow next to Created field. You can sort the list by the document’s creation date and time.
Download a Compliance Document
- From the OCI Console, select Identity and Security, and then select Compliance.
- From the Compliance Documents page, select the document that you want to download , and then select the actions menu (
⋮). Select the Download option. - From the Agree to Terms and Conditions page, review the terms of use.
- Once you complete, select the I have reviewed and accept these Terms and Conditions checkbox, and then select the Download File.
- For a PDF file, use PDF reader software (such as Adobe Acrobat Reader) to view it instead of opening it in a browser. If necessary, when opening the PDF, select I Accept on the Oracle Confidential page.
- You can provide the document to your organization's compliance team using the method recommended by that team. If the compliance team prefers to download compliance documents directly, an administrator can create the necessary user accounts for them.