Oracle Cloud Infrastructure Documentation

Center for Internet Security Recommendations Policy

The Center for Internet Security (CIS) Recommendations policy (ORA_CIS_RECOMMENDATIONS) is a pre-defined unified audit policy in Oracle Database designed to perform audits that the CIS recommends.

During Activity Auditing, you can enable or disable this policy, along with other policies provided by Oracle Data Safe. This policy tracks many activities and can help you evaluate whether you are adhering to database compliance requirements. For example, you can track when a user, database link, profile, or procedure is created, altered, or dropped.

CIS is a world-recognized organization that provides consensus-based best practices for helping organizations assess and improve their cyber security posture. They provide resources, such as configuration assessment tools, secure configuration benchmarks, security metrics, and certifications. One of the main objectives of the organization is to help businesses prioritize what they need to do for security, and they strive to provide recommendations in simple, non-technical terms.