Back to all articles

CloudNC achieves SOC 2 Type II compliance

Norval Scott
May 29, 2025
CloudNC achieves SOC 2 Type II compliance

CloudNC has successfully completed its SOC 2 Type II assessment, marking the next major milestone in our security and compliance programme. The attestation confirms that our controls for the security, availability and confidentiality of customer data are not only well-designed (as demonstrated by our earlier SOC 2 Type I report) but have also been proven effective over time during an extended audit period.

What is SOC 2 Type II?

SOC 2 (System and Organization Controls) is an independent framework developed by the American Institute of Certified Public Accountants (AICPA) to assess how service providers protect customer information. A Type I report is a snapshot of control design at a single point in time; a Type II report goes further by testing the operational effectiveness of those controls over a defined observation window (typically three to 12 months).

Why it matters

  • Trust & assurance – Verifies that CloudNC handles sensitive customer data securely and responsibly.
  • Enterprise readiness – Meets the due-diligence requirements of larger, highly regulated customers.
  • Market differentiator – Provides independent proof of security maturity in a competitive landscape.
  • Risk management – Demonstrates that robust, continuously operating controls are in place to identify and mitigate risks proactively.

What this means for CloudNC customers

All CloudNC software products and services, including CAM Assist, now operate under SOC 2 Type II-verified controls. Customers gain:

  • Streamlined vendor assessments – The report answers many common security questionnaires up-front.
  • Regulatory alignment – Supports compliance obligations in aerospace, defence and other sensitive sectors.
  • Continual assurance – Annual re-examination ensures controls stay effective as our platform evolves.

Continuing our compliance journey

SOC 2 Type II builds on February’s SOC 2 Type I achievement. Next on the roadmap is ISO/IEC 27001:2022, and NIST SP 800-171 / CMMC 2.0, alongside ITAR-ready infrastructure for US defence customers.

Our commitment is simple: to keep your data safe and secure whilst delivering operational value.

Related articles
CloudNC seeks ITAR compliance to expand into defense and aerospace sectors

CloudNC seeks ITAR compliance to expand into defense and aerospace sectors

Andy Cheadle
September 10, 2024
Announcing CloudNC's $45M Series B and New Strategic Partners Autodesk and Lockheed Martin

Announcing CloudNC's $45M Series B and New Strategic Partners Autodesk and Lockheed Martin

Theo Saville
June 21, 2022
CloudNC featured in Entrepreneur: Is the future of manufacturing automated or autonomous

CloudNC featured in Entrepreneur: Is the future of manufacturing automated or autonomous

CloudNC
March 31, 2021
Introducing

CAM Assist

Your AI co-pilot. Automate CAM in seconds.

Learn more