Nocoly Achieves SOC 2 Type I Compliance, Independently Audited by EY

Nocoly has successfully completed its SOC 2 Type I audit, with Ernst & Young (EY) — one of the world’s “Big Four” accounting firms — serving as the independent auditor and issuing a formal report. Building on a long-standing commitment to systematic information-security management, this marks another internationally recognized endorsement of Nocoly’s security and compliance posture.

What is SOC 2

SOC 2 (Service Organization Control 2) is an information-security auditing standard developed by the American Institute of Certified Public Accountants (AICPA) for cloud and SaaS providers. Internationally, it is widely used as a benchmark for whether a service provider can be trusted with customer data. It evaluates a provider’s internal controls against five Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy.

SOC 2 comes in two types:

  • Type I: at a specific point in time, the auditor evaluates whether the design of the provider’s security controls is sound and has been implemented.
  • Type II: additionally examines whether those controls operate effectively over an extended period.

Nocoly has obtained the Type I report, with an audit-as-of date of 31 May 2026. EY independently reviewed Nocoly’s information security management system and issued the report, which is valid for 12 months and renewed on an annual basis.

What this means for you

Nocoly takes a systematic approach to information security, operating an Information Security Management System (ISMS) that spans access control, data protection, change management, operations security, and incident response — turning day-to-day security practices into executable, auditable controls. The SOC 2 Type I audit is an independent third party’s confirmation that this system is soundly designed and has been put into practice. For customers, this delivers three concrete assurances:

  • Greater confidence in entrusting your data: access, encryption, isolation, and backup of customer data operate within a documented, traceable framework, independently verified by a third party.
  • Lower evaluation and procurement cost: for enterprise security due diligence, a SOC 2 report issued by a Big Four firm significantly reduces repetitive questionnaires and manual evidence-gathering.
  • A foundation for continuous improvement: systematic security governance is not a one-time checkbox but an ongoing practice, laying the groundwork for future capability upgrades.

What’s next

As our security program continues to operate, Nocoly will pursue SOC 2 Type II, in which the auditor assesses the sustained effectiveness of controls over a continuous period — advancing from “well-designed” to “consistently effective.”

Information security has no finish line. Nocoly will keep investing to put every customer’s data security first and to deliver a trustworthy low-code platform, reliably and over the long term.

Enterprise customers who would like details of our SOC 2 report can reach us via our website or your account consultant.

 

About Nocoly

Nocoly is founded by a group of  enterprise software industry veterans, who believe many of the industry’s problems need to be addressed by different ways.

  • –  DevOps is getting extremely expensive for both ISVs and end customers.
  • – Enterprise suite apps are too complicated to implement in many occasions.
  • – The people who has the business know how and the people who can develop apps are always departed.

Nocoly’s flagship product, Hyper Application Platform (HAP) is a response for all above challenges. It starts from a No Code application building approach, and expand its capability by adding Hyper Automation and Integration features. This versatility makes HAP a handy tool when solve variety of digital management problems. 

With Cloud Native architecture, HAP is so easy to be installed on customer’s own cloud. On Premise is not expensive any more. You can even get a buy-out pricing option to dramatically reduce your IT spending and subscription burden.

Also, our production innovation optimizes business model. VAR partners can participate into HAP’s ecosystem to build their own vertical solutions and achieve much higher return on investment. 

There are still many heavy and expensive stuff in enterprise digitization domain, such as big data, internet of things, analytics and AIGC implementation. Nocoly’s mission is to make more of them nocoly. 

Our product is already in many clouds worldwide. Getting HAP up and running is easy and quick.  Jump to our SaaS signup or install on your own server can be minutes away. Begin your HAP story today.