Airclerk is building the trust posture required to support Claude implementation in regulated financial and professional services across New Zealand and Australia. Security, governance and auditability are treated as central to implementation - not as a later phase.
Airclerk is actively pursuing ISO 27001 and SOC 2 Type 2 as part of our commitment to supporting regulated financial and professional services customers.
Information security management system. Programme underway with target certification within 12 months.
Security, availability and confidentiality. Controls implemented; audit window starting.
Source control, code review, dependency scanning and release controls aligned with secure development practice.
Formal subprocessor list and review cadence. Material providers documented and contracted.
Documented incident response and breach notification process with named owners.
SSO, MFA, least privilege, periodic access reviews and joiner/mover/leaver discipline.
The Airclerk MCP and its audit trail can be hosted by Airclerk with per-tenant isolation, or deployed single-tenant into your own Azure tenant on request.
We provide a security and governance pack to assist procurement, risk and security teams during vendor onboarding. Includes policy excerpts, subprocessor list, architecture overview and AI governance principles.
No. Airclerk does not train its own foundation models on customer data, and where available we configure the third-party AI providers we implement to disable the use of customer data for model training or improvement. Data-handling documentation is available on request.
Both are in progress. Airclerk is actively pursuing ISO 27001 and SOC 2 Type 2 — controls are implemented and the audit windows are underway. Secure SDLC, vendor management, incident response and access control are already active. Our security and governance pack documents the current status.
The Airclerk MCP and its audit trail can be hosted by Airclerk with per-tenant isolation, or deployed single-tenant into your own Azure tenant on request. We maintain a formal subprocessor list and review cadence.
Yes. We have standard NDA and DPA templates, support DPIAs, and are comfortable working under customer paper.
Request it through our contact page. The pack assists procurement, risk and security teams during vendor onboarding and includes policy excerpts, the subprocessor list, an architecture overview and our AI governance principles.