EASA Part 145 Cyber Security Responsibilities – Maintaining Headcount

On February 14, 2025 By Steven Bentley In Blog 0 Comment

Sofema Aviation Services (SAS) is considering the development of an EASA Part 145 Information Security Management (Cyber) System to ensure compliance while maintaining the existing headcount. Introduction In an EASA Part 145 organization, where recruitment is constrained, cyber security responsibilities must be managed effectively by leveraging existing resources, optimizing processes, and implementing automation. A typical EASA Part 145 organization with 100 employees can meet cyber security responsibilities under IS.I.OR.240 without additional recruitment by…

Read more

Cultural Resistance & Staff Awareness in EASA Part 145 Cybersecurity

On February 14, 2025 By Steven Bentley In Blog 0 Comment

Sofema Online (SOL) examines key aspects of Cultural Resistance in the implementation of cybersecurity within EASA Part 145 organizations. Introduction – Understanding Cultural Resistance in Cybersecurity One of the biggest challenges in implementing Information & Cyber Security within an EASA Part 145 organization is cultural resistance. Many aviation maintenance personnel, including engineers, technicians, and administrative…

Read more

Cybersecurity Reporting Procedure for EASA Part 145 Organizations Purpose

On February 13, 2025 By Steven Bentley In Blog 0 Comment

Sofema Aviation Services (SAS) considers reporting methods and criteria within the EASA Part 145 Information Security Management (Cyber) System while maintaining the existing headcount. To establish a unified procedure for managing cybersecurity-related events, ensuring compliance with EU regulations, and safeguarding aviation safety in accordance with Commission Implementing Regulation (EU) 2023/203 and related EASA regulatory frameworks….

Read more