Sofema Aviation Services (SAS) considers key aspects in relation to the process for the Security Risk Assessment identified in ED-202A Section 2.1.1 (PISRA). ED-202A Section 2.1.1 is an acceptable means of compliance for performing the PISRA for products and parts under Annex I (Part 21) to Regulation (EU) No 748/2012. Additional guidance material for the…

Sofema Aviation Services (SAS) considers key elements related to Cyber Security Compliance within an EASA Part 145 Organizations Regulation (EU) 2023/203 was introduced to establish a framework for managing information security risks within the aviation sector, particularly focusing on their potential impact on aviation safety. Note – EASA Part 145 Organizations have until 22 February…

Sofema Online (SOL) takes a deep dive into meeting EASA Information Security & implementation challenges without the need for additional manpower. Introduction IT and cybersecurity are so specific that companies often have to hire new people or even hire outside people to set up, manage and test/audit. Concerns regarding the reliance on external cybersecurity consultants…

Sofema Aviation Services (SAS) is considering the development of an EASA Part 145 Information Security Management (Cyber) System to ensure compliance while maintaining the existing headcount. Introduction In an EASA Part 145 organization, where recruitment is constrained, cyber security responsibilities must be managed effectively by leveraging existing resources, optimizing processes, and implementing automation. A typical EASA Part 145 organization with 100 employees can meet cyber security responsibilities under IS.I.OR.240 without additional recruitment by…