Sofema Aviation Services (SAS) Considers the key elements of EASA Information & Cyber Security Regulatory Obligations Introduction Commission Delegated Regulation (EU) 2022/1645 establishes requirements for managing information security risks with a potential impact on aviation safety. It applies to Part 21 Design Organisations (DOs) and Production Organisations (POs), requiring them to implement an Information Security…

Sofema Aviation Services (SAS) Considers the Elements to be considered related to Information & Cyber Security Auditing within an EASA Part 145 Organisation As cybersecurity becomes a regulatory focus, EASA Part 145 audits will incorporate cyber resilience checks within maintenance organizations. National Aviation Authorities (NAAs) and internal compliance managers will be responsible for assessing the security of maintenance data, IT systems,…

Sofema Aviation Services (SAS) www.sassofia.com is pleased to share that a new course has been added to our training portfolio: Part 145 Cyber Security Implementation – 2 Days Available as a Classroom or Webinar training* – Register at [email protected] *New – Participants can now enrol Free of Charge (FOC) in a complementary 1-day Sofema Online (SOL) training to enhance their learning experience. What…

Sofema Aviation Services (SAS) is considering the development of an EASA Part 145 Information Security Management (Cyber) System to ensure compliance while maintaining the existing headcount. Introduction In an EASA Part 145 organization, where recruitment is constrained, cyber security responsibilities must be managed effectively by leveraging existing resources, optimizing processes, and implementing automation. A typical EASA Part 145 organization with 100 employees can meet cyber security responsibilities under IS.I.OR.240 without additional recruitment by…