Sofema Aviation Services (SAS) is considering the development of an EASA Part 145 Information Security Management (Cyber) System to ensure compliance while maintaining the existing headcount. Introduction In an EASA Part 145 organization, where recruitment is constrained, cyber security responsibilities must be managed effectively by leveraging existing resources, optimizing processes, and implementing automation. A typical EASA Part 145 organization with 100 employees can meet cyber security responsibilities under IS.I.OR.240 without additional recruitment by…

Sofema Online (SOL) examines key aspects of Cultural Resistance in the implementation of cybersecurity within EASA Part 145 organizations. Introduction – Understanding Cultural Resistance in Cybersecurity One of the biggest challenges in implementing Information & Cyber Security within an EASA Part 145 organization is cultural resistance. Many aviation maintenance personnel, including engineers, technicians, and administrative…

Sofema Aviation Services (SAS) considers key elements related to Cyber Security Compliance within an EASA Part 145 Organisation. Regulation (EU) 2023/203, specifically IS.I.OR.240, mandates a structured and accountable approach to cybersecurity. Recognizing the critical role of robust cybersecurity practices requires EASA Part 145 organizations to understand duties, accountabilities, and responsibilities to maintain compliance and safeguard sensitive information. This document provides a breakdown of key roles—Accountable Manager, Nominated Post Holder, Business Area Manager,…

Sofema Online (SOL) considers the training requirements to support EASA Part 145 Organizations in respect of Information and Cyber Security Introduction to the Primary Objective – Ensure all levels of staff understand their roles and responsibilities in managing cyber security risks in compliance with Regulation (EU) 2023/203. Accountable Executive & Leadership Team (C-Level) Duration: 1 Day (Executive Briefing) Target Audience: Accountable…