Sofema Aviation Services (SAS) considers reporting methods and criteria within the EASA Part 145 Information Security Management (Cyber) System while maintaining the existing headcount. To establish a unified procedure for managing cybersecurity-related events, ensuring compliance with EU regulations, and safeguarding aviation safety in accordance with Commission Implementing Regulation (EU) 2023/203 and related EASA regulatory frameworks….

Sofema Aviation Services (SAS) considers key elements related to Cyber Security Compliance within an EASA Part 145 Organisation. Regulation (EU) 2023/203, specifically IS.I.OR.240, mandates a structured and accountable approach to cybersecurity. Recognizing the critical role of robust cybersecurity practices requires EASA Part 145 organizations to understand duties, accountabilities, and responsibilities to maintain compliance and safeguard sensitive information. This document provides a breakdown of key roles—Accountable Manager, Nominated Post Holder, Business Area Manager,…

Sofema Online (SOL) considers the training requirements to support EASA Part 145 Organizations in respect of Information and Cyber Security Introduction to the Primary Objective – Ensure all levels of staff understand their roles and responsibilities in managing cyber security risks in compliance with Regulation (EU) 2023/203. Accountable Executive & Leadership Team (C-Level) Duration: 1 Day (Executive Briefing) Target Audience: Accountable…

Sofema Aviation Services (SAS) considers a practical level of engagement for typical Small to Medium EASA Part 145 Maintenance Organisations. Introduction For an EASA Part 145 approved maintenance organization to achieve the integration of cybersecurity into the operational framework, including the Safety Management System (SMS), requires practical, resource-conscious strategies. Adapting a Risk Management Framework Train…