EASA requirements

Introducing Information Security Management System (ISMS) within European Airports in Compliance with EASA Requirements

read more
Information Security Management System blog image

June 18, 2025

Steven Bentley

Sofema Aviation Services (SAS) Considers Aerodrome Information Security Management System (ISMS) obligations to be observed by Feb 2026 Introduction In today’s increasingly interconnected aviation landscape, the risk to information systems is growing rapidly. With the proliferation of digital infrastructure supporting critical airport functions—from airside operations to baggage handling—the need for a robust Information Security Management…

EASA Compliance Audits – Addressing Difficult Auditees who Hide Data, Information or Product

read more
EASA compliance audit blog image

June 16, 2025

Steven Bentley

Sofema Aviation Services (SAS) considers the challenges related to effective EASA compliance audit oversight Reality Check – Attempting to hide information during an audit is not only a red flag but may constitute a reportable occurrence depending on the impact on safety or compliance. As a Compliance Auditor, you must remain impartial but firm, safeguard…

Aviation Emergency Response – Balancing Transparency with Privacy Concerns – Especially Regarding Victims and Their Families

read more
Aviation Emergency blog image

June 02, 2025

Steven Bentley

Sofema Aviation Services (SAS) understands the need for compassion & respect when managing aviation emergency events & situations Introduction Compassionate Transparency is the goal—one that respects the rights and dignity of victims and their families while maintaining public trust and meeting regulatory obligations. We must strive to promote the view that professionalism and balance is…

Identifying ISMS Compliance Gaps within Organisational Business Areas

read more
ISMS Compliance blog image

April 28, 2025

Steven Bentley

Sofema Aviation Services (SAS) considers areas of key exposure related to the implementation of ISMS As well as demonstrating compliance with Regulation (EU) 2023/203, Operators should focus on reducing exposure to cyber risks and operational disruptions, by improving business resilience and safety in line with EASA requirements. Finally, Operators should aim to strengthen stakeholder confidence…

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.