Sofema Online (SOL) takes a deep dive into meeting EASA Information Security & implementation challenges without the need for additional manpower. Introduction IT and cybersecurity are so specific that companies often have to hire new people or even hire outside people to set up, manage and test/audit. Concerns regarding the reliance on external cybersecurity consultants…

Sofema Aviation Services (SAS) Considers the Elements to be considered related to Information & Cyber Security Auditing within an EASA Part 145 Organisation As cybersecurity becomes a regulatory focus, EASA Part 145 audits will incorporate cyber resilience checks within maintenance organizations. National Aviation Authorities (NAAs) and internal compliance managers will be responsible for assessing the security of maintenance data, IT systems,…

Sofema Aviation Services (SAS)  tackles the challenge of addressing cyber security threats within EASA-regulated organizations, focusing on EASA’s STORM (Shared Trans-Organisational Risk Management) Introduction EASA’s STORM initiative—Shared Trans-Organisational Risk Management addresses the interconnected risks within the aviation ecosystem, recognizing that risks cannot be managed in isolation due to the increasing digitization and interdependencies across stakeholders….

Sofema Aviation Services (SAS) www.sasofia.com looks at the steps required to perform a cybersecurity risk assessment in accordance with ISO 27001 to ensure a structured and systematic process to identify, analyze, and evaluate risks. Here’s a step-by-step guidance on how to conduct this assessment: Define the Risk Assessment Framework Develop a Methodology: Decide on the risk…