CAA ASSURE Audits
CAA ASSURE audits are required for all aviation organisations that are regulated by the Civil Aviation Authority (CAA) under the Cyber Security Oversight Process for Aviation (CAP 1753). The focus of this process is to improve the cyber security maturity of organisations by ensuring that there is proportionate and effective oversight of its cyber security risks. CAA ASSURE audits provide the following benefits.
- Ensure compliance with Civil Aviation Authority requirements
- Reduce the risk of security breaches of key Operational Technology and Process Control Networks
- Maintain continued availability of critical technology and key safety controls
- Increase visibility of areas within the organisation needing further focus
Prism Infosec is one of a small number of Civil Aviation Authority, National Cyber Security Centre and CREST-approved CAA ASSURE audit service providers. Our ASSURE team have many years of experience working with civil aviation and other transport sectors and have a proven pedigree in delivering consistent, pragmatic and safety focused audits of critical Operational Technology (OT) and Process Control Networks (PCNs).
Each in scope aviation organisation, when deemed applicable by the CAA, will need to procure an ASSURE cyber audit from an accredited ASSURE Cyber Supplier such as Prism Infosec.
ASSURE Cyber Professionals are each accredited in one or more, of the following three specialisms (all specialisms must be present for an ASSURE Cyber Audit):
- Cyber Audit & Risk Management;
- Technical Cyber Security Expert; and/or
- Industrial Control Systems/Operational Technology Expert
Prism Infosec can also support smaller organisations to provide a virtual Responsible Security Manager (vRSM) on a fixed term flexible basis to assist aviation organisations to complete their Cyber Assessment Framework (CAF) forms.
Email Prism Infosec, complete our Contact Us form or call us on 01242 652100 and ask for Sales to setup an initial discussion.
To validate our ASSURE accreditation, visit the CREST website.
request a callback
Additional services in this category
- Cyber Maturity Assessment
- GovAssure
- Virtual Chief Information Security Officer Service
- ISO 27001 Compliance and Consultancy Services
- PCI-DSS Qualified Security Assessor Services
- Threat and Impact Analysis
- Cyber security advice
- Compliance Framework Assessments
- GDPR and Data Protection Compliance
- eCommerce Risk assessments
- Cyber Incident Exercising
- Secure architecture review and design
- Cyber Security policy production
- Cyber Risk Management
