Digital transformation in civil aviation is accelerating. Dependency on Information Technology (IT) is ever-increasing, but if not properly implemented, could introduce vulnerabilities and risks, impacting operations, safety, security, and airworthiness.
Many cyber security regulations worldwide are being articulated, augmenting challenges to compliance as harmonization is often not a priority amongst different regions. In this context, IATA is developing its IOSA Standards and Recommended Practices (ISARPs) for Cybersecurity for Safety, Security and Airworthiness (CSSA) so that the airline industry has a set of requirements harmonized for Operators. IATA is now introducing relevant guidance materials, to help the industry in its effort to increase its posture and maturity via IATA’s Aviation Cybersecurity Library.
The Aviation Cybersecurity Library contains the following guidance:
- Cybersecurity Risk Assessment Guidance Material (CRAGM)
- Cybersecurity Supply Chain Oversight Guidance Material (CSCOGM)
Order the Aviation Cybersecurity Library online
The Aviation Cybersecurity Guidance Material are available in digital format. If you are new to the Aviation Cybersecurity Library, please note that new guidance are developed and updated on an as-need basis. Digital products come with automatic updates for the year and a search function that makes finding current information easy.
Contact us if you're interested in an enterprise solution for accessing IATA Publications.
Aviation Cybersecurity Library (CYBER)
Cybersecurity Risk Assessment Guidance Material (CRAGM)
Cybersecurity Supply Chain Oversight (CSOGM)
What’s inside the Cybersecurity Library?
Cybersecurity Risk Assessment Guidance Material (CRAGM)
Cybersecurity Risk Assessment Guidance Material (CSRGM) proposes a minimal and viable cybersecurity risk assessment approach as well as guidelines to support the Operators’ baseline understanding of the cybersecurity risk assessment framework and approach (i.e., methodology and process).
The guidance will primarily support the Operators with the existing IOSA Standards and Recommended Practices (ISARPs) on cybersecurity (ISM Edition 16), as well as newly developed ISARPs from a new discipline, namely Cybersecurity for Safety, Security and Airworthiness (CSSA). Finally, the proposed approach may be useful and support the Operators with other existing regulatory requirements.
Cybersecurity Supply Chain Oversight Guidance Material (CSCOGM)
Cybersecurity Supply Chain Oversight (CSCOGM) provides guidance to Operators expressing a set of cybersecurity best practices and aviation-specific supply chain activities that could be performed in order to assist with their civil aviation supply chain oversight activities.
Additionally, this material will support the Operators with the IOSA Standards and Recommended Practices (ISARPs) of the new discipline named Cybersecurity for Safety, Security and Airworthiness (CSSA). Finally, the proposed approach may be useful and support the Operators with other existing regulatory requirements.