Let AbedGraham guide you.
Aviation & Aerospace
Aviation systems manufacturers and government agencies must ensure that the development and implementation of aerospace systems are safe and cyber-resilient.
Which standards matter in aviation?
The most prominent standards the technology suppliers and aerospace facilities must consider include:
- Network Information Security Directive 1 & 2 (UK & Europe)
- ISO27001 Information Security Management Systems
- ISO22301 Business Continuity Management Systems
- ISO14002 Artificial Intelligence Management Systems
- ISO9001 Quality Management Systems
Our expertise across all these areas will ensure that your organisation is implementing effective risk management practices.
Ensuring SAfety in flight
Risk management of technology in aerospace and aviation focuses on the preservation of safety standards in the face of malfunction, misuse or cyber-attacks against a range of systems ranging from within aircraft through to air traffic control. Our experts work with organisations to run risk assessments, develop documented policies, conduct audits and review incidents to demonstrate successful compliance with best practice. Key points that all technology suppliers and healthcare providers need to consider include:
-
Have you maintained an up to date asset register of critical technology systems?
-
Have you conducted a detailed, up to date assessment of supply chain participants?
-
Do you maintain an accurate risk register?
-
Do you have a clear threat assessment and vulnerability management plan?
-
Do you have documented and rehearsed business continuity plans for critical technology systems?
-
Have you analysed the risks stemming from new technology products such as AI?
DO I need to comply with all standards?
Depending on which jurisdictions you operate in then certain standards will be mandatory. It is strongly recommended that all organisations prepare technology risk management documentation based on ISO standards as these are recognised globally as markers of compliance that align with the majority of national and regional regulations.
Here at The AbedGraham Group, we can help you to navigate risk management standards and requirements, so get in touch to find out more.
How We Ensure
Compliance
Ensuring your organisation is fully compliant with best practice standards and requirements involves a structured core methodology we have implemented and implemented over a decade with technology companies and government agencies:
1. Baseline AUDIT
Step 1 involves a baseline audit of your existing policies, procedures and documentation through a series of workshops, document reviews and detailed checklists. Completion of this stage leads to the production of a gap-analysis report outlining your existing compliance status and a project plan to address shortfalls.
2. Risk analysis & documentation
Step 2 involves an extensive review of all technology related product and organisational risks including quantification, prioritisation and the development of risk controls in line with the relevant standard your organisation is aligning to. These will be documented in a risk management document portfolio which will include details descriptions of new policies and procedures being implemented to mitigate identified risks. The document portfolio can be shared with customers, partners and regulators to demonstrate compliance.
3. Re-audit
After 3-9 months our consultants will return to audit your organisation to confirm that the policies and procedures from Step 2 have been implemented and that the gaps in compliance maturity from the baseline audit have been addressed effectively. At this stage, it is also possible to request for our team to conduct an audit which will officially certify your organisation against certain standards (subject to ISO auditor availability).
Ready To Speak to One of the team?
If you need help with compliance and risk management partnering with The AbedGraham Group will ensure your applications run smoothly and that you are able to operate in safety critical sectors.