ASSURE Cyber Audit icon

ASSURE Cyber Audit

Expert consultancy for the aviation industry to meet CAA cyber security regulations, manage risk, and ensure operational resilience

The CAA ASSURE scheme

The Civil Aviation Authority (CAA), alongside the Department of Transport and the National Cyber Security Centre (NCSC) have developed the ASSURE program, an accredited cybersecurity audit scheme for the aviation sector (Airlines, Airport operating businesses, Air Navigation Service Providers). The ASSURE program is part of the UK’s National Cyber Security Strategy and is the first industry-specific application of the EU’s Directive on security of network and information systems (NIS) which became UK law in 2018.

The scheme is designed to allow the aviation industry to manage cybersecurity risks without compromising aviation safety, security, or operational resilience.

Your ASSURE Cyber Security Assessor

Claranet Cyber Security are an accredited ASSURE Cyber Security Assessor we offer end-to-end audit journey for an aviation organisation across all three specialisms via our experienced, qualified cyber professionals.

  1. Cyber audit and risk management
  2. Technical Cyber Security Expert
  3. Industrial Control Systems, operation technology expert

Our solutions provide the right data security foundation to protect your customer data and prevent data breaches that could put you out of business.

Who does ASSURE apply to?

  • Airlines
  • Airport operating businesses
  • Air Navigation Service Providers

Cyber Security Oversight Process for Aviation (CAP1753)

ASSURE Cyber Audit

Step 4 of CAP1753 requires an ASSURE Cyber Audit. Audits can only be provided by accredited ASSURE suppliers and provide an independent validation of the Cyber self-assessment completed by the aviation organisation in Step 3.

The audit is evidence-based, through observing processes in practice, sampling, conducting interviews and reviewing policies and other relevant documentation provided by the aviation organisation. Upon completion of the audit, a report is issued to the aviation organisation and a debrief call with the CAA is held.

Key Features

Simple to get started - initial discussions and easy scoping process fully supported by our experienced team

Expertise - service provided by experts in Cyber Audit & Risk Management, Technical Cyber Security and Industrial Control Systems/Operational Technology

Defined timescale - every engagement includes dedicated and scheduled time with the Cyber Professionals team

Remote & onsite delivery - Some ASSURE Cyber Audits can be delivered remotely meaning greater flexibility

CREST accredited - our service has been fully approved and certified by CREST and the CAA

How we work with you

Scope

Simply contact us to start the scoping process and our team will determine the number of days required, based on number of in-scope systems, number of individuals that need interviewing and the number of physical locations for any onsite work.

Quote

You will quickly receive a quote from your Claranet Cyber Security account manager.

Schedule

We will work with you to get your ASSURE Cyber Audit underway as quickly as possible and notify the CAA of the upcoming engagement.

Deliver

Our ASSURE Cyber Professionals will work with you to ensure they have access to all of the required supporting documentation and evidence from the CAF self-assessment. Upon completion of the engagement the audit team will attend a debrief call with the CAA to provide feedback.

Report

Once complete, you are provided with a report that meets all the requirements of the CAA for ASSURE Cyber Audits.

Why Claranet Cyber Security

We help you through the entire ASSURE Cyber Audit process wherever you may be on your journey.

Claranet Cyber Security has a reputation for technical innovation and excellence. Our expertise and knowledge are built not only on the skills of our people, but also on the highest industry standards. You can be assured that our practices, processes and competencies meet all the key industry accreditations and that you will receive the highest quality of service for your business requirements.

Our accreditations

Crest
Check
Cyber essentials
ISO 27001
CEH Accreditation
CCISO Accreditation
CISSP Accreditation
CRISC Accreditation
OSCE Accreditation
OSCP Accreditation

Penetration testing, managed security services, and hacking training