The CAA ASSURE scheme
The Civil Aviation Authority (CAA), alongside the Department of Transport and the National Cyber Security Centre (NCSC) have developed the ASSURE program, an accredited cybersecurity audit scheme for the aviation sector (Airlines, Airport operating businesses, Air Navigation Service Providers). The ASSURE program is part of the UK’s National Cyber Security Strategy and is the first industry-specific application of the EU’s Directive on security of network and information systems (NIS) which became UK law in 2018.
The scheme is designed to allow the aviation industry to manage cybersecurity risks without compromising aviation safety, security, or operational resilience.
Your ASSURE Cyber Security Assessor
Claranet Cyber Security are an accredited ASSURE Cyber Security Assessor we offer end-to-end audit journey for an aviation organisation across all three specialisms via our experienced, qualified cyber professionals.
- Cyber audit and risk management
- Technical Cyber Security Expert
- Industrial Control Systems, operation technology expert
Our solutions provide the right data security foundation to protect your customer data and prevent data breaches that could put you out of business.
Who does ASSURE apply to?
- Airport operating businesses
- Air Navigation Service Providers
Cyber Security Oversight Process for Aviation (CAP1753)
ASSURE Cyber Audit
Step 4 of CAP1753 requires an ASSURE Cyber Audit. Audits can only be provided by accredited ASSURE suppliers and provide an independent validation of the Cyber self-assessment completed by the aviation organisation in Step 3.
The audit is evidence-based, through observing processes in practice, sampling, conducting interviews and reviewing policies and other relevant documentation provided by the aviation organisation. Upon completion of the audit, a report is issued to the aviation organisation and a debrief call with the CAA is held.
Simple to get started - initial discussions and easy scoping process fully supported by our experienced team
Expertise - service provided by experts in Cyber Audit & Risk Management, Technical Cyber Security and Industrial Control Systems/Operational Technology
Defined timescale - every engagement includes dedicated and scheduled time with the Cyber Professionals team
Remote & onsite delivery - Some ASSURE Cyber Audits can be delivered remotely meaning greater flexibility
CREST accredited - our service has been fully approved and certified by CREST and the CAA
How we work with you
Simply contact us to start the scoping process and our team will determine the number of days required, based on number of in-scope systems, number of individuals that need interviewing and the number of physical locations for any onsite work.
You will quickly receive a quote from your Claranet Cyber Security account manager.
We will work with you to get your ASSURE Cyber Audit underway as quickly as possible and notify the CAA of the upcoming engagement.
Our ASSURE Cyber Professionals will work with you to ensure they have access to all of the required supporting documentation and evidence from the CAF self-assessment. Upon completion of the engagement the audit team will attend a debrief call with the CAA to provide feedback.
Once complete, you are provided with a report that meets all the requirements of the CAA for ASSURE Cyber Audits.
Why Claranet Cyber Security
We help you through the entire ASSURE Cyber Audit process wherever you may be on your journey.
Claranet Cyber Security has a reputation for technical innovation and excellence. Our expertise and knowledge are built not only on the skills of our people, but also on the highest industry standards. You can be assured that our practices, processes and competencies meet all the key industry accreditations and that you will receive the highest quality of service for your business requirements.
Penetration testing, managed security services, and hacking training