We are pleased to announce the publication of ER-040 “Report on Information Security Management System (ISMS) for Aviation Organizations”.

ER-040 is a report providing guidance in addressing a management system for Information Security that supplements the current Safety Management System. It responds to the need for consistent information security solutions across the supply chain.

This report is intended to establish the best practices for securing aviation, ensuring consistency and minimum levels of information security throughout the supply chain, and establishing a common understanding to ease audit overhead on all stakeholders. This document is intended to supplement and provide additional guidance in support of the European Union Aviation Safety Agency (EASA) Part-IS Acceptable Means of Compliance (AMC) & Guidance Materials (GM).

Kudos to the dedicated members of WG-72 Aeronautical Systems Security, chaired by Alain Combes (Airbus Group) and Nikita Johnson (Rolls-Royce), as well as RTCA SC-216, for their outstanding contributions!

You can download the document here.