Tag: Innovation and Development

Ensuring Aviation Safety & Cybersecurity Compliance in 2025: What You Need to Know

Posted on February 7, 2025 by - Blog

EASA PART IS REGULATION

As the aviation industry continues to evolve, 2025 brings a wave of significant cybersecurity regulatory changes that Safety, Risk, and Compliance Officers must navigate to ensure operational efficiency and regulatory compliance. With new mandates from global authorities such as ICAO and EASA, staying informed is critical and being proactive ensures seamless compliance.

Cybersecurity Regulatory Changes in 2025

ICAO Cybersecurity Strategy

The International Civil Aviation Organization (ICAO) has been at the forefront of aviation cybersecurity efforts. Its Aviation Cybersecurity Strategy, first introduced in 2019, is built on seven key pillars:

  • International Cooperation
  • Governance
  • Effective Legislation and Regulations
  • Cybersecurity Policy
  • Information Sharing
  • Incident Management and Emergency Planning
  • Capacity Building, Training, and Cybersecurity Culture

In 2022, ICAO updated its Cybersecurity Action Plan, urging states to implement rules to manage aviation safety risks from cybersecurity events. As we enter 2025, many jurisdictions are still working to align with these requirements.

EASA Part-IS Regulation

The European Union Aviation Safety Agency (EASA) has taken significant steps to address cybersecurity threats through the Part-IS Regulation, which mandates aviation organizations to:

  • Identify, assess, and manage information security (IS) risks impacting aviation safety.
  • Implement an Information Security Management System (ISMS) within their operations.

Compliance Deadlines:

  • October 2025 – Applicable to Production Organizations (EASA Part 21).
  • February 2026 – Applicable to Air Operators and Maintenance Organizations.

For Safety, Risk, and Compliance Managers, this regulation is vital as it directly impacts an organization’s approval to operate and extends compliance responsibilities into IT activities. For more information on EASA Part IS and what it means for your airline, check out our detailed guide EASA Part-IS Regulation: Navigating the New Skies of Cybersecurity Regulations

Steps to Developing an Effective Information Security SMS

To meet these regulatory requirements, aviation organizations should follow a structured approach, here we also share some ways SafetyNet by Comply365 helps support airlines in this effort:

  1. GAP Analysis: Conduct an internal audit to identify IT systems and functions that could impact aviation safety.
    •  SafetyNet by Compl365 helps to document findings and raise corrective actions.
  2. System Updates: Assess risks and document the necessary controls and mitigations.
    •  SafetyNet by Comply365 centralizes all compliance tracking.
  3. Stakeholder Collaboration: Involve cross-functional teams in planning and training to ensure seamless integration.
    • SafetyNet and DocuNet for improved communication and documentation sharing.
  4. Monitor & Adjust: Continuously capture potential incidents to refine and enhance ISMS effectiveness.
    • SafetyNet analytics via PureIntel by Comply365 helps identify trends and inform proactive adjustments.

Best Practices for Ongoing Compliance

Staying compliant is an ongoing process that requires strategic planning and technological support. Engaging the best SMS partners to help address the ongoing safety compliance needs will be essential. Some best practices include:

  • Implementing an Advanced Safety Management Solution: Automate processes to reduce manual effort and human error.
  • Staying Informed: Keep track of evolving regulations through centralized compliance resources.
  • Leveraging Data: Utilize analytics tools such as PureIntel by Comply365 to drive data-based decision-making.
  • Fostering a Safety Culture: Promote compliance awareness at all organizational levels to embed a safety-first mindset.

Ensuring Compliance Beyond 2025

Compliance doesn’t stop once the initial regulatory deadlines are met. Solutions like SafetyNet by Comply365, alongside tools like DocuNet and PureIntel, empower aviation organizations to stay ahead of evolving regulations while optimizing operational efficiency.

By integrating cybersecurity risk management with existing compliance processes, organizations can ensure sustained regulatory alignment and a strong safety culture across the entire operation. Are you ready to meet the cybersecurity challenges of 2025? Start preparing today and ensure your organization remains consistently compliant, efficient, and resilient.

Detailed Guide Here

Alaska Airlines partners with Comply365 to Power Operational Excellence

Posted on February 4, 2025 by - News

Alaska Airlines partners with Comply365 to Power Operational Excellence

Beloit, WI / Bristol, England / Seattle, WA – Feb. 4, 2025 – Comply365, a leading global provider of document management, compliance, training and safety management solutions for the aviation, rail and defense industries, today announces a new partnership with Alaska Airlines to implement the DocuNet platform across the airline’s operations.

The selection of DocuNet signifies the beginning of an exciting partnership with Alaska Airlines to modernize and streamline operations, improve crew productivity, and increase compliance across the airline’s technical publication’s ecosystem. The DocuNet platform enables the ability to author, distribute, and view all operational content in a single integrated platform, empowering crews to access critical information anytime, anywhere – whether on the ground or in the air.  The platform is designed to improve operational workflows and reduce manual processes across the end-to-end technical publications lifecycle, combined with highly intuitive and user-centric interfaces for all channels and devices.

“As an airline hyper focused on operational performance and caring for our guests, Alaska is continuously looking for innovative ways to enhance efficiency across our business,” said Terry Walters, Director of Fleet Tech Support at Alaska Airlines. “DocuNet by Comply365 will empower our teams to quickly access and manage essential documents, improving compliance and accelerating processes – for the benefit of our employees and our guests.”

“We are delighted to partner with Alaska Airlines to support their mission of operational excellence,” said Ilia Kostov, CEO of Comply365. “With our extensive global customer base, Alaska Airlines joins a powerful community of airlines worldwide who leverage DocuNet to streamline operational content management, and we look forward to helping Alaska Airlines to achieve new heights in efficiency and operational agility.” 

About Comply365
Comply365 is a leading provider of Operational Content Management, Safety Management and Training Management in the highly regulated industries of aviation, defense, rail and space. Comply365 provides a powerful combination of expertise and products underpinned by unified best practices, empowering its customers to elevate operational excellence, transform safety management and training management, with closer integration of relevant data sets across domains. Comply365 product portfolio ensures its customers’ crews and assets are always geared for peak operational performance, unlocking unparalleled financial and operational gains through more streamlined, robust and agile operations. Comply365 is the trusted technology partner of many of the most progressive aviation, defense, rail and aerospace organizations worldwide. For more information, please visit comply365.com.

Comply365 And Vistair To Unify Brands As Comply365 With Strategic Rebrand Focused On Operational Transformation In Aviation, Defense & Rail

Posted on June 4, 2024 by - News

The unified brand of Comply365, effective immediately, reflects the company’s wider market offering empowering airline, rail and defense organizations with the only, all-in-one compliance, safety, training and data platform designed to keep customers’ teams and assets always geared for peak operational performance.

Beloit, US, and Bristol, UK – June 4, 2024 —Comply365 and Vistair, who announced their merger in January this year, today revealed that they are consolidating their two brands into a single entity under the Comply365 name.

The new Comply365 offers an even stronger, more powerful combination of expertise and products underpinned by unified best practices, providing airlines, rail and defense organizations with a single digital platform to elevate operational excellence, transform safety management and training, with closer integration of relevant data sets across domains.

The unified digital platform by Comply365 ensures robust compliance within highly regulated and dynamic markets, removes operational data blind spots, and enables customers to unlock unparalleled operational efficiencies. It unshackles teams from a siloed approach with disconnected data by proving a more holistic, informed, and forward-looking view of operational data, enabling teams to deliver at the highest performance standards.

Rob Morgan, CEO of Comply365 said, “Following the merger of Comply365 & Vistair, and coming together under the unified brand as Comply365, we will retain the core values and principles that have defined our success to date, while leveraging our combined expertise and strengths to set new benchmarks in operational performance for our customers. As the company continues to embark on this transformative journey, our customers can expect accelerated product innovation, deeper insight into industry best practice, and unwavering commitment to excellent customer service – all of which combine to unlock unparalleled financial and operational gains for our customers through more streamlined, robust and agile operations.”