Civil Aviation Authority ASSURE

Find an ASSURE Cyber Professional to conduct an ASSURE Cyber Audit of your aviation organisation

Become an ASSURE Cyber Professional accredited to conduct Cyber Audits

Find details of ASSURE cyber audit related processes and requirements

Maritime Cyber Baseline Logo

What is the CAA ASSURE scheme?

The ASSURE program is the Civil Aviation Authority’s (CAA) accredited cyber security audit scheme for the aviation sector.

The ASSURE Cyber Audit is one of six steps that make up the Cyber Security Oversight Process for Aviation. Aviation entities that are in scope will be asked by the CAA to assess their relevant systems against the Cyber Assessment Framework for Aviation (CAF for Aviation). The self-assessment is then audited by an accredited third-party ASSURE Cyber Supplier. The ASSURE scheme sets out a structure for how audits should be conducted. It also utilises commercial suppliers, many of whom are well known to the aviation sector, bringing current knowledge and a wealth of experience to deliver independent validation.

ASSURE applies to:

  • UK Airlines
  • Airport Operating Businesses
  • Air Navigation Service Providers
people at a boarding gate

Why was it developed?

In 2018 the NCSC published the first release of the Cyber Assessment Framework, now commonly referred to as the CAF. The framework was intended for the use of organisations that play a vital role in the day-to-day life of the UK; organisations that formed part of the Critical National Infrastructure (CNI), or subject to certain types of cyber regulation, including the Security of Networks & Information Systems (NIS) regulations.

The best-known regulator to adopt the CAF to strengthen security and gain over-sight, has been the Civil Aviation Authority.  The CAA created their ASSURE scheme for the aviation sector by utilising the CAF to carry out cyber resilience assessments.  The scheme is designed to allow the aviation industry to manage cybersecurity risks without compromising aviation safety, security, or operational resilience whilst ensuring compliance with applicable regulations.

BSI Logo UK Cyber Security Council We are a Living Wage Employer National Cyber Awards 2022 Winner Armed Forces Covenant Cyber First Support