We can independently check your development artifacts and verification evidence as a Certification Verification Engineer (CVE) in your design organisation. We have worked as CVEs in the domains of Software and Safety in design organisations before and we are ready to offer this service for systems as well. Read more on our Systems Engineering services, our Safety services, and our Software services.

Information Security (IS) addresses information security, including non-IT based security, at the organizational level. And is mandated by regulation such as EU regulation 2022/1645 (for design and production organizations and others) or 2023/203 (for maintenance organizations and others). The requirements defined in these regulations are commonly referred to as Part-IS.

The scope is on the organization itself and the handling of information security, supporting guidance is given by several accepted industry standards:

• ED-201A/DO-391 for organizational aspects of the stakeholders involved (authorities, design organizations, suppliers),
• Standards also referenced in Product Cyber Security (ED-202B, ED-203A, ED-204A, ED-206) for risk assessments, continued airworthiness aspects and event reporting.

Setting up the required Information Security Management Systems (ISMS) for your organisation can be a daunting task. Especially with Information Security, tailored solutions, that consider your company’s size, setup and history, are important. Otherwise, either inadequate means are implemented, or overburdened solutions are selected, which add a lot of unnecessary effort. IDA can support you with expertise in this endeavour, addressing the various aspects of Part-IS.

See more on details on Information Security here.