We use necessary cookies to make our website work. We'd also like to use optional cookies to understand how you use it, and to help us improve it.

For more information, please read our cookie policy.

UK Civil Aviation Regulations

These are published by the CAA on our UK Regulations pages. EU Regulations and EASA Access Guides published by EASA no longer apply in the UK. Our website and publications are being reviewed to update all references. Any references to EU law and EASA Access guides should be disregarded and where applicable the equivalent UK versions referred to instead.


ASSURE is our third-party audit model. If we require you to have an audit under the ASSURE model, you will need to select a supplier from the list of accredited suppliers, and you will need to arrange the commercial and financial aspects of the audit yourself. ASSURE Cyber Professionals have been accredited to conduct audits on our behalf.

ASSURE suppliers are all accredited by one of two certifying bodies – you can find a supplier through either: CREST or IASME. They are subject to a rigorous and continuous accreditation process under the ASSURE scheme.  

ASSURE Cyber Professionals are each accredited in one or more of the following specialisms:

  • Cyber audit & risk management
  • Technical cyber security experts
  • Industrial control systems/operational technology Expert

All of these specialisms must be represented on an ASSURE audit.

Implementation requirements

Our ASSURE auditors must adhere to the requirements that we defined for the scheme. Our implementation guide sets out clearly what we expect the ASSURE auditor to do, and how we expect them to do it.

You can find the implementation guides here: