As technology improves, organisations are replacing traditional paper manuals with digital systems. Operators noted that industry would like clearer guidance on how to maintain compliance.
What can operators do?
Approved Maintenance Organisations (AMOs) operating under CASR Part 145 should manage the transition from paper to digital systems using their Safety Management System (SMS) and compliance processes.
Electronic records, digital certification, and maintenance systems bring benefits but also new risks that you must control.
AMOs should:
- set clear governance and controls for digital systems
- ensure you control secure and maintain full traceability with software, records and sign-off tools
- make sure electronic records and signatures meet CASR Part 145 requirements for authenticity, integrity and retention
- identify and manage digitisation risks through the SMS (e.g. system outages, data errors, cyber threats, usability issues)
- train staff in using digital tools and understanding related risks, including human factors like workload and error prevention
- apply Management of Change (MoC) processes when introducing or updating digital systems
- ensure systems are reliable and have backup arrangements (e.g. redundancy, offline access, manual fallback)
- stay engaged with industry and regulators to share experience and keep practices up to date.
What are we doing and what have we already delivered?
We recognise the increasing use of digital systems and emerging technologies in the maintenance sector. We are supporting industry to stay compliant under CASR Part 145 through several activities.
These include:
- providing regulatory guidance and advisory material
- publishing guidance on how existing rules apply in digital systems, including electronic records, signatures and maintenance systems
- using a performance-based, technology-neutral regulatory approach so AMOs can adopt digital solutions if they meet requirements for record integrity, traceability and reliability
- engaging with industry through forums, workshops and working groups to understand challenges and improve guidance
- including digital systems in surveillance and audits, focusing on risks like data integrity, access control and system resilience
- supporting standardisation and best practice through national and international collaboration, including alignment with ICAO standards and other regulators
- continuing to develop guidance and policy on emerging risks such as cybersecurity, software assurance and advanced data systems.