[BCM] [CAAS] [E3] [PD] [CBF] [9] IT & Cyber Resilience

Business Continuity Recovery Procedure

CBF 9: IT & Cyber Resilience

The Critical Business Function (CBF-9): IT & Cyber Resilience is central to the Civil Aviation Authority of Singapore’s mission of ensuring safe, secure, and efficient aviation operations.

In an increasingly digitalised aviation ecosystem, the continuity of IT systems and cyber defence mechanisms is vital not only for operational efficiency but also for national security, aviation safety, and international regulatory compliance.

This chapter outlines the Business Continuity (BC) Procedures designed to safeguard CAAS’s critical IT and cyber capabilities against disruption.

It establishes structured protocols across three phases—Pre-Crisis Readiness, Immediate Resumption (within T+24 hours), and Full Recovery (after T+24 hours)—to ensure that essential services such as Air Traffic Management (ATM) systems, cybersecurity monitoring, enterprise IT infrastructure, and digital aviation platforms can be sustained or rapidly restored during a crisis.

The procedures apply to all sub-CBFs under CBF-9, including ATM systems resilience, cybersecurity monitoring, critical system backup and recovery, enterprise IT continuity, cloud and third-party services, IT governance, and disaster recovery testing.

Together, these elements form a comprehensive resilience framework to reduce operational downtime, mitigate risks, and uphold the trust of aviation stakeholders, industry partners, and the public.

WHAT: Overview of CBF 9: IT & Cyber Resilience

The IT & Cyber Resilience function ensures that CAAS maintains uninterrupted digital and technological capabilities essential for aviation safety, operational continuity, and regulatory oversight.

Disruptions in IT or cyber resilience could impact air traffic management, regulatory systems, aviation services, and stakeholder trust.

This function safeguards air traffic safety, national aviation security, continuity of services to airlines, airports, and the public, while upholding compliance with international aviation and cybersecurity standards.

Pre-Crisis: Readiness and Preparation Measures

HOW – Proactive Steps to Ensure IT & Cyber Resilience

CBF-9.1 Air Traffic Management (ATM) Systems Resilience

• System Redundancy & Failover
  • Maintain dual-site ATM systems (primary at Changi Airport, secondary at secure backup site).
  • Ensure automatic switchover capability with zero data loss tolerance.
• Testing & Validation
  • Perform quarterly failover simulation drills with real-time air traffic data.
  • Validate end-to-end communication between CAAS, pilots, and ground stations.
• Preventive Maintenance
  • Schedule bi-weekly system health checks.
  • Track performance KPIs (response times, packet drops, latency).
• Readiness Documentation
  • Maintain updated operational manuals for ATM system engineers.
  • Ensure 24/7 duty roster coverage for system administrators.

CBF-9.2 Cybersecurity Monitoring & Threat Response

• Proactive Monitoring
  • Operate a 24/7 Security Operations Centre (SOC) for real-time monitoring.
  • Use AI-driven anomaly detection and threat intelligence feeds integrated with CSA’s national cybersecurity platforms.
• Preventive Hardening
  • Apply zero-trust security architecture across CAAS networks.
  • Regularly update antivirus, firewalls, and intrusion detection signatures.
• Awareness & Training
  • Conduct quarterly phishing simulations for all CAAS staff.
  • Run annual crisis tabletop exercises with the Cyber Incident Response Team.
• Preparedness Indicators
  • Maintain a Cyber Threat Readiness Dashboard displaying vulnerability scores.
  • Ensure SOC escalation playbooks are reviewed monthly.

CBF-9.3 Critical System Backup & Data Recovery

• Backup Strategy
  • Implement daily incremental and weekly full backups for all mission-critical systems.
  • Store data in multi-tiered backup repositories (onsite, offsite, and air-gapped).
• Data Validation
  • Perform monthly restoration drills to validate backup integrity.
  • Tag and log backup sets with checksums for authenticity verification.
• Access Control
  • Restrict backup access to authorised IT personnel under least-privilege principles.
  • Apply encryption (AES-256 or higher) to all backup data.
• Preparedness Testing
  • Ensure that critical aviation data recovery within 2 hours (RTO) is achievable.

CBF-9.4 Enterprise IT Infrastructure Continuity

• Redundancy & Capacity
  • Implement high-availability (HA) network topology across CAAS offices.
  • Maintain dual power sources and UPS systems in all data centres.
• Preventive Maintenance
  • Conduct quarterly vulnerability assessments and annual penetration tests.
  • Track SLA adherence for infrastructure vendors.
• System Monitoring
  • Use centralised monitoring tools (e.g., SIEM, SNMP monitoring).
  • Trigger early warnings for CPU/memory overuse, disk failure, or network congestion.
• Workforce Preparedness
  • Maintain a trained IT on-call team capable of responding within 1 hour to system alerts.

CBF-9.5 Digital Aviation Services Platform (DASP) Resilience

• Platform Stability
  • Configure load-balancing across two or more data centres to prevent bottlenecks.
  • Ensure automated scalability for high-traffic events (e.g., crisis passenger surges).
• Monitoring & Testing
  • Run daily automated API tests for DASP services.
  • Validate disaster failover environments quarterly.
• Stakeholder Assurance
  • Share uptime dashboards with airlines, airports, and aviation service providers.
  • Provide quarterly updates on resilience initiatives.

CBF-9.6 Cloud and Third-Party Service Continuity

• Vendor Resilience Requirements
  • Establish SLAs mandating ≥99.9% uptime for cloud services.
  • Conduct annual third-party resilience and cybersecurity audits.
• Contingency Planning
  • Develop multi-cloud strategies to avoid single-provider lock-in.
  • Maintain contracts with at least two cloud vendors for critical systems.
• Data Sovereignty & Security
  • Ensure sensitive aviation data resides within Singapore-based or CSA-approved cloud regions.
  • Review compliance with PDPA and international aviation data protection standards.

CBF-9.7 IT Governance & Compliance Management

• Policy Framework
  • Maintain ISO 22301-aligned Business Continuity and Disaster Recovery Policy.
  • Conduct annual IT risk register review with updates from system owners.
• Compliance Checks
  • Perform internal audits against ISO 27001, CSA guidelines, and ICAO cybersecurity frameworks.
  • Monitor compliance gaps via dashboards linked to IT audit findings.
• Training & Awareness
  • Run annual compliance workshops for IT and BCM staff.
  • Include regulatory case studies in training to strengthen understanding.

CBF-9.8 Disaster Recovery Planning and Testing

• Planning & Documentation
  • Maintain an updated Disaster Recovery Plan (DRP) with clear activation protocols.
  • Store hard copies of DRPs in both primary and alternate offices.
• Testing Regime
  • Conduct bi-annual full-scale DR drills simulating ATM, IT, and cyber disruptions.
  • Run targeted tabletop exercises quarterly for system-specific failures.
• Continuous Improvement
  • Capture lessons learned in a DR Lessons Log.
  • Update DR playbooks immediately after every exercise or incident.
• Crisis Team Readiness
  • Maintain DRP escalation matrix with designated incident commanders.
  • Ensure all contact lists are updated monthly and verified via call drills.

By strengthening pre-crisis readiness, CAAS ensures that when disruptions occur, IT and cyber resilience measures can be activated immediately with minimal downtime, protecting aviation safety and public trust.

Within T+24 Hours (RESUMPTION PHASE)

Immediate Post-Disruption Actions

Objective: Resume critical IT and cyber functions as quickly as possible (within the defined RTOs) to ensure safe continuation of aviation operations and regulatory services.

CBF-9.1 Air Traffic Management (ATM) Systems Resilience

Immediate Actions

• Activate failover procedures to secondary ATM systems.
• Re-route real-time air traffic data streams to the backup site within 30 minutes of detection.
• Engage on-site engineers to validate synchronisation between primary and secondary systems.

Responsibilities

• ATM Resilience Team Lead: Trigger system failover.
• IT Infrastructure Manager: Confirm backup site connectivity.
• Operations Liaison: Inform Changi Airport, airlines, and ICAO of service continuity.

Communication

• Issue an immediate disruption notice to aviation stakeholders.
• Provide hourly updates until stabilisation is achieved.

Validation

• Run system integrity tests for flight path accuracy and real-time radar data updates.
• Ensure RTO ≤ 1 hour for ATM critical functions.

CBF-9.2 Cybersecurity Monitoring & Threat Response

Immediate Actions

• SOC to identify and isolate compromised networks/systems.
• Implement containment measures (network segmentation, firewall blocks).
• Activate Cybersecurity Incident Response Playbook.

Responsibilities

• SOC Manager: Lead containment and coordinate with CSA (Cyber Security Agency of Singapore).
• Cyber Incident Response Team: Deploy forensic tools to capture evidence.
• BCM Office: Document the initial response timeline.

Communication

• Notify CSA within 1 hour of a confirmed cyber incident.
• Alert internal CAAS leadership (CIO, BCM Head).

Validation

• Confirm threat neutralisation (no ongoing malicious traffic).
• Validate ca lean system baseline before reconnecting to production networks.

CBF-9.3 Critical System Backup & Data Recovery

Immediate Actions

• Identify priority systems for recovery (ATM, DASP, regulatory databases).
• Restore from the latest verified clean backup.
• Conduct system-by-system recovery validation.

Responsibilities

• Data Recovery Lead: Direct restoration activities.
• Database Administrators: Validate restored records for accuracy.
• Application Owners: Test application functionality after recovery.

Communication

• Provide recovery ETA updates to Business Units every 2 hours.
• Report to BCM leadership on systems restored and pending.

Validation

• Ensure data integrity checksums match original source.
• Confirm RPO ≤ 24 hours of data loss for non-ATM systems, zero tolerance for ATM data.

CBF-9.4 Enterprise IT Infrastructure Continuity

Immediate Actions

• Switch to redundant communication lines (satellite backup if terrestrial fails).
• Activate backup generators/UPS to maintain the power supply.
• Engage IT field response teams for hardware/network troubleshooting.

Responsibilities

• IT Infrastructure Team: Execute power and network continuity measures.
• Facilities Manager: Oversee backup energy systems.
• Communications Lead: Coordinate with government telecom providers if needed.

Communication

• Issue infrastructure status updates every 4 hours to the CAAS BCM command.
• Notify vendors of system impacts requiring SLA enforcement.

Validation

• Monitor KPIs (network latency, bandwidth availability, power load).
• Ensure minimal downtime (<2 hours) for enterprise network services.

CBF-9.5 Digital Aviation Services Platform (DASP) Resilience

Immediate Actions

• Reroute user requests to the backup hosting environment.
• Enable emergency traffic throttling/load-balancing to prevent overload.
• Deploy IT engineers to monitor real-time transaction logs.

Responsibilities

• DASP Technical Lead: Oversee failover execution.
• Application Engineers: Validate service API responses.
• Service Desk: Field queries from airlines and industry partners.

Communication

• Issue service continuity advisory to airlines, ground handlers, and regulators.
• Provide public-facing service bulletins via the CAAS website/social channels.

Validation

• Conduct end-to-end transaction testing (user → API → backend systems).
• Ensure aviation stakeholders confirm service availability within 6 hours.

CBF-9.6 Cloud and Third-Party Service Continuity

Immediate Actions

• Trigger vendor DR protocols for affected services.
• If the primary vendor is unavailable, switch to the secondary cloud provider.
• Engage the CAAS Vendor Management Team to enforce SLA escalation.

Responsibilities

• Vendor Liaison Officer: Coordinate with service providers.
• Cloud Engineers: Execute multi-cloud switchover.
• Procurement Team: Monitor compliance with contractual obligations.

Communication

• Notify impacted CAAS business units of third-party service status.
• Provide the incident log to Executive Management within 12 hours.

Validation

• Confirm continuity of essential services (databases, cloud apps, SaaS).
• Ensure SLA obligations (≥99.9% uptime) are upheld during transition.

CBF-9.7 IT Governance & Compliance Management

Immediate Actions

• Document incident in CAAS IT Risk Register.
• Verify regulatory reporting obligations triggered (e.g., PDPA breach notification, ICAO cybersecurity reports).
• Deploy internal auditors to validate incident-handling compliance.

Responsibilities

• IT Governance Officer: Lead documentation and compliance monitoring.
• Internal Audit Team: Review incident actions against ISO 27001/22301 controls.
• BCM Lead: Provide consolidated compliance updates to regulators.

Communication

• Escalate compliance-related findings to CAAS Senior Management.
• Submit a preliminary compliance report within 24 hours of the disruption.

Validation

• Confirm no missed regulatory deadlines or reporting obligations.
• Ensure compliance exceptions are documented with corrective action plans.

CBF-9.8 Disaster Recovery Planning and Testing

Immediate Actions

• Officially activate the Disaster Recovery Plan (DRP).
• Mobilise IT Crisis Management Team under the Incident Commander.
• Establish command centre operations (physical or virtual).

Responsibilities

• Incident Commander: Lead recovery coordination.
• DR Team Leads: Execute respective technical and business recovery tasks.
• BCM Office: Maintain activity logs, decisions, and escalation notes.

Communication

• Provide status updates every 2 hours to Executive Management.
• Coordinate with external partners (CSA, ICAO, Changi Airport Group).

Validation

• Track against predefined Recovery Time Objectives (RTOs).
• Ensure proper logging of all actions for post-incident review.

✅ By executing these resumption procedures within the first 24 hours, CAAS ensures that essential aviation safety and IT systems remain functional, the disruption impact is minimised, and confidence among regulators, airlines, and the public is preserved.

After T+24 Hours (RECOVERY PHASE)

Objective: Ensure that all IT and cyber resilience functions are fully restored to their primary operating environments, service levels return to business-as-usual (BAU), and that lessons learned are integrated into CAAS’s business continuity framework.

CBF-9.1 Air Traffic Management (ATM) Systems Resilience

Recovery Actions

• Reinstate ATM operations from the backup site back to the primary system once stable.
• Conduct a root cause analysis (RCA) of the ATM disruption (hardware, software, human error, or cyber cause).
• Update ATM system patches, firmware, and vendor-supported fixes.

Responsibilities

• ATM System Engineers: Oversee resynchronisation of ATM data.
• Root Cause Analysis Team: Document disruption causes and remediation steps.
• Aviation Safety Liaison: Submit report to ICAO and local aviation partners.

Validation

• Conduct end-to-end operational testing with simulated flight traffic.
• Verify flight data, communications, and radar systems are fully operational.

CBF-9.2 Cybersecurity Monitoring & Threat Response

Recovery Actions

• Complete full forensic investigation of the breach/incident.
• Remove any backdoors, malware, or compromised accounts from affected systems.
• Apply permanent security patches and firewall rule updates to prevent recurrence.

Responsibilities

• Cybersecurity Forensics Lead: Produce a forensic investigation report.
• SOC Manager: Update monitoring signatures and detection rules.
• CIO & BCM Head: Ensure regulatory reporting is completed (CSA, ICAO).

Validation

• Conduct penetration testing to validate that vulnerabilities are closed.
• Confirm system integrity via post-recovery SOC monitoring for ≥72 hours.

CBF-9.3 Critical System Backup & Data Recovery

Recovery Actions

• Complete synchronisation of all restored systems with live operational data.
• Validate the integrity of both primary and backup repositories.
• Update backup schedules and add additional safeguards (e.g., more frequent snapshots).

Responsibilities

• Data Recovery Lead: Oversee data reconciliation.
• Database Administrators: Verify recovery point objectives were met.
• IT Risk Officer: Assess improvements needed in backup protocols.

Validation

• Conduct trial recoveries of non-critical systems to ensure ongoing readiness.
• Confirm all business units report 100% data accuracy after restoration.

CBF-9.4 Enterprise IT Infrastructure Continuity

Recovery Actions

• Restore full IT infrastructure (servers, network, storage) to primary sites.
• Replace or repair any failed hardware components.
• Review the redundancy performance gaps identified during the incident.

Responsibilities

• IT Infrastructure Team: Manage infrastructure restoration.
• Facilities Manager: Oversee energy and cooling system reliability.
• Vendor Partners: Support the replacement of hardware or systems as required.

Validation

• Conduct stress testing for network and power systems.
• Audit infrastructure against baseline performance benchmarks.

CBF-9.5 Digital Aviation Services Platform (DASP) Resilience

Recovery Actions

• Return DASP operations to the primary hosting platform from contingency sites.
• Run end-to-end transaction validation tests across all aviation services.
• Implement long-term enhancements for API monitoring and capacity scaling.

Responsibilities

• DASP Technical Lead: Coordinate return-to-primary procedures.
• Application Developers: Patch vulnerabilities revealed during disruption.
• Service Desk: Provide support to partners during the transition.

Validation

• Confirm full DASP service availability to airlines and airports.
• Obtain user feedback from stakeholders (e.g., airlines, ground handlers).

CBF-9.6 Cloud and Third-Party Service Continuity

Recovery Actions

• Review third-party vendor performance during the disruption.
• Strengthen the multi-cloud resilience strategy and enforce SLA updates.
• Escalate contractual reviews if vendors underperform.

Responsibilities

• Vendor Management Officer: Conduct performance review meetings.
• Procurement Team: Update cloud contracts to strengthen accountability.
• Cloud Engineers: Optimise failover settings for faster transitions.

Validation

• Ensure all third-party systems are back to full production levels.
• Verify audit reports from vendors for compliance and incident response.

CBF-9.7 IT Governance & Compliance Management

Recovery Actions

• Perform compliance checks against ISO 22301 (BCM), ISO 27001 (Cybersecurity), and ICAO cyber guidelines.
• Update the IT Risk Register with post-incident findings.
• Revise policies/procedures based on identified compliance gaps.

Responsibilities

• IT Governance Officer: Lead compliance reviews.
• Internal Audit: Validate recovery adherence to regulatory requirements.
• BCM Lead: Prepare consolidated compliance and recovery report.

Validation

• Submit a compliance report to CAAS Executive Management and regulators.
• Confirm no regulatory obligations were missed or delayed.

CBF-9.8 Disaster Recovery Planning and Testing

Recovery Actions

• Conduct a formal “Lessons Learned” workshop with all recovery teams.
• Update the Disaster Recovery Plan (DRP) to address weaknesses identified.
• Plan and schedule the next full-scope DR exercise within 6 months.

Responsibilities

• BCM Office: Document recovery timelines, gaps, and improvements.
• IT Crisis Management Team: Provide input on technical lessons.
• Training Department: Update BCM training modules with findings.

Validation

• Ensure DRP incorporates updated escalation, communication, and recovery steps.
• Verify readiness through small-scale DR validation drills post-incident.

Summing Up ...

By following these after T+24 Hours recovery measures, CAAS ensures that all IT and cyber resilience capabilities are restored to full operational effectiveness.

This structured recovery process not only reinstates systems and services but also strengthens CAAS’s long-term resilience posture, reducing future risks and reinforcing trust among stakeholders, regulators, and the public.

The BC Procedures for CBF-9 IT & Cyber Resilience provide CAAS with a structured, step-by-step approach to maintaining operational continuity in the face of IT or cyber disruptions.

By addressing preparedness, immediate response, and full recovery measures, these procedures ensure that critical aviation services remain resilient, responsive, and compliant with both national and international standards.

Through proactive readiness, rapid resumption of essential services, and thorough recovery measures, CAAS reinforces its role as a trusted regulator and enabler of Singapore’s aviation ecosystem.

More importantly, these procedures strengthen the organisation’s capacity to withstand future challenges, safeguard air traffic management integrity, and uphold public and stakeholder confidence in Singapore’s aviation resilience.

Resilience Redefined: Implementing BCM at Civil Aviation Authority of Singapore
eBook 3: Starting Your BCM Implementation
MBCO	P&S	RAR T1	RAR T2	RAR T3	BCS T1	CBF
CBF-1 Air Navigation Services
DP	BIAQ T1	BIAQ T2	BIAQ T3	BCS T2	BCS T3	PD

More Information About Business Continuity Management Courses

To learn more about the course and schedule, click the buttons below for the  BCM-300 Business Continuity Management Implementer [BCM-3] and the BCM-5000 Business Continuity Management Expert Implementer [BCM-5].

	Please feel free to send us a note if you have any questions.