Question 1

What are the key differences between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Accepted Answer

AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence has 38 controls across its framework, while CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines covers 42 controls. Direct mapping analysis identifies 3 overlapping controls (8% coverage). The frameworks diverge most significantly in Operation (Clause 8), where 12 AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence controls have no direct CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines equivalent.

Question 2

How many controls map between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Accepted Answer

Of 38 total AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence controls, 3 map directly to CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines controls — representing 8% coverage. The remaining 35 controls represent compliance gaps requiring additional documentation or compensating controls to satisfy both frameworks simultaneously.

Question 3

What are the compliance gaps when mapping AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence to CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Accepted Answer

35 AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence controls have no direct equivalent in CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines. The highest concentration of gaps is in Operation (Clause 8) with 12 unmapped controls. These gaps represent areas where additional controls, policies, or documentation must be created to achieve compliance with both frameworks.

Question 4

Which control domains have the most gaps between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Accepted Answer

The domain with the highest gap count is Operation (Clause 8) (12 gaps). Export the full domain-by-domain gap breakdown via the Professional tier to generate a prioritised remediation roadmap.

AS9100D:2016 — Quality Management Systems for Aviation, Space, and DefencevsCISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines

Control Mappings

Performance Evaluation and Improvement (Clauses 9–10)(2 mappings)

Operation (Clause 8)(2 mappings)

Related Comparisons

Other AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence comparisons

Other CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines comparisons

Stop Paying Consultants to Read Spreadsheets

Popular framework comparisons

What are the key differences between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

How many controls map between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

What are the compliance gaps when mapping AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence to CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Which control domains have the most gaps between AS9100D:2016 — Quality Management Systems for Aviation, Space, and Defence and CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines?

Related Resources