Regulatory Reference:AMC1 SPA.EFB.100(b)(3)
Welcome to the Raven’s EFB Administrator course. I’m your instructor. In the past, the “flight bag” was made of leather, heavy, and managed personally by the pilot. Today, it is a digital device, connected, and managed by you.
Under AMC1 SPA.EFB.100(b)(3), the EFB Administrator is defined not just as a manager, but as the “primary link” between three critical entities: your operator, the EFB system suppliers, and the Competent Authority. Your mandate is specific. You are the person in overall charge of the EFB system. This is not a passive role. The regulation states clearly that you must ensure hardware conforms to the required specifications and—crucially—that no unauthorised software is installed. Consider the implications of that phrase. In a consumer environment, an iPad® is a personal device. In a Part-SPA environment, it is a critical device for the operation. If a pilot installs an unauthorised application, or a non-vetted weather app, they introduce potential instability and cybersecurity vulnerabilities.
As the Administrator, you are the gatekeeper. You must establish the hardware and software configuration management. This means you define exactly what “Serviceable” looks like. You may be responsible for “Type B” applications (depending on the operator) — the performance calculators and charting apps that the safety of the flight depends on. You must ensure that only current, valid versions of application software and data packages are installed.
This responsibility can be delegated, of course. Complex operators often have deputies or IT support staff. However, the regulatory responsibility remains with the designated Administrator. You are the one who signs off that the system is secure, up-to-date, and compliant with the Operational Approval granted by the Authority.
This course will provide a comprehensive description of the Electronic Flight Bag Policy and Procedures Manual (EPPM). However, before describing the regulation, it is essential to comprehend your inherent authority: you possess the mandate to ground any device that fails to meet the requisite configuration standards. You serve as the critical intermediary in this process.