Yeah, but security industry is mostly a joke full of fraudsters. There are parts of it that work well, but most of it is theater and not that much competence.
Which is fine for low states they deal with and not fine with planes.
Having been in both in software/IT capacities, having done PCI certified software, medical device software (requiring FDA approval), no. Not even close.
MAYBE, MAYBE the insurance company assessments/audits are kind of related to what you are talking about. But not really. But not the FAA ones. They are such a different beast with so much brain power involved along with people with a combined centuries of experience in this stuff, it's hard to explain without being around it.
Which is fine for low states they deal with and not fine with planes.