29 August 2025

EASA Part-IS | New Guidance Material & Practical Examples

The new EU Regulation (EU) 2022/1645 (EU) 2023/203 on information security (EASA Part-IS) for aviation organisations will soon become applicable. The regulation requires the establishment of an information security management system (ISMS).

For airport operators, apron management services, manufacturing and design organisations, the regulation will take effect on 16 October 2025, and
for air carriers, maintenance organisations (Part-145), continuing airworthiness management organisations (CAMOs), approved training organisations (ATOs) and other bodies, including supervisory authorities, on 22 February 2026.

The EASA and the Federal Office of Civil Aviation (FOCA) already published various 'Guidance Material' (GM/INFO) in the spring, with new versions and additional implementation tools. We would like to share these with you:

1/1

Weblink(s):

https://www.bazl.admin.ch/bazl/en/home/flugbetrieb/security-measures/cybersecurity/part-is.html

https://zentric.ch/

Document(s) if available:

FOCA GM/INFO

FOCA Part-IS Compliance Matrix

Examples based on FOCA Compliance Matrix

EASA Part-IS | New Guidance Material & Practical Examples

In cooperation with

Subscribe to our Newsletter