EASA Part IS
Regulation Training
Applicable to all aviation stakeholders
Zurich, Switzerland
30 June - 02 July 2025
In order to efficiently contribute to the protection of the aviation system from information security risks, and to make it more resilient to information security events and incidents, EASA has defined provisions to ensure:
​
-
Detection and Recognition of security incidents as well as the identification of adequate responses to such incidents and recovery measures to ensure an acceptable level of their impacts with respect to aviation safety.
-
Identification and management of information security risks related to information and communication technology systems and data used for civil aviation purposes
​​
These provisions are foreseen to be introduced into new Implementing and Delegated Regulations, the so called EASA Part IS.
​
The EASA Part-IS provisions will be applicable from October 16, 2025 for organisations in the scope of the delegated act and from February 22, 2026 for all other organisations and competent authorities covered by the implementing act.
​
The Part IS will be applicable to the competent authorities and organizations in all aviation domains, e.g., among others:
​
-
DOA holders and POA holders, AOC holders (CAT), Maintenance Organisations, CAMOs, Training Organisations, Aero-medical centres, operators of flight simulation training devices (FSTDs), ATM/ANS Providers, U-space service providers and single common information service providers.
As required by the EASA opinion 03/2021 and as laid out in Commission Regulation (EU) 2023/203 and (EU) 2022/1645, the Following Commission Regulations (EU) are concerned for the introduction of Information Security requirements:
No 748/2012, No 1321/2014, 2017/373, 2015/340, No 139/2014, No 1178/2011, No 965/2012 and 2021/664.
Objectives
Understand all aspects of the EASA Part IS requirements as laid out in Commission Regulation (EU) 2023/203 and in Commission Delegated Regulation (EU) 2022/1645: Security Management System and its relation with the Safety Management System, Security Risk Assessment and treatment, Security Incident Detection, Reporting, Response and Recovery, Personnel Requirements and content of ISMM. The training also provides an overview of the relations between the Part IS with the relevant sections of other regulations like Part-21, Part CAMO, Part 145, Part-OPS.
​
At the end of the course participants will be able to understand the regulation and also gain awareness of how it can be practically and successfully implemented into their organisation.
Course Content
-
Overview of EASA organisation and EASA regulations
-
Intro to Information/Cyber-security
-
Impact in aviation
-
Information security management system
-
Information security risk assessment and treatment
-
Information security internal reporting scheme
-
Information security incidents – detection, response, and recovery
-
Response to findings notified by the competent authority
-
Information security external reporting scheme
-
Contracting of information security management activities
-
Personnel requirements
-
Record-keeping
-
Information security management manual (ISMM)
-
Changes to the information security management system
-
Continuous improvement
Target Groups
This course is aimed at the Accountable Managers and Proposed Nominated Persons across all Aviation Business Domains including Flight OPS, Design and Production (Part 21), Continuing Airworthiness (CAMO) and Maintenance OPS (145) , Crew Training and Ground Ops, Compliance Monitoring Managers (Quality Managers) and also to all aviation professionals interested in deepening their knowledge in into the Cybersecurity in Aviation and for those who consider cross-domain training an opportunity of enrichment and a means to increase their jobs’ performance effectiveness.
Certification
Knowledge test will be performed at the end of the course. Certificate will be issued after the course completion.
Location
Hotel Allegra Lodge – welcome hotels
Hamelirainstrasse 5
CH-8302 Kloten
​
The Hotel Allegra Lodge is located in the near vicinity of the ZRH Airport and close to city center Zurich.
You can reach the hotel and the airport quickly and easily by taxi, public bus and train. The hotel is located in the immediate vicinity of the Kloten-Breitistrasse/Bahnhof stop and the Kloten railway station. Both can be reached on foot in just a few minutes.
Airport Taxi from the airport
Use the official taxis marked “Airport Taxi”, as the journey can be paid for by credit card. You will find the taxis at the Arrivals 1 and 2 entrances.
Public bus from the airport
Buses run from Zurich Airport bus station to Kloten at regular intervals. Bus 731 towards Kloten-Buchhalden or bus 733 towards Kloten-Graswinkel will take you to Kloten in about 5 to 10 minutes.