What is PART-IS?
EU Regulation 2022/1645 (PART-IS) establishes information security requirements for civil aviation organisations regulated by EASA. Its objective is to ensure that information systems supporting aeronautical operations are adequately protected against threats that could compromise operational safety.
The regulation applies to organisations such as airlines, maintenance organisations (MRO), aircraft designers and manufacturers, air navigation service providers, and other actors in the regulated aeronautical ecosystem.
Our approach
- Interpretation of the EASA PART-IS regulatory framework and its practical application
- GAP analysis against the organisation's PART-IS requirements
- Design of the aeronautical information security management system
- Identification of interfaces with OAMS (Overall Aircraft Management System)
- Implementation of IS controls specific to the aeronautical environment
- Training and awareness for aeronautical personnel involved
- Preparation of evidence for the competent authority
- Integration with existing management systems (SMS, QMS, ISO 27001)
Key deliverables
- PART-IS diagnosis and adaptation plan
- Information security IS policy
- Aeronautical IS risk analysis
- Documented IS procedures (SeMS — Security Management System)
- Security incident management plan
- Training and awareness programme
- Implementation report for the competent authority
- IS manual for integration with OAMS
Specialist team
Our team combines expertise in information security (ISO 27001, ENS) with knowledge of the EASA regulatory framework, enabling us to provide practical advice oriented towards approval by the competent aeronautical authority.