easa part-is
ClassroomOnline

EASA Part-IS

Language: English
Duration:
3 Days
Get More Information
Fill out this field
Please enter a valid email address.
Fill out this field

Description

The EASA Part-IS Training Course is a comprehensive program designed to enhance aviation professionals’ understanding of the European Aviation Safety Agency (EASA) regulatory framework for Information Security Management Systems (ISMS). Moreover, this course provides organisations, competent authorities, and aviation staff with practical insights into the requirements of Part-IS. Consequently, participants can strengthen compliance. They can also enhance information security and mitigate cyber risks within aviation operations.

The training begins with an introduction and course overview. During this phase, participants meet the instructor, understand the course objectives, and review the timetable. The first module emphasizes the importance of safety, security, and information security. It also explains the interdependencies between these areas and the potential impact of information security events on safety. Additionally, participants explore real-world examples of aviation cyber-attacks. They learn about the significance of training, awareness, and security culture, including references to just culture and cyber security culture.

Subsequently, the course delves into decoding the EASA Part-IS regulatory framework. Participants gain a deep understanding of the European Aviation Regulatory Framework. They also understand the rationale behind Part-IS and the core principles of ISMS. Furthermore, the course covers key regulations, including EASA Opinion 3/2021 and Commission Implementing Regulation (EU) 2023/203. It also includes Commission Delegated Regulation (EU) 2022/1645 and the NIS 2 Directive. These provide clarity on how they relate to Part-IS compliance.

In addition, practical modules address Part-IS Organisation Requirements (OR) and Authority Requirements (AR), including guidance materials and acceptable means of compliance. The course also features a comprehensive assessment questionnaire. This enables organisations to identify compliance gaps and competent authorities to evaluate oversight measures effectively.

Ultimately, by completing the EASA Part-IS course, participants gain actionable knowledge to implement robust information security management systems. As a result, they ensure regulatory compliance and strengthen aviation cybersecurity resilience. This training is ideal for aviation safety managers, compliance officers, regulatory staff, and information security professionals seeking to advance their expertise. It focuses specifically on aviation information security management and Part-IS implementation.

Key Topics

Module 1: Introduction

  • Welcome and course overview

  • Expectations and course objectives

  • Introduction of instructor and participants

Module 2: Setting the Scene

  • The role of information security in aviation

  • Interdependency between safety, security, and information security

  • Real-life cyber incidents affecting aviation

  • Building a just, security, and cyber security culture

  • Importance of information sharing and awareness training

Module 3: EASA Framework Decoded

  • Understanding the European aviation regulatory environment

  • The rationale behind EASA Part-IS

  • Introduction to Information Security Management Systems (ISMS)

Module 4: Regulatory Framework

  • Overview of relevant EU regulations (e.g., NIS 2, security regulations)

  • EASA Opinion 3/2021 on information security risk management

  • Review of key rules: Commission Implementing Regulation (EU) 2023/203 and Commission Delegated Regulation (EU) 2022/1645

Module 5: Part IS-OR – Organisation Requirements

  • Specific organisational requirements under Part-IS

  • Understanding the Acceptable Means of Compliance (AMC) and Guidance Material

Module 6: Part IS-AR – Authority Requirements

  • Oversight obligations of competent authorities

  • AMC and guidance relevant to national authorities

Module 7: Self-Assessment Questionnaire

  • Review and discussion of 70+ regulatory self-assessment questions

  • Gap analysis exercise for organisational or authority readiness

  • Identification of improvement areas to ensure compliance

Objectives

By the end of this course, participants will be able to:

  • Understand the objectives and scope of the EASA regulatory framework on information security

  • Explain the structure and content of Part-IS and how it relates to other EU regulatory frameworks (e.g., NIS 2)

  • Identify implementation requirements for both organisations and authorities

  • Gain practical insights into compliance expectations, including AMCs and Guidance Material

  • Conduct a self-assessment to evaluate current ISMS practices and detect areas for improvement

  • Promote an integrated information security culture within aviation organisations

Targe Audience

  • Civil Aviation Authorities (CAAs)
  • Maintenance organisations
  • CAMOs
  • Air Operators
  • U-Space Service Providers
  • Air Traffic Control and Aircrew Training Organisations
  • Aeromedical Centres and FSTD Operators

Certificate

Upon completion, participants receive
a certificate of achievement.

Request More Information

Full name *
Fill out this field
Email *
Fill out this field
Message
Fill out this field

Other trainings

ClassroomOnline

Aerodrome Safety Audit and Inspection Techniques

The Aerodrome Safety Audit and Inspection Techniques course develops the practical skills needed to conduct safe and effective airside audits.…
AirportCivil Aviation Authorities