Stay compliant with EASA’s new information security regulations

Meet the latest EASA Part-IS requirements with AeroEx’s comprehensive information security solutions.
Contact us
Learn more
Days
Hours
Minutes
Seconds
remaining until EASA Part-IS regulations take effect

Understanding EASA’s latest information security regulation: Part-IS

The new EASA Part-IS regulation (Commission Implementing Regulation (EU) 2023/203 and Commission Delegated Regulation (EU) 2022/1645) introduces a robust framework for identifying, assessing, and managing information security risks that impact aviation safety.

Effective October 2025 for some organizations, and February 2026 for others, this regulation emphasizes a proactive approach to information security, covering areas such as:

  • Governance and risk management
  • Event detection and response
  • Continuous improvement and reporting standards

To comply, EASA-approved organizations will need to integrate an Information Security Management System (ISMS) within their Safety Management System (SMS), ensuring seamless cross-functional coordination and enhanced cyber resilience.

Why compliance with EASA’s Part-IS is crucial

Information security breaches pose significant risks to aviation safety. Part-IS aims to:
  • Mitigate cyber threats to safety
  • Increase resilience against cyber-attacks
  • Promote standardized safety and compliance measures across the aviation ecosystem
Ensuring your organization is compliant is essential for maintaining operational continuity, customer trust, and regulatory alignment. AeroEx’s tailored services and toolkits make achieving compliance straightforward and effective.

Information security services

Comprehensive information security services by AeroEx

AeroEx offers a suite of specialized services designed to meet the new EASA Part-IS requirements and protect your organization from cyber risks. Our offerings include:

Information security advisory

Expert guidance to strengthen your organization’s information security and ensure regulatory compliance.

Information security & data protection audits

Comprehensive audits to evaluate and improve your data protection and security practices.

External data protection & security officers

Certified officers to oversee your compliance with EASA data protection and security requirements.

GAP analyses & risk assessments

Identify vulnerabilities and assess risks to enhance your information security framework.

Assistance with investigations

Expert support for investigating security breaches and compliance violations.

ISM manual preparation & revision

Development and maintenance of your Information Security Management (ISM) Manual in line with EASA standards.

Training courses (on-site & online)

Equip your team with the knowledge and skills to meet information security and data protection requirements.

AMAS.aero toolkits

Utilize the AMAS.aero platform for seamless compliance management and real-time security monitoring.
  View toolkits

Cybersecurity insurance

Protect your business from cyber incidents with tailored cybersecurity insurance solutions.
Don’t wait until regulatory deadlines approach or a security incident occurs. AeroEx’s tailored solutions will help you navigate EASA’s latest regulations and build a resilient, compliant ISMS. Contact us today to discuss your needs, and let us guide you toward a compliant and secure future in aviation.
Let's talk!

AMAS.aero Information Security Toolkits

Tailored solutions to meet EASA’s information security regulations

Our specialized toolkits with the AMAS.aero platform help your organization comply with EASA’s Part-IS (EU) 2023/203 regulations. Whether you are just starting to implement your Information Security Management System (ISMS) or need a comprehensive solution to support ongoing compliance and improvement, our toolkits provide everything you need.

Key benefits of our toolkits:

01

Compliance with legal requirements

Ensure full compliance with Regulation (EU) 2023/203, including essential ISMS documentation and processes.
02

Holistic approach

Supports systematic implementation, monitoring, and continuous improvement of your ISMS, aligning with industry best practices.
03

Efficient integration

Seamlessly complements your existing compliance and safety management systems, avoiding duplication and increasing efficiency.
04

Risk reduction

Establishes a structured ISMS to identify vulnerabilities early, minimizing security risks to your organization.
05

Continuous improvement

Enables ongoing review and adjustment of security measures to keep pace with evolving threats and regulatory updates.
06

Proactive monitoring

Real-time tracking and monitoring mechanisms strengthen compliance and improve response to potential security incidents.
07

Standardized processes

Provides clear, consistent, and repeatable processes for managing information security, making compliance easier to maintain.
08

Data protection

Safeguards sensitive company data, ensuring confidentiality and protecting your organization’s reputation.

AMAS.aero Information Security Starter Toolkit

AMAS.aero Information Security Advanced Toolkit

Starter Toolkit

Covers the basic requirements for ISMS in line with EASA Part-IS regulations. Provides tools for setting up ISMS, performing GAP analysis, and creating the ISMM.
  • AMAS.aero applications: Standards & Regulations, Manuals, Questionnaires, Information Collection
  • 1 named user/editor (primary user)
  • Information Security Management Manual (ISMM) template, with annual revision service
  • EASA Information Security Regulation Bundle: IS.AR, IS.D.OR, IS.I.OR, and Occurrence Reporting
  • Forms, guidance material, and annual revision service
  • Cross-reference list to ensure compliance, with annual revision service
  • Information security audit checklist, with annual updates
  • Webinar “How to use the Starter Toolkit”
  • Implementation plan to set up ISMS
Learn more
Best suited for:
  • Organizations just beginning to implement an ISMS and looking for a straightforward, cost-effective solution.
  • Small to medium-sized companies that need to meet basic regulatory compliance without extensive internal resources.

Advanced Toolkit

Covers all ISMS requirements in line with EASA regulations. Provides everything needed for a full-scale ISMS, including risk management, compliance monitoring, and continuous improvement.
  • AMAS.aero applications: Compliance and Safety Management Suite, Manuals
  • 5 named users/editors (primary users)
  • Information Security Management Manual (ISMM) template, with annual revision service
  • EASA Information Security Regulation Bundle: IS.AR, IS.D.OR, IS.I.OR, and Occurrence Reporting
  • ISO 27001 Information security management systems
  • Forms, guidance material, and annual revision service
  • Cross-reference list to ensure compliance, with annual revision service
  • Information security audit checklist, with annual updates
  • Webinar “How to use the Advanced Toolkit”
  • Implementation plan for full ISMS setup
  • Consulting service: 8 hours/year of expert consultation
  • Online training for each user, including certificates
Learn more
Best suited for:
  • Organizations with complex operational needs that require an integrated solution for ongoing risk management, compliance monitoring, and continuous improvement.
  • Companies needing to meet both EASA Part-IS and ISO 27001 standards for information security.

Stay compliant, stay secure.

View info brochure

Information security packages

Comprehensive assessments to ensure full compliance with EASA’s Part-IS standards.

Combined EASA Independent Management System Audit and Information Security (IS) GAP-Analysis

EASA Information Security (IS) GAP-Analysis

Why choose AeroEx for information security compliance?

Our solutions are tailored specifically to the aviation industry, ensuring comprehensive compliance with Part-IS. AeroEx provides:
Industry expertise

Leveraging our extensive experience and deep-rooted expertise in the aerospace industry, we deliver unmatched insights and robust support.

Customized solutions

We understand that every organization’s security needs are unique and design solutions to fit your specific requirements.

AMAS.aero platform integration

Leverage our AMAS.aero platform for seamless compliance management, real-time updates, and automated reporting features.

End-to-end support

From initial assessments to continuous improvements, our team provides support at every compliance stage, ensuring your systems evolve with regulations.

Strategic Partnership with DEUDAT

In collaboration with DEUDAT, a leader in information security and data protection, we bring unparalleled expertise and insight to every project. This strategic partnership enables AeroEx to deliver top-tier guidance and support, leveraging DEUDAT’s specialization in cybersecurity to address evolving aviation industry needs and ensure robust protection for your organization.

Your roadmap to EASA Part-IS compliance

Stay secure, stay compliant with AeroEx’s integrated approach to information security and data protection. Let us guide you through the complexities of EASA regulations, offering you the peace of mind and operational efficiency to focus on what matters most — safe, secure aviation operations.

1
Initial consultation
Assess your current information security setup and identify compliance gaps.
2
Customized compliance package
We develop a tailored plan that includes audits, GAP analyses, manual preparation, and training.
3
Ongoing support
AeroEx’s continuous support ensures you stay compliant as regulations and cyber threats evolve.
Stay ahead of regulatory demands and prevent compliance risks with AeroEx’s advanced solutions. Proactively build a compliant, resilient ISMS tailored to EASA’s evolving standards. Connect with us today, and let AeroEx be your partner in shaping a secure, compliant future in aviation.
Let's talk!

© 2024 by AeroEx GmbH

Linkedin-in

Please fill out the form, and our team will contact you to discuss how we can best meet your information security needs.

The data collected will only be processed to deal with your request. For more information, please see our Privacy Policy. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also call or email us directly:

Register for the MROs Forum in Widnau, Switzerland on June 27, 2023

The data collected will only be processed to deal with your request. For more information, please see the privacy policy.

Register for the MROs Forum in Mönchengladbach, Germany on September 27, 2023

The data collected will only be processed to deal with your request. For more information, please see the privacy policy.

Register for the MROs Forum in Malmö, Sweden on May 9, 2023

The data collected will only be processed to deal with your request. For more information, please see the privacy policy.