PART-IS: Securing the digital transformation of aviation

The Implementing Regulations (EU) 2023/203 and (EU) 2022/1645, known as PART-IS, mandate European aviation industry stakeholders to implement rigorous management of information security risks that may impact aviation security. 
Bureau Veritas supports you through this regulatory transition.

contact an expert

What is PART-IS and its objectives?

PART-IS is a European regulatory framework introduced by regulations (EU) 2023/203 and (EU) 2022/1645. It aims to strengthen the resilience of critical information systems in the aviation sector, by setting requirements in terms of governance, risk management, incident detection and operational continuity. PART-IS objectives include preventing cybersecurity incidents impacting aviation security, harmonizing information security practices in European aviation, and enhancing cooperation between competent authorities and organizations.

The official dates for compliance with PART-IS are as follows:

  • October 16, 2025: for organizations covered by the delegated act.

  • Affected organizations

    • Design Organizations (PART-21J) 
    • Production Organizations (PART-21G)
    • Aerodromes Operators (PART-ADR.OR)
  • January 1, 2026: for EGNOS air navigation service providers.
  • February 22, 2026: for other entities and competent authorities

  • Affected organizations

    The regulation applies to a wide range of aviation stakeholders, including :

    • Maintenance Organizations (PART-145)
    • Continuing Airworthiness Management Organizations (PART-CAMO)
    • Air Operators (PART-ORO)
    • Approved Training Organizations (ATO - PART-ORA)
    • Flight crew medical centers
    • U-space service providers
    • Air Traffic Controller Training Organizations (ATCO TOs)
    • ATM/ANS service providers (PART-ATM/ANS.OR)

Key Compliance Requirements

  • Implementation of an Information Security Management System (ISMS)
  • Information risk assessment and treatment
  • Continuous monitoring and incident detection
  • Incident response and operational continuity planning
  • Personnel training and awareness
  • Audit and continuous improvement

Bureau Veritas’ guidance for PART-IS compliance 

Bureau Veritas offers a comprehensive solution to help you achieve PART-IS compliance:

  • Gap analysis: Assessment of your current level of compliance with PART-IS requirements
  • ISMS implementation: Support in structuring and deploying compliant information security management system
  • Training:Training sessions covering regulatory requirements, risk management and good practices
  • Customized workshops: Practical workshops to enhance internal skills and prepare for audits
     
Innovation_drone

PART-IS webinar 

During this webinar, our aerospace and cybersecurity specialists shared their expertise and answered questions about PART-IS.

WATCH THE REPLAY ➜

Part-IS (aeronautics)

access our training courses

Why Choose Bureau Veritas?

Leveraging our expertise in cybersecurity and regulatory compliance, we help you secure your operations while meeting European requirements. Our multi-disciplinary teams are with you every step of the way to PART-IS compliance.

Bureau Veritas: worldwide trusted third party in tests, inspections, certifications

As a reliable partner throughout project stages, we help you address modern challenges by leveraging our international expertise.

Explore