FAQ n.139297

Reporting obligations under point IS.OR.230(b) and Regulation (EU) No 376/2014 (the ‘Occurrence Reporting Regulation’) may be discharged using one reporting channel. Currently, EASA is assessing ECCAIRS-2 and envisaging to update its taxonomy and processes to make it more compatible for possible future reporting of information security incidents.