The European Union Aviation Safety Agency (EASA) has published the first Easy Access Rules (EAR) for Information Security. This publication contains the rules and procedures for the management of information security risks with a potential impact on aviation safety for organisations and authorities, displayed in a consolidated, easy-to-read format, with advanced navigation features through links and bookmarks.
It covers Commission Implementing Regulation (EU) 2023/203 and Commission Delegated Regulation (EU) 2022/1645, and the related acceptable means of compliance (AMC) and guidance material (GM).
This publication from October 2023 includes:
- Commission Implementing Regulation (EU) 2023/203 on the management of information security risks with a potential impact on aviation safety for organisations and competent authorities;
- Commission Delegated Regulation (EU) 2022/1645 on the management of information security risks with a potential impact on aviation safety for DOA, POA, Apron Management and Aerodrome Operators;
- ED Decision 2023/008/R providing for AMC & GM to the Articles of Regulation (EU) 2022/1645 and Regulation (EU) 2023/203;
- ED Decision 2023/009/R providing for AMC & GM to support the Part-IS regulatory package implementation — Part-IS.D.OR and Part-IS.I.OR; and
- ED Decision 2023/010/R providing for AMC & GM to support the Part-IS regulatory package implementation — Part-IS.AR.
The EAR for Information Security are available for free download on the EASA website as pdf, online dynamic publications with filters and search functions for simple navigation with computers, tablets, and mobiles, as well as in xml format with machine-readable content. As they are generated through the eRules platform, they will be updated regularly to incorporate further changes and evolutions to their content.
Please send your feedback and comments by using the Easy Access Rules area on the contact us form.