My organisation is an operator or entity referred to in the national civil aviation security programmes of Member States laid down in accordance with Article 10 of Regulation (EC) No 300/2008 and complies with the cybersecurity requirements of point 1.7 of the Annex to Implementing Regulation (EU) 2015/1998. As a consequence, is the organisation considered to be fully compliant with Part-IS?
My organisation is an operator or entity referred to in the national civil aviation security programmes of Member States laid down in accordance with Article 10 of Regulation (EC) No 300/2008 and complies with the cybersecurity requirements of point 1.7 of the Annex to Implementing Regulation (EU) 2015/1998. As a consequence, is the organisation considered to be fully compliant with Part-IS?
Answer
No, as required by Article 4(2) of Delegated Regulation (EU) 2022/1645 and Article 5(2) of Implementing Regulation (EU) 2023/203 and in addition to those requirements, point IS.OR.230 needs to be complied with in order to have legal compliance with the requirements stemming from Part-IS. Compliance with Part-IS will be verified by the competent authority that is identified in Article 6 of the Implementing Regulation and Article 5 of the Delegated Regulation.
Last updated
05/02/2024