EASA Part-IS Compliance

Practitioner Level – Implementation & Application

BOOK NOWIN-COMPANY REQUEST
Length
2 day course
Price
£820 GBP excl. VAT
Course delivery
Classroom & Online
Face-to-face locations
London Gatwick
Timing
09:00-17:00 UK time
Course Overview

This comprehensive two-day training provides both familiarisation with Part-IS requirements and practical guidance on implementing an Information Security Management System (ISMS) in accordance with those standards. It is designed for personnel involved in establishing, operating, or supporting ISMS processes within their organisation.

Delegates will engage in interactive exercises, case studies, and scenario-based discussions to apply Part-IS principles in realistic operational contexts. Practical sessions include reviewing sample ISMS documents, identifying gaps, and developing actionable ideas for implementation. This training corresponds to the LEVEL 1 familiarisation course defined under EASA regulation (EU) 1321/2014 (Part-66).

  • Better understand Part-IS and its importance
  • Explore key concepts and terminology around Part-IS
  • Contribute to Part-IS compliance, understand how to demonstrate competence and assurance, and support the effective operation of an ISMS within their organisation
Choose Your Course Date
Start Date End Date Venue Price (Excl. VAT) Availability Book

New dates coming soon. Please contact us for more information.
What is Part-IS and why does it matter?

Part-IS establishes the regulatory framework for the oversight and implementation of Information Security Management Systems (ISMS) for EASA-approved organisations in scope of Delegated Regulation (EU) 2022/1645 and Implementing Regulation (EU) 2023/203. It supports resilience to cyber threats, ensures continuity of aviation services, and aligns with the broader cybersecurity legal framework, including NIS2, EU 2022/1645, and EU 2023/203.

As of 2025, authorities and service providers must demonstrate compliance through robust governance, threat identification, incident response, and oversight capabilities. The program blends core principles with hands-on application, ensuring delegates understand not only the ‘what’ but also the ‘how’ of compliance.

  • Aviation professionals responsible for implementing or supporting Information Security Management Systems (ISMS).
  • Compliance and regulatory staff seeking to strengthen knowledge of ISMS requirements and cross-domain security practices.
  • Managers and decision-makers overseeing ISMS processes and organisational security governance.
  • Personnel involved in supply chain security, staff vetting, or audit preparation under information security and cyber regulations.

By the end of this course, delegates will be able to:

  • Build a clear understanding of what Part-IS is, its purpose, and its link to aviation safety.
  • Recognise the regulatory framework and key drivers behind Part-IS, including EU 2022/1645 and EU 2023/203.
  • Understand core information security concepts and terminology in the context of aviation.
  • Identify the scope of an aviation Information Security Management System (ISMS) and typical safety-relevant assets.
  • Explore practical approaches to meeting Part-IS requirements, from governance to incident reporting.
  • Develop awareness of supply chain information security obligations and good practice.
  • Practice risk assessment, control selection, and incident response planning.
  • Understand incident reporting processes and the principles of continuous improvement in ISMS.
  • Terminology
  • Threat to Information Security
  • Information Security vs Cybersecurity
  • Information with impact on safety
  • CIA
  • Wider regulatory context
  • Regulation structure
  • ISMS and ISMM
  • Principles of risk assessment and treatment
  • Internal and external reporting
  • Incident detection, response and recovery
  • Response to findings
  • Contracting activities
  • Personnel requirements
  • Record keeping
  • Continuous improvement

A background in aviation safety, cyber or risk management is recommended.

Familiarity with Safety Management Systems (SMS) or compliance frameworks is an advantage.

Pre-course documentation includes:

  • Our Part-IS e-learning module. Coming soon!

Meet your Instructors

Trainer Photo of Jonathan Haskoll

Jonathan Haskoll

Jonathan Haskoll

Aviation Cybersecurity Oversight

Jonathan joined the UK CAA in 2019 and spent 5 years delivering cybersecurity oversight of aviation. He primarily focused on aerodromes and Air Navigation Service Providers through the UK’s Cybersecurity Oversight Process for Aviation CAP1753, before joining the​ Cybersecurity Policy team in 2024, setting regulatory direction across the UK aviation industry and providing guidance and expertise to organisations across the range of applicable cyber regulations.

Before joining the UK CAA, Jonathan spent 15 years in the UK Civil Service, holding positions within the Department for Transport, DEFRA and the Cabinet Office, implementing oversight regimes and overseeing compliance with security and cybersecurity regulations across Critical National Infrastructure sectors.​

Jonathan’s certifications include GIAC Strategic Planning, Policy, and Leadership (GSTRT) and ISMS Lead Auditor (CIS LA).

Additional Information

Course delivery methods

  • Instructor-Led Virtual Course: Enjoy the flexibility of attending this training remotely from your home or office with our live virtual course. Engage in interactive learning from anywhere in the world. We deliver our virtual courses via Microsoft Teams, Zoom, and Webex. Once your booking is confirmed, we will notify you of the platform on which your selected course will be hosted. To attend this course virtually, look for the ‘online’ venue option in the booking table above.
  • Face-to-Face Classroom Course: Embrace the traditional learning method by attending our physical training venue. Benefit from direct interaction with our instructors and fellow participants, creating an immersive and hands-on learning experience. To book a classroom course, please check the booking table at the top of this page and select your preferred training venue location.

If you can’t see an upcoming course date, we likely haven’t released the next set of dates. Please get in touch to find out when we’ll announce the new dates, and we’ll be sure to keep you informed once they are available or even add you to our waiting list.

In-company delivery

We can also tailor this training course to suit your organisation’s training requirements. These bespoke training packages can be delivered at your organisation’s location – almost anywhere, worldwide. Please Contact us for more information and to discuss your requirements.

VAT information

Please ensure you have your company VAT number available when booking. For additional information regarding VAT please click here.

FAQs

To help make your decision about booking training with CAAi, we have put together a list of frequently asked questions.

If your question isn’t answered, please get in touch and speak to a member of our training team.

Photo Gallery

Course photos coming soon.

Questions and Answers

Course Reviews

No reviews yet

Other courses you might be interested in
Two aviation professionals working together on a laptop

EASA Part-IS Familiarisation

Gain a clear, practical understanding of EU Part‑IS fundamentals, terminology and requirements to support aviation information security awareness.

Two aviation professionals working on a computer together

EASA Part-IS Oversight & Assurance

Explore the regulatory, technical and operational tools to conduct or support Part-IS implementation and oversight.

See All Courses

Let’s talk

If you’d like to speak with us about your training requirements,
our friendly team are here to help.
+44 (0)330 022 4401
training@caainternational.com
View shopping cart