Part-IS

You strengthen aviation security. We are at your side.

Civil aviation consists of a complex network of numerous interconnected systems that are increasingly becoming the target of cyber attacks. Part-IS (Part Information Security) requires affected organizations to take effective measures to protect against information security risks that could compromise aviation security.

What Does Part-IS Mean for Your Organization?

Part-IS requires regulated aviation organizations and the relevant authorities to implement an information security management system (ISMS). The aim is to systematically identify, assess, and address information security risks that could potentially impact civil aviation. Compliance with the requirements is verified by the European Aviation Safety Agency (EASA) and national aviation authorities such as the Federal Aviation Authority (LBA) and conducted by accredited auditors. 

usd as your EASA accredited Part-IS partner

Whether you are facing an external Part-IS audit by the supervisory authority, reviewing your internal processes as part of your annual compliance monitoring, or pushing ahead with the development of an ISMS, as an EASA accredited auditor, we are your reliable partner for all matters relating to Part-IS and information security.

External audits on behalf of EASA

EASA may assign us as auditors to conduct external audits of aviation companies for compliance with the information security requirements according to Part‑IS.

Internal audits for compliance monitoring and audit preparation

In our role as internal auditors, we provide targeted support for the annual compliance monitoring required (Compliance Monitoring Manager). We review your ISMS and the associated processes to ensure that your company meets the applicable regulatory requirements and achieves the best possible level of security.

Consulting and support for Part-IS compliance

In their role as advisors, our security consultants support you on your path to Part-IS compliance – from analyzing your existing processes to developing an ISMS and preparing for audits.

Important: The EU regulation requires a strict separation of consulting and auditing functions. This ensures neutrality and the highest security standards. The clear distinction between our Security Audits and Security Consulting business areas is part of our everyday practice, ensuring that we always adhere to this principle.

Do Companies That Already Operate an ISMS Have an Advantage?

An ISMS in accordance with ISO 27001 is a solid foundation, but there are key differences between them. While ISO 27001 defines a structured management system for information security, Part-IS expands this framework to include aviation-specific elements: a more security-oriented risk assessment, mandatory integration into existing safety management structures, and closer involvement of regulatory authorities.

Learn more

Why usd AG Is Your First Choice for Part-IS Audits

Experience

Over 20 years of experience in international information security development and consulting projects, complemented by comprehensive industry know-how in European aviation.

Full Service Provider

We cover the entire IT security value chain – from pentests to consulting and assessments.

Independence

Independent and comprehensive consulting – from security strategy to guidelines.

Practicability

The best recommendation is useless if it cannot be implemented in practice. That's why our customers value our best practices and our view of reality.

More Information on Part-IS

Part-IS: The 7 Most Important Questions

 

Part-IS & ISO 27001: Synergies for Compliance

Contact

 

Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Email: sales@usd.de
S/MIME
Contact form

 

Felix Schmidt
Executive Board Member usd Security Consulting