{"id":29850,"date":"2026-04-23T17:20:32","date_gmt":"2026-04-23T16:20:32","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=29850"},"modified":"2026-04-23T17:20:34","modified_gmt":"2026-04-23T16:20:34","slug":"part-is-in-2026-from-regulatory-framework-to-operational-reality","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/04\/part-is-in-2026-from-regulatory-framework-to-operational-reality\/","title":{"rendered":"Part-IS in 2026: from regulatory framework to operational reality"},"content":{"rendered":"\n

Following\u00a0an initial\u00a0phase focused\u00a0<\/span>on understanding the scope and framework of Part-IS<\/span><\/a>\u00a0and on drafting Information Security Management Systems (ISMS), the aviation sector has entered a new phase. In 2026, Part-IS is no longer a theoretical or purely documentary topic \u2014 it has become a matter of operational deployment, with clear expectations from authorities and regulatory adjustments designed to\u00a0facilitate\u00a0its implementation.<\/span>\u00a0<\/span><\/p>\n

Where does the sector stand?\u00a0<\/h1>\n

\"\"<\/p>\n

The rise of Part-IS has been gradual. After the progressive entry into force of the texts in 2022 and 2023, 2025 was marked by the preparation of compliance files and the structuring of ISMS<\/span>.<\/span><\/p>\n

Since 22 February 2026, the implementing regulation has been fully applicable, meaning that new scopes are now covered \u2014 in particular, maintenance and repair activities through Part-145.\u00a0<\/span>Part-IS now applies across the entire operational chain, from design through to operations and support.<\/span>\u00a0<\/span><\/p>\n

Today, the\u00a0organisations\u00a0concerned by Part-IS have acknowledged the subject and\u00a0submitted\u00a0their ISMS. In this context of broad engagement, EASA has on its side adjusted the framework by clarifying and easing certain modalities through the update of the Part-IS AMC and GM.<\/span>\u00a0<\/span><\/p>\n

EASA\u00a0provides for\u00a0an 18-month development phase after the applicability date to reach a fully operational implementation. This progression can be read simply in three steps: a system that is first present and suitable (<\/span>P+S<\/span><\/i>), then operational (<\/span>O<\/span><\/i>), before reaching effective long-term functioning (<\/span>E<\/span><\/i>).<\/span>\u00a0<\/span><\/p>\n

\"\"<\/span><\/p>\n

The EASA\u00a0updates:\u00a0what\u00a0changes in\u00a0practice?\u00a0<\/h1>\n

In late 2025, EASA updated the AMC and GM relating to Part-IS and\u00a0consolidated\u00a0these changes in\u00a0a new version\u00a0of the associated Easy Access Rules.<\/span>\u00a0<\/span><\/p>\n

In\u00a0concrete\u00a0terms,\u00a0these\u00a0changes\u00a0introduce\u00a0several\u00a0significant\u00a0easements:<\/span>\u00a0<\/span><\/p>\n