The European Union Aviation Safety Agency (EASA) has published Revision from December 2025 of the Easy Access Rules for Information Security (EAR for IS).
This new Revision incorporates the following regulatory material:
- Commission Implementing Regulation (EU) 2025/2293 on requirements applicable to organisations subject to a declaration, and correcting accordingly the existing regulatory framework;
- Commission Delegated Regulation (EU) 2025/22 amending Commission Delegated Regulation 2022/1645 regarding requirements on information security for organisations providing ground handling services;
- ED Decision 2025/013/R on the management of information security risks, amending the AMC & GM to the Articles of Regulations (EU) 2022/1645 and 2023/203;
- ED Decision 2025/014/R on the management of information security risks, amending the AMC & GM to Part-IS.I.OR and Part‑IS.D.OR;
- ED Decision 2025/015/R on the management of information security risks, amending the AMC & GM to Part-IS.AR; and
- a ‘List of acronyms and abbreviations’.
The EAR for IS are available for free download from the EASA website in pdf, as well as in xml format with machine-readable content. As they are generated through the eRules platform, they will be updated regularly to incorporate further changes and evolutions to their content.
Please send your feedback and comments by using the Easy Access Rules area on the contact us form.
Get notified via email alerts
Stay informed when we publish new content like this. You can always unsubscribe or update these settings later on.