One of the main objectives of Regulation (EC) No 300/2008 is to provide the basis for a common interpretation of Annex 17 (Security Annex) of the Convention on International Civil Aviation2 of 7 December 1944, 10th edition, 2017 to which all the EU Member States are signatories.

The means of achieving the objectives are (a) the setting of common rules and common basic standards on aviation security and (b) mechanisms for monitoring compliance.

The purpose for amending the implementing legislation is to support Member States in ensuring full compliance with the most recent amendment (Amendment 16) to Annex 17 of the Convention on International Civil Aviation, which introduced new standards under chapters 3.1.4 related to national organisation and appropriate authority and 4.9.1 related to preventive cybersecurity measures.

By transposing these standards into the implementing EU wide aviation security legislation, it will be ensured that appropriate authorities establish and implement procedures to share, as appropriate and in a practical and timely manner, relevant information to assist other national authorities and agencies, airport operators, air carriers and other entities concerned, to conduct effective security risk assessments relating to their operations and in that way support these entities in conducting effective security risk assessments related to, among other areas, cybersecurity and implement measures addressing cyber threats.

Directive (EU) 2016/1148 of the European Parliament and of the Council concerning measures for a high common level of security of network and information systems across the Union (NIS Directive) lays down measures with a view to achieving a high common level of security of network and information systems within the Union3 so as to improve the functioning of the internal market. Measures stemming from the NIS Directive and this Regulation should be coordinated at national levels to avoid gaps and duplications of obligations.

Commission Implementing Regulation (EU) 2015/19984 should therefore be amended accordingly.

The measures provided for in this Regulation are in accordance with the opinion of the Committee on Civil Aviation Security set up pursuant to Article 19(1) of Regulation (EC) No 300/2008,