Course Details

Information Security Management System (ISMS) Airlines


Introduction

  • This course equips airline personnel with the knowledge and practical skills to establish, implement, and operate an ISMS in compliance with European Union Aviation Safety Agency Part-IS. 
  • It focuses on protecting flight operations, passenger data, operational systems, and aviation infrastructure against cyber threats, while ensuring regulatory compliance and operational resilience. 

Objectives

By the end of the course, participants will be able to: 

  • Understand ISMS principles in aviation context
  • Interpret EASA Part-IS requirements for airlines
  • Identify critical airline information assets
  • Conduct risk assessments and threat analysis
  • Apply security controls to airline systems
  • Manage cyber incidents and reporting obligations
  • Integrate ISMS with:
  1. Safety Management System (SMS)
  2. Security Management System (SeMS)
  • Support internal audits and regulatory oversight

Who Sould Attend

  • Airline Operations Managers
  • Flight Dispatch & OCC Personnel
  • IT & Cybersecurity Teams
  • Safety & Compliance Managers
  • AVSEC Officers
  • Maintenance & Engineering (Part-145 / CAMO)
  • Quality & Audit Staff

Course Content

  • Aviation cyber threat landscape (airlines focus)
  • Introduction to ISMS concepts
  • Overview of EASA Part-IS applicability to airlines
  • Asset identification and classification
  • Risk assessment methodology
  • Threat scenarios in airlines:
  • Risk evaluation and prioritization
  • Access control (crew, staff, third parties)
  • Network security (airline IT & ground systems)
  • Data protection (passenger & operational data)
  • Supplier & third-party security (GDS, vendors)
  • Internal audits & oversight readiness
  • ISMS compliance monitoring
  • Disaster Recovery (DR) for airline operations
  • Key performance indicators (KPIs)
  • Incident reporting (regulatory obligations under Part-IS)
  • Cyber incident detection and monitoring
  • Human factors in cybersecurity
  • Business Continuity Planning (BCP)

Prerequisite

  • Be aviation professionals involved in IT, cybersecurity, safety, compliance, or operations
  • Have basic knowledge of information security principles and ISO/IEC 27001
  • Possess at least 2 years of relevant professional experience
  • Be familiar with aviation regulatory frameworks (e.g., SMS, compliance monitoring)
  • Have sufficient English proficiency to engage in technical discussions and exercises
Location
Online
Course Code
U660
Course Duration
5 Day

this course is not planned Request Now

Ask Qustion
Download in PDF