Information Security Incident Management in Civil Aviation
Description: After completing the course, participants will be able to demonstrate the following competences:
- Identify, classify, and record information security incidents within an ISMS,
- Apply escalation procedures and coordinate containment, response, and recovery,
- Communicate with relevant stakeholders and regulatory bodies during and after incidents,
- Document incidents using structured formats for traceability and audit readiness,
- Evaluate incident trends and apply corrective and preventive actions for continual improvement.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
- Basic understanding of ISMS concepts and information security incidents,
- Familiarity with ISO/IEC 27001 and incident-related terminology,
- Awareness of aviation operational context and PART-IS regulatory requirements
Authorized Partners:
Teaching requirements: Trainers should meet the following requirements:
- Subject Matter Expertise: Proven expertise in ISO/IEC 27035‑1:2023 and ISO/IEC 27001:2022 with specific application in aviation environments.
- Certifications: Recommended certifications include ISO/IEC 27001 Lead Implementer or Incident Manager; experience with aviation security incidents is a strong advantage.
- Training & Practical Experience: Minimum 2–3 years of experience in leading or coordinating information security incident handling processes, preferably in civil aviation or regulated sectors.
Objectives to achieve: The course aims to achieve the following objectives:
- Understand incident management principles based on ISO/IEC 27035‑1:2023 and EASA PART‑IS,
- Identify, report, assess, and respond to information security incidents effectively,
- Learn to manage incident workflows, escalation, containment, and post-incident analysis,
- Document incidents, corrective actions, and lessons learned for ISMS improvement,
- Support compliance with regulatory expectations and readiness for oversight inspections.
