ISMS Implementation and Regulatory Compliance in Civil Aviation
Description: After completing the course, participants will be able to demonstrate the following competences:
- Standards Integration: align aviation ISMS with PART‑IS.I.OR and international security standards,
- Risk & Incident Management: effectively conduct risk assessments, audits, incident response, and corrective actions within aviation context,
- Documentation Governance: produce, verify, and maintain ISMS documentation and records according to regulatory and audit requirements,
- Change & Improvement Leadership: drive continuous ISMS changes and improvement cycles in response to evolving threats and organizational needs,
- Regulatory Liaison: engage with aviation authorities and external auditors to demonstrate compliance, report incidents, and support oversight.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
- Basic understanding of information security management systems and risk frameworks in aviation
- Familiarity with ISO/IEC 27001 fundamentals, risk assessment, incident handling, and documentation
- Awareness of regulatory obligations under EASA and responsibility roles in aviation governance
Authorized Partners:
Teaching requirements: Trainers should meet the following requirements:
- Subject Matter Expertise – Comprehensive knowledge of Regulation (EU) 2023/203 – EASA Part‑IS.I.OR and its alignment with ISO/IEC 27001, ISO/IEC 27005, ISO/IEC 27035, and ISO 19011 standards
- Certifications – Preferred credentials include ISO/IEC 27001 Lead Auditor or Implementer and demonstrated competency in aviation ISMS compliance frameworks
- Training & Practical Experience – At least 2–3 years of experience working with ISMS implementation
Objectives to achieve: The course aims to achieve the following objectives:
- Provide participants with comprehensive understanding of EASA Part‑IS.I.OR scope, structure, and managerial requirements,
- Equip leaders with the ability to implement ISMS in compliance with PART‑IS.I.OR integrated with ISO/IEC standards,
- Enable participants to conduct risk assessments, audits, incident management, and continuous improvement actions aligned with aviation safety imperatives
- Strengthen skills to communicate compliance status and security posture with aviation regulators
- Support decision-makers in aligning ISMS objectives with organizational goals, regulatory expectations, and operational resilience.
