Loading...
ISO/IEC 20000-1 Lead Auditor
Description:
  • To participate in the selection of the audit team
  • To prepare the audit plan
  • To represent the audit team before the customer
  • To give instructions to the audit team
  • To inform any relevant obstacle identified during the audit process
  • To be responsible of the all the audits steps
  • To present the audit report
  • To follow up and close the audit process
Previous skills/knowledge:
  • Demonstrable knowledge of ISO/IEC 20000-1 requirements
  • Demonstrable evidence of participation in ISO/IEC 20000-1 audits (>1 audit recommended) 
  • Professional experience, including in quality management systems, or information security management systems (recommended).
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainer to be qualified ISO 20000-1:2018 – Information technology – Service management - Management Systems Lead Auditor
Objectives to achieve: The participant will learn and apply the main terms, principles, and techniques used during the activities of the audit process, according to the responsibilities assigned to the lead auditor for the review of an IT Service Management System (IT SMS) in compliance with ISO/IEC 20000-1 and based on the guidelines of the ISO 19011 Standard for auditing Management Systems.
ISO/IEC 20000-1 Internal Auditor
Description:
  • To follow the instructions of the lead auditor and support him
  • To collect and analyse enough evidence (e.g., through interview, observation and sampling of documentation) to determine the audit findings and define the audit conclusions
  • To document the audit findings
  • To collaborate in drafting the audit report
  • To interchange information with the rest of the members of the audit team and with the auditee personnel.
Previous skills/knowledge:
  • Demonstrable knowledge of ISO/IEC 20000-1 requirements.
  • Professional experience, including in quality management systems, or information security management systems (recommended).
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainer to be qualified ISO 20000-1:2018 – Information technology – Service management - Management Systems Lead Auditor
Objectives to achieve: The participant will learn and apply the main terms, principles, and techniques used during the activities of the audit process, according to the responsibilities assigned to the Internal auditor for the review of an IT Service Management System (IT SMS) in compliance with ISO/IEC 20000-1 and based on the guidelines of the ISO 19011 Standard for auditing Management Systems.
ICT Readiness for Business Continuity Coordinator
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • ICT Resilience Design – create strategies and architectures ensuring ICT continuity under disruption.
  • Requirements Translation – translate business continuity metrics (RTO, RPO, MBCO) into ICT system specifications.
  • Continuity Planning – develop and document an ICT continuity plan
  • Validation & Testing – carry out tests, exercises, and audits, and interpret results to enhance ICT readiness.
  • Governance & Leadership – guide leadership in evaluating IRBC performance, resource allocation, and ongoing alignment.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
 
  • Basic understanding of business continuity principles and ICT dependency;
  • Familiarity with ISO/IEC 27001 and ISO 22301 concepts;
  • Awareness of ICT incident and disruption scenarios and related response mechanisms.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise – Strong knowledge of ISO/IEC 27031:2025 and ISO 22301, with specific experience in integrating ICT resilience into business continuity management systems.
  • Certifications – Recommended certifications include ISO/IEC 27001 Lead Auditor or Implementer; familiarity with ICT continuity or resilience frameworks is desirable.
  • Training & Practical Experience – At least 2–3 years of hands‑on experience in managing ICT readiness and resilience, and delivering engaging, practical training in ICT continuity.
Objectives to achieve: The course aims to achieve the following objectives:
  • Understand the role and scope of ISO/IEC 27031:2025 in supporting ICT readiness within a BCMS.
  • Convert business continuity requirements (RTO, RPO, MBCO) into ICT‑specific conditions and resilience criteria.
  • Design ICT continuity strategies (e.g., backups, replication, redundancy, cloud solutions) aligned with business objectives.
  • Develop a structured ICT continuity plan with defined triggers, roles, and technical measures.
  • Implement testing, exercises, audits, and define MBCO thresholds to validate ICT readiness.
  • Clarify leadership responsibilities for IRBC governance and continuous improvement.
ISMS Performance Evaluator
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Analytical Assessment – analyze and evaluate the effectiveness of existing ISMS controls.
  • Measurement and Interpretation – define and use indicators to ensure compliance with requirements.
  • Continuous Improvement – systematically introduce improvements based on measurement results, including proposing action plans.
  • Strategic Alignment – ability to connect ISMS measurement results with the organization’s goals.
  • Advisory Capability – competence in preparing reports and recommendations that support decision-making at the management level.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
 
  • Basic understanding of information security principles (confidentiality, integrity, availability),
  • Familiarity with ISO/IEC 27001 structure and key requirements (especially clause 9.1),
  • Ability to interpret simple statistical indicators and percentages in business contexts.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise – In-depth knowledge and practical experience with the ISO 27036 series (Parts 1–4), covering supplier relationships and information security throughout the supplier lifecycle.
  • Certifications – Recommended certifications include ISO/IEC 27001 Lead Auditor or Implementer, with familiarity with ISO 27036:2021–2023.
  • Training & Practical Experience – At least 2–3 years in managing information security in supplier relationships and delivering interactive workshops.
Objectives to achieve: The course aims to achieve the following objectives:
 
  • Understand and apply the requirements of ISO/IEC 27001:2022 and ISO/IEC 27004:2016 for ISMS monitoring and measurement.
  • Develop a structured approach to evaluating ISMS performance and interpreting results.
  • Apply techniques for continuous improvement based on performance indicators.
  • Learn to identify ineffective controls and propose alternative measures based on measurement results.
  • Develop the ability to link performance metrics with the organization’s strategic objectives and reporting to top management.
ISMS Document Compliance Consultant
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Structure and write ISMS documents that meet compliance and operational usability requirements.
  • Create and maintain policies, procedures, records, and registers aligned with ISO/IEC 27001 and ISO 10013.
  • Support audit preparation by organizing and presenting documented information effectively.
  • Evaluate the consistency, completeness, and traceability of ISMS documentation.
  • Apply documentation management techniques including version control, review cycles, and archival rules.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
  • Participants are expected to have the following basic knowledge.
  • Basic understanding of ISMS principles and ISO/IEC 27001:2022 structure,
  • Familiarity with the concepts of documentation, policies, and procedures in management systems,
  • General knowledge of internal audits and compliance requirements.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise – Solid expertise in ISO/IEC 27001:2022, ISO 10013:2021, and related documentation standards within information security management.
  • Certifications – Recommended certifications include ISO/IEC 27001 Lead Auditor or Implementer; additional qualifications in documentation or quality management are an advantage.
  • Training & Practical Experience – Minimum of 2–3 years of experience in designing, maintaining, and auditing ISMS documentation, with proven training delivery in this domain.
Objectives to achieve: The course aims to achieve the following objectives:
  • Develop the ability to create, maintain, and evaluate ISMS documentation in compliance with ISO/IEC 27001:2022.
  • Understand the role of documented information in internal and external audits and certification readiness.
  • Learn to distinguish between policies, procedures, records, and plans, and apply the appropriate structure and format.
  • Improve skills for aligning documentation with real business processes and risk management requirements.
  • Gain competence in preparing complete documentation sets to demonstrate operational and audit compliance.
Supplier Information Security Manager
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Standards Application – apply ISO 27036-1 to 4 guidelines in managing supplier relationships,
  • Risk Assessment – identify, assess, and prioritize supplier-related information security risks,
  • Control Implementation – select and apply appropriate security controls throughout supplier engagement,
  • Supply Chain Security – manage visibility, traceability, and security across hardware and software supply chains,
  • Cloud Security Management – manage information security risks in cloud-based services.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:

  • Basic understanding of information security management and supplier risk concepts,
  • Familiarity with ISO/IEC 27001 terminology and principles,
  • Awareness of the role and importance of third-party/vendor security.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise – In-depth knowledge and practical experience with the ISO 27036 series (Parts 1–4), covering supplier relationships and information security throughout the supplier lifecycle.
  • Certifications – Recommended certifications include ISO/IEC 27001 Lead Auditor or Implementer, with familiarity with ISO 27036:2021–2023.
  • Training & Practical Experience – At least 2–3 years in managing information security in supplier relationships and delivering interactive workshops.
Objectives to achieve: The course aims to achieve the following objectives:
 
  • Understand key requirements and guidelines of ISO 27036‑1 to 4 for supplier relationship security,
  • Identify and assess information security risks associated with different types of supplier relationships,
  • Implement suitable controls throughout the supplier lifecycle,
  • Address hardware, software, and cloud service supply chain guidance per ISO 27036‑3 and ISO 27036‑4,
  • Develop strategies for secure communications, visibility, and risk management with suppliers.
Information Security Controls Coordinator according to ISO/IEC 27002
Description: After completing the course, participants will be able to demonstrate the following competences:

  • Analytical Assessment – analyze the structure and purpose of ISMS controls,
  • Risk Integration – connect controls to the results of risk assessments,
  • Implementation Coordination – coordinate the selection and adaptation of controls within the ISMS,
  • Performance Evaluation – assess control effectiveness through practical evaluations,
  • Strategic Advisory – provide recommendations to management for aligning controls with ISO/IEC 27001 requirements.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
  • Basic understanding of information risk and ISMS principles,
  • Familiarity with the context and terminology of ISO/IEC 27001 and ISO/IEC 27002,
  • Ability to understand the classification and function of ISMS controls.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
 
  • Subject Matter Expertise – In-depth knowledge and practical experience with controls defined in ISO/IEC 27002:2022 and their application within ISMS frameworks.
  • Certifications – Recommended certifications include ISO/IEC 27001 Lead Auditor/Implementer, along with familiarity with ISO/IEC 27002.
  • Training & Practical Experience – At least 2–3 years of experience in implementing and coordinating information security controls within organizations, as well as delivering hands-on training.
Objectives to achieve: The course aims to achieve the following objectives:
  • Gain an overview of all 93 controls defined in ISO/IEC 27002:2022, understand their purpose, structure, and classification, and learn how they support the overall objectives of an effective ISMS.
  • Master the principles of aligning controls with risk management results,
  • Learn how to identify, adapt, and coordinate the implementation of controls within the organization,
  • Develop the ability to evaluate control effectiveness through practical exercises,
  • Connect the implementation of controls with the strategic requirements of ISO/IEC 27001 through the role of a controls coordinator.

Compliance Manager for Common security requirements for radio equipment Internet connected radio equipment according to EN 18031-1
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Security Mechanism Implementation – apply EN 18031‑1 security mechanisms (ACM, AUM, SUM, SCM, etc.) in device design and deployment.
  • Risk & Compliance Assessment – evaluate device compliance through defined evaluation criteria and threat analysis.
  • Regulatory Integration – integrate standard implementation into RED compliance and regulatory documentation.
  • Incident & Update Management – develop strategies for secure updates, incident handling, and resilience aligned with the standard.
  • Audit Readiness – prepare devices for conformity assessment, ensuring traceability and evidence for each mechanism.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
  • Basic understanding of information security principles and cyber risk management,
  • Familiarity with standards implementation approaches and regulatory compliance,
  • Awareness of cybersecurity challenges in networked or connected devices.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise – Deep knowledge of EN 18031‑1:2024, including its role in ensuring cybersecurity of internet-connected radio equipment
  • Certifications – Suggested credentials include ISO/IEC 27001 Lead Auditor or Implementer, with additional qualifications in cybersecurity or radio equipment standards.
  • Training & Practical Experience – Minimum of 2–3 years working with cybersecurity regulatory compliance, and experience delivering interactive practical sessions.
Objectives to achieve: The course aims to achieve the following objectives:
  • Understand the scope, key terms, and overarching goals of EN 18031‑1:2024, including its alignment with RED cybersecurity obligations,
  • Interpret specific security mechanisms such as access control, authentication, secure updates, data protection, network monitoring, and assess their role in device cybersecurity,
  • Apply risk assessment techniques and evaluation criteria for compliance with the standard.
  • Develop skills in planning and coordinating implementation of required mechanisms in connected radio devices.
  • Enable participants to manage regulatory compliance and readiness for audits or certification under the RED framework for devices.
Academy of Information Security in Civil Aviation
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Implement and manage ISMS documentation and processes in civil aviation.
  • Conduct risk analysis and compliance assessments based on PART-IS requirements.
  • Plan and perform internal audits for aviation-specific information security systems.
  • Prepare and manage response to information security incidents and business continuity scenarios.
  • Coordinate with aviation authorities and demonstrate regulatory compliance.
  • Lead information security initiatives within aviation organizations.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
  • General understanding of information and cybersecurity principles.
  • Familiarity with aviation processes and operational structure.
  • Basic knowledge of risk and compliance concepts in regulated sectors.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise: Advanced knowledge of ISO/IEC 27001:2022 and ISO 19011, with experience in change control, nonconformity management, and continual improvement processes.
  • Certifications – Recommended credentials include ISO/IEC 27001 Lead Auditor or Implementer, with practical experience in ISMS improvement cycles and corrective action systems.
  • Training & Practical Experience: At least 2–3 years of hands-on experience managing ISMS changes, internal audits, and improvement planning in civil aviation or other regulated industries.
Objectives to achieve: This program is intended to train professionals in the implementation and evaluation of information security in civil aviation according to PART-IS and ISO standards:
 
  • Develop a comprehensive understanding of PART-IS information security obligations and ISO/IEC 27001, ISO/IEC 27005 and ISO/IEC 27035 standards,
  • Enable structured implementation of ISMS controls, audits, risk assessments, and incident response procedures in civil aviation,
  • Build the ability to manage ISMS documentation lifecycle, regulatory communication, and organizational improvement,
  • Strengthen operational readiness for audits, inspections, and post-incident recovery,
  • Train professionals to lead information security coordination roles aligned with PART-IS and EU regulatory requirements.

Management of Changes and Improvements of the Information Security Management System in Civil Aviation
Description: After completing the course, participants will be able to demonstrate the following competences:
 
  • Coordinate and manage ISMS change activities and corrective/preventive actions,
  • Evaluate audit findings and trigger improvement measures based on objective evidence,
  • Maintain structured documentation for tracking changes, nonconformities, and actions taken,
  • Facilitate communication of changes and ensure alignment with ISMS objectives,
  • Contribute to continual improvement and performance evaluation of the ISMS in civil aviation.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
 
  • Basic understanding of ISMS structure and ISO/IEC 27001 clauses,
  • Familiarity with internal audit, nonconformity, and corrective/preventive action terminology,
  • Awareness of civil aviation oversight and documentation processes.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise: Advanced knowledge of ISO/IEC 27001:2022 and ISO 19011, with experience in change control, nonconformity management, and continual improvement processes.
  • Certifications – Recommended credentials include ISO/IEC 27001 Lead Auditor or Implementer, with practical experience in ISMS improvement cycles and corrective action systems.
  • Training & Practical Experience: At least 2–3 years of hands-on experience managing ISMS changes, internal audits, and improvement planning in civil aviation or other regulated industries.
Objectives to achieve: The course aims to achieve the following objectives:
 
  • Understand how to manage changes within the ISMS in accordance with ISO/IEC 27001 and EASA PART-IS expectations,
  • Learn methods for identifying nonconformities, planning corrective actions, and monitoring effectiveness,
  • Develop skills to initiate, control, and document improvement actions across ISMS components,
  • Enable participants to establish effective review cycles, improvement indicators, and change communication processes,
  • Support alignment between ISMS maturity development and aviation sector regulatory obligations.