Introduction 
This course aims to assist aviation professionals with the implementation of an Information Security Management System (ISMS) within their organizations, in order to ensure that they are prepared for the latest information security requirements.
This course provides participants with the knowledge, skills, and attitude to implement the ISMS. It delivers a holistic understanding of ISMS objectives, regulatory requirements, and implementation strategies, ensuring compliance with the relevant regulatory frameworks. Participants will explore each requirement in detail, and will engage in interactive exercises, discussions, and breakout sessions to apply the learning to their respective entity.
 Course Content 
Module 1 - Introduction
An introduction to the course providing participants with an overview of the Modules
Module 2 – PART IS Overview
-         Information Security Management Systems overview and what is sets out to achieve,
-         The rationale behind  PART IS ,
-         The relationship between safety, security and Information security and why this is important for PART IS, including from a personnel point of view.
-         Brief reference to the requirements, and the difference between implementation and operation
-         Elements to consider to implement PART IS including  proportionality and integration.
Module 3  – Regulatory Requirements
-         Overview of th PART IS regulatory framework
-         Relationship between   security regulations, NIS 2 and PART IS due to the possible overlap and reference to compliance 
Module 4 – Requirements
-         This module will focus on each requirement topic, the AMC and GM, relative to Part IS AR / Part IS OR, and the way forward for implementation.
-         More specifically, it will deal with the following:
- Policy
- Awareness and training
- Information security risk assessment
- Information security risk treatment
- Information security internal reporting scheme
- Information security incidents – detection, response, and recovery
- Response to findings notified by the competent authority
- Information security external reporting scheme
- Contracting of information security management activities
- Personnel requirements
- Record-keeping
- Information security management manual (ISMM)
- Changes to the information security management system
- Continuous improvement
Module 5 – Way forward
-         Take aways
-         Gaps
-         Synergies
-         Conclusion
 Learning Objectives 
Upon completing this course, you will be able to:
- Develop a comprehensive understanding of PART IS, with a focus on its practical implementation.
- Identify what synergies could be created between the existing elements in your organization with the requirements under PART IS.
- Analyze other regulatory frameworks requirements to determine possible  pre existing compliance obligations.
- Identify and address gaps between existing practices and regulatory expectations in alignment with EASA PART IS.
Who should take this course 
Personnel engaged in the implementation of the PART IS within organisations (as specified within the regulatory framework) and competent authorities.
This would include the Accountable Manager, the Common Responsible Person, as well as the person or group of persons appointed to implement the requirements of the PART IS, as well as the person or group of persons responsible for compliance monitoring
 Pre-requisites 
Participants attending this course should be familiar with their organization’s information security framework (if applicable), including relevant legal and regulatory requirements, to support effective comparison and implementation planning.
The essential prerequisite for this course is the following:
- Working knowledge on the PART-IS Framework and its key principles. 
Previous training on the topic is desirable, but not essential. 
Participants are kindly requested to bring a laptop to access the materials which will only be provided in electronic format.
 Duration 
4 Days: 09:00 – 17:00 hrs.