BACK

TRAINING COURSE

Aviation Information Security Management (ISM)

Introduction

The risks to an aviation organisation’s information systems are very real and although many incidents may have only a minor impact, some have the potential to cause much greater damage or loss, significantly affecting the organisation’s operational performance and reputation. It is therefore essential that such risks are identified, understood and appropriately managed.

Information assurance is the confidence that information assets will protect the information they handle and will function as they need to, when they need to, under the control of legitimate users. This is integral to an organisation’s business strategy and business planning. Information systems are intrinsically linked to most organisations’ ability to perform their business function and hence the protection of these assets is critical to the organisation's duty of care and governance.

The course will provide an awareness of current strategies and counter-measures and enable participants to carry out an assessment of information security risks in their own organisation/department. Participants will have a broad awareness of the current and emerging security risks and be able to conduct a risk assessment, review existing arrangements within their organisation and carry out basic actions to improve the security of their information. It will also enable them to take positive action in the event of a breach of security.

 

Course Content

  • To analyse the basic concepts of information security together with the main terms in common international usage;
  • To master risk assessment and management as it applies to information security;
  • To explain how risk management should be implemented in an organisation;
  • To appreciate and analyse the general principles of information security laws and legal jurisdiction;
  • To evaluate procedural and people security controls;
  • To evaluate technical security controls;
  • To evaluate physical and environmental security controls

Participants will be able to demonstrate knowledge and understanding of information security management principles and techniques. This will include information security management legislation and regulations, current business and common technical environments in which information security operates,  the categorisation, operation and effectiveness of controls of different types and characteristics.

Learning Objectives

By the end of this course, you should have:

    • To analyse the basic concepts of information security together with the main terms in common international usage;
    • To master risk assessment and management as it applies to information security;
    • To explain how risk management should be implemented in an organisation;
    • To appreciate and analyse the general principles of information security laws and legal jurisdiction;
    • To evaluate procedural and people security controls;
    • To evaluate technical security controls;
    • To evaluate physical and environmental security controls

    Participants will be able to demonstrate knowledge and understanding of information security management principles and techniques. This will include information security management legislation and regulations, current business and common technical environments in which information security operates,  the categorisation, operation and effectiveness of controls of different types and characteristics.

Who should take this course

Airlines, aviation authorities, ground handling, airport operators, suppliers, law enforcement, immigration authorities, aviation shopping outlets

Pre-requisites

Essential:

None. The course is an awareness-raising course and has universal relevance to all organisations and individuals working in the aviation sector.