INFORMATION SECURITY MANAGER IN AVIATION (ACI CERT)

PROFESSIONAL CERTIFICATE COURSE, ACI INFORMATION SECURITY MANAGER DIPLOMA

DELIVERY: CLASSROOM // DURATION: 4 DAYS

This course gives participants an in-depth understanding of the fundamentals for information security management systems based on ISO 27001 standards and the aviation specific standard EN 16495.

UPCOMING SESSIONS:

Dates Location Language Member/WBP Non-Member
09.04. – 12.04.18 Munich Airport German/English tbd. € 3.500,- €
18.06. – 21.06.18 Munich Airport German/English tbd. € 3.500,- €
08.10. – 11.10.18 Munich Airport German/English tbd. € 3.500,- €

LEARNING OBJECTIVES

By the end of this course, students will be able to:

  • Understand the challenges of information security and an information security management system based on ISO 27001 standards and EN 16495
  • Implement an ISMS for aviation organizations
  • Conduct information security risk assessments

TARGET AUDIENCE

Persons in charge for

  • Information Security Management
  • Information Security Risk Management
  • IT Security
  • IT Security Risk Management
  • (Internal) Audit
  • Data Privacy
  • Compliance

COURSE CONTENT

Information and Information Security

  • General introduction
  • Terms and definitions, delimitation to adjacent areas (e.g., privacy protection)
  • Why information security?
  • Legal and regulatory requirements, in general and aviation specific (European Programme for Critical Infrastructure Protection (EPCIP), European Programme for Critical Infrastructure Protection, German IT-Sicherheitsgesetz / Kritis, etc.)
  • Protection of information, protection requirements (confidentiality, availability, integrity, etc.)
  • Standards for information security (ISO 2700x, German BSI Grundschutz, PCI-DSS, aviation specific EN 16495:2014, etc.).

Integrated management system

  • High-level structure of the ISO management system standards
  • Similarities and differences between management system standards on the basis of the standards ISO 9001:2015, ISO 27001:2013 and ISO 22301:2012

Information Security Management based on the 2700x series

  • Introduction to Information Security Management System (ISMS)
  • Core elements of the standard ISO 27001 (PDCA cycle, management framework, Annex A Controls / Measures)
  • In Focus: specific requirements for aviation base on EN 16495:2014
  • BestPractice approach to implement an information security management system based on the ISO 2700x series of standards
  • Organization of information security in the company
  • Policies and processes in the ISMS
  • Measurability & ISMS indicators based on ISO 27004:2009
  • Brief introduction to business continuity management (according to the requirements in A.17 of ISO 27001, ISO 27031 and BSI 100-4).

Information Security Risk Management based on the 2700x series

  • General introduction to risk management
  • Requirements for IS risk management according to ISO 27001, ISO 27005 and other requirements (laws, other standards, etc.)
  • Risk management for information security
  • The risk management process (asset inventory, protection, threats, vulnerabilities, risk, risk treatment)
  • Best practice for risk assessment
  • Treatment of IS risks
  • Selection of measures
  • Detailed explanation of the process using case studies and self-performed risk analysis.

PRE-REQUISITE FOR COURSE REGISTRATION

Should have a basic knowledge of information security and/or IT security.

CERTIFICATION: ACI INFORMATION SECURITY MANAGER DIPLOMA

The ACI Information Security Manager Diploma provides participants with a broad and detailed understanding of implementing and maintaining an information security management system that complies with the international set of standards ISO 27001 and following, aviation specific standard EN 16495 and aviation industry best practices.

Register here for this training:


Felix Möckel
Datenschutzbeauftragter

Wir nehmen Datenschutz ernst! Deshalb informieren wir Sie, was mit Ihren Daten geschieht:

  • Daten aus Formularen und Webseiten-Tracking können von uns zur Analyse gespeichert werden
  • Die Daten können zur Optimierung der Webseite ausgewertet werden. Das ermöglicht es uns, besser zu verstehen, wo das Interesse unserer Besucher liegt. Wir benutzen primär Hubspot für dieses Tracking (mehr dazu finden Sie in der Erklärung auf unserer Datenschutzseite, siehe unten)
  • Wir geben Ihre Daten nicht an Dritte weiter. Im Rahmen von Veranstaltungen, an denen Sie teilnehmen möchten, kann es nötig sein, dass Ihre Daten an Vertragspartner übermittelt werden.

Weitere Details dazu, was wir mit den Daten tun und nicht tun finden Sie auf unserer Datenschutzseite, oder schreiben Sie mich bei Fragen direkt an!

2017-11-22T12:09:00+00:00 27. Oktober 2017|
iT-CUBE
X