Part-IS: Implementation of EASA-Compliant Information Security Management System (ISMS)
Build competence to implement and maintain an ISMS in line with EASA Part-IS requirements, integrating security, safety, and compliance in aviation operations.
@ Aeroclass
Course description
The implementation of an Information Security Management System (ISMS) is a key requirement for European aviation organizations under the new EASA Part-IS framework. This training provides participants with the knowledge and tools to design, implement, and manage an ISMS that protects aviation operations against information security risks.
Participants will explore the fundamentals of information security, international standards and frameworks, and the regulatory background of EASA Part-IS. Practical exercises and real-world examples will help learners understand how to assess and treat risks, define responsibilities, develop policies, and respond effectively to security incidents. The training also emphasizes integration with existing safety and compliance management systems to ensure a holistic approach to risk management.
By the end of this class, participants will be prepared to contribute to the implementation and continuous improvement of an ISMS in line with EASA’s regulatory requirements.
Learning outcomes
At the end of this class, participants will be equipped to:
- Explain the role of information security in aviation and its link to safety and operations
- Describe the regulatory framework and requirements of EASA Part-IS
- Apply international standards (ISO 27001, NIST) and principles of information security management
- Conduct risk assessment and implement appropriate risk treatment strategies
- Establish and maintain an EASA Part-IS compliant ISMS framework
- Define roles, responsibilities, and policies for effective ISMS governance
- Integrate ISMS with SMS and other aviation management systems for stronger resilience
Meet your instructor
Vidas Kaupelis
Vidas is an aviation expert with a broad background in various aviation management roles. Over last 10 years he has gained practical hands-on experience in safety, security and compliance management working for:
- Small Planet Airlines Group as Head of Safety and Aviation Security
- Civil Aviation Authority of Lithuania as Head of Flight Operations Oversight Division
- Civil Aviation Authority of Lithuania as Safety and Compliance Management Systems Inspector
- KlasJet as Head of Safety, Compliance and Aviation Security
- BAA Training Aviation Academy as Head of Safety
Before moving to aviation Safety and Compliance domain, Vidas started his career in commercial aviation as Head of Information Technology for Small Planet Airlines Group. This is preceded by spending over 15 years as Information Technology professional, managing and administering IT systems, networks and infrastructures for such companies as:
- IBM
- Elli Lilly and Company
- Paroc Group
Vidas is a skilled presenter and coacher of aviation risk management and contingency planning concepts and best practices illustrated by real-life methods, examples and solutions. Additionally, he has solid experience in public relations, communications and media relations field, which provides him with expertise and unique perspective in crisis management and communication disciplines.
This diverse experience equips Vidas with a blend of expertise from both – Information Technology and aviation operational and regulatory domains. It allows Vidas to instruct not only on SMS and Crisis Management disciplines but enables him to deliver world-class Aviation Cybersecurity courses for aviation organizations which contextualize in terms of existing safety, security and compliance management systems.
Why you should attend?
EASA’s new Part-IS regulations (EU 2023/203 and EU 2022/1645) establish mandatory requirements for aviation organizations to manage information security risks, detect and respond to incidents, and ensure cyber resilience. Compliance deadlines are approaching fast:
- October 16, 2025 for design and production organizations, aerodrome operators, and apron management providers
- February 22, 2026 for air operators, maintenance organizations, training providers, and others under the implementing act
This training will help your organization prepare for compliance and strengthen resilience against evolving cyber threats.
Related courses
Aeroclass offers online courses from leading industry professionals. Learn anytime, anywhere, and master practical skills to advance your career.
Cybersecurity in Aviation
- Online or On-site
Learn about various types of cyber threats, risk management and mitigation strategies and best practices in cybersecurity, tailored to the unique needs of aviation industry.
Crisis Management and Communication in the Airline Environment
- Online or On-site
Be prepared! Acquire the necessary knowledge, skills, and attitudes to effectively manage crises and emergencies in the airline environment.
Safety Investigation Report Writing
- Video Course
Writing a safety investigation report is a key element of the investigation process. No matter how much time, effort or funding has gone into an investigation a poorly written report will devalue the entire investigation process.
The Flightpath to a Greener Industry: Environmental Challenges & Initiatives in Aviation
- Video Course
Discover how aviation is tackling environmental challenges through innovation, sustainability, and new technology.
A Beginner’s Guide to Aviation MRO
- Animated Course
Discover the world of aviation MRO with this animated video course: familiarize yourself with the fundamentals of aircraft maintenance and get an overview of the most common MRO business models.
Digital Customer Relationship Management Strategies to Boost Direct Sales - Practice
- Online or On-site
Explore and optimize every stage of the customer journey to strengthen direct sales channels and generate additional revenue opportunities.
