GALIOT ISMS - Information Security Management System to address EASA Part-IS mandate!

This purpose-built solution is designed to help airlines, helicopter operators, airports, MROs, and ground handling companies effectively meet the stringent new requirements of the European Union Aviation Safety Agency's (EASA) Part-IS regulation.

The introduction of the mandatory EASA Part-IS framework represents a significant shift for the aviation industry, requiring organizations to manage information security risks with the same rigor as aviation safety.
Recognizing that safety and security are deeply interconnected, GALIOT Aero has developed GALIOT ISMS to be fully integrated with its trusted GALIOT SMS - Safety Management System, creating a single, unified platform for holistic risk management.

Our clients have been clear: the EASA Part-IS mandate is a top priority, but they are concerned about managing another siloed system.
Therefore, we didn't just build a new tool; we built a truly integrated solution. By linking safety and security at the core level, we empower our partners to break down departmental barriers, achieve a comprehensive view of their risk landscape, and ensure compliance with confidence."

A Unified Approach to Safety and Security!

GALIOT ISMS eliminates redundant processes and data fragmentation. By integrating directly with the existing safety management framework, it provides unprecedented benefits:

Unified Reporting Stream:
Seamlessly manage both safety and security reports in one ecosystem.
The system allows for the intelligent forwarding or redirecting of reports between safety and security departments, ensuring every issue is handled by the right team without delay.

Holistic Risk Management:
For the first time, organizations can share threats and consequences between Safety and Security Bow-Tie risk assessments. This provides a 360-degree view of operational risks, recognizing that a security threat can have direct safety implications and vice versa.
The risk assessment methodology is based on the proven U.S. National Institute of Standards and Technology (NIST 800-30) framework.

Built for Compliance:
GALIOT ISMS is engineered to meet multiple international standards out-of-the-box, including EASA Part-IS, ISO/IEC 27001:2022 standards, ensuring your organization is prepared for any audit.

Seamless Integration, Secure Separation:
While the user management and database are fully integrated, the system maintains strict access control.
Separate permissions for safety and security personnel ensure that sensitive data is only visible to authorized users, guaranteeing confidentiality and integrity.

Integrated modules

- GALIOT SeSR - Security Reporting and Investigation
- GALIOT SeRM - Security Risk Management and Management of Change
- GALIOT SeAD - Security Audits and Findings Management
- GALIOT SePM - Security Performance Measurement and Monitoring

Join us at the International Aviation Safety Summit in Lisbon, Portugal, Nov 4-6