Information Security ISO 27001 & Risk Management ISO 31000 (5 days)

East Africa: 5 day Information Security & Risk Management Training incl optional ISO 27001/ ISO 31000 exam(s)

“These courses are very relevant and informative and easily applicable in our workplace. The facilitator is also very knowledgeable and eloquent.” – J. Nyaboke, Central Bank of Kenya

“Very lively training program for Risk management practitioners, done by an articulate, knowledgeable and supportive trainer” – S. Kyeyune, Pride Microfinance Ltd, Uganda

About the training

If you are keen to certify your Information Security (IS) and Risk Management skills, join this 5-day ISO 27001 & ISO 31000 course including ISO 27001 and/or ISO 31000 Foundation, Lead Implementer, Manager and/or Lead Auditor exam(s). These ISO standards are rapidly becoming the default standard in Information Security and Risk.

This course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013, as well as the best practices for implementing a Risk Management process as specified in ISO 31000 within their organisation. This training is based on both theory and practice; sessions of lectures illustrated with examples based on real cases. During the training review exercises are organised to assist the exam preparation. These practice tests are similar to the certification exams.

The trainer is also trained in the brand new ISO27032 Cyber Security standard and will incorporate related content into the course. The course also includes a range of Cyber Crime (i.e. malware, data breach etc) case studies as well as a practical exercise “How to prepare for and facilitate a Business Continuity Rehearsal including a Cyber Threat scenario”.

Learning objectives

  • To understand the implementation of an Information Security Management System and Risk Management in accordance with ISO/IEC 27001 and ISO 31000.
  • To understand the relationship between an Information Security Management, Risk Management, controls and compliance with the requirements of different stakeholders of the organisation
  • To know the concepts, approaches, standards, methods and techniques allowing to effectively manage and audit the Information Security Management and BCM processes
  • To acquire the necessary knowledge to contribute in implementing and auditing Information Security Management and BCM.
    Get hands-on experience through group discussions, practical exercises, role plays, video reviews and management games.

Exam ISO 27001 or ISO 31000 Foundation / Lead Implementer / Lead Auditor exam(s)

The examinations are governed by the international certification body PECB but facilitated by Business As Usual. If you choose to do both Lead exams, and pass them both, you can also apply for the Master level, an unusual achievement!. We are proud to report that 99% of our delegates who have participated in the certification courses and taken the exams since we’ve started hosting them, have passed the exam and obtained the internationally acclaimed ISO22301, ISO27001 or ISO31000 certificates. Become one of them! Foundation candidates receive lifetime free recertification.

For more information about ISO/IEC 27001 and ISO 31000 certifications and the PECB certification process, refer to

Key benefits of choosing us as your provider

1) The examination is provided by the international PECB certification body (not just a local training company). Your certificates are
recognised wherever you may travel in the world, and by multinational companies, and the PECB institute is ANSI certified.
2) The training delivered by an international expert trainer from Business As Usual, who have implemented Risk related processes across 5 continents and deliver courses in an engaging way ensuring an optimum learning experience.

 Who should attend?

  • Members of Information Security teams and/or Risk Management teams.
  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
  • Any departmental managers handling information and/or involved in critical business processes
  • Staff involved in the implementation of the ISO/IEC 27001 standard and/or ISO 31000
  • Emergency Management consultants and staff
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the governance of an enterprise and the management of its risks.

Get trained by the best…Rinske Geerlings

  • Trainer trained 1000+ individuals across Australasia, Europe and Africa
  • Assisted as a consultant 100+ companies with their Business Continuity, Disaster Recovery, Information Security and Risk Management challenges
  • Presents at conferences globally, totaling 10,000+ delegates

 Benefits of the program, and learning about the world’s best practice 

  • Meeting regulatory requirements
  • Achieving insurance premium discounts
  • Gaining competitive advantage when responding to Requests for Tender/Proposal (RfPs)
  • Reducing risks, and improving the capability of your organisation to continue critical activities “no matter what”
  • Providing shareholders, customers, employees, 3rd parties and general public with confidence in your business
  • Ensuring common terminology/language about Information Security and BCM across your organisation
  • Enhancing motivation of your teams to perform well in regards to IS and BCP/BIA workshops and improvements
  • Increase control over BC/DR/Risk/Security Management processes and improve ability to measure progress.


The training is organised in Kampala, Uganda and is designed for professionals and managers in East Africa. Do you reside or work in Kenya, Uganda, Tanzania, Burundi, Ethiopia or Rwanda? Then this course in East Africa is designed for you. Local case studies and business examples from the East African region.

More information

For any in-house options and international dates of this program anywhere in the world, submit an enquiry. Workshops in other cities in Australia, New Zealand, Africa, Europe, Latin America and Asia are held at request. Special rates when multiple delegates from one organisation register. Information about fees can be found here.

Send us an email: or call us for more information: +61 (0) 2 8006 2884. Click here to register for this training! We’re here to help!