Information Security ISO 27001 & Risk ISO 31000 & BCM ISO 22301 (5 days)

East Africa:  5-day Information Security, Risk Management and/or BCM Training incl optional ISO 27001/ ISO 31000 / ISO 22301 exam(s)

“These courses are very relevant and informative and easily applicable in our workplace. The facilitator is also very knowledgeable and eloquent.” – J. Nyaboke, Central Bank of Kenya

“Very lively training program for Risk management practitioners, done by an articulate, knowledgeable and supportive trainer” – S. Kyeyune, Pride Microfinance Ltd, Uganda

Enquire about our next Kenya/Uganda/Tanzania dates coming up.

Save my seat now

About the training

If you are keen to certify your Information Security (IS), Risk Management and/or Business Continuity Management (BCM) skills, join this 5-day ISO 27001 & ISO 31000 & ISO 22301 course including optional ISO 27001 and/or ISO 31000 and/or ISO 22301 Foundation, Lead Implementer, Manager and/or Lead Auditor exam(s). These ISO standards are rapidly becoming the default standard in Information Security and Risk.

This course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013, as well as world class techniques for implementing a Risk Management process as specified in ISO 31000 and BCM according to ISO 22301 within their organisation. This training is based on both theory and practice; lectures illustrated with examples based on real cases. During the training, a range of practice exercises are worked through, to also assist with the exam preparation.

The trainer is Master level certified in ISO 27001 and ISO 22301, Lead Risk Manager ISO 31000 and also certified Lead Cyber Security Manager in the brand new ISO27032 standard. The course includes a range of Cyber Crime (i.e. malware, data breach etc) case studies as well as a practical exercise ’How to prepare for and facilitate a Business Continuity Rehearsal including a Cyber Threat scenario’.

Learning objectives

  • To understand the implementation of an Information Security Management System,  Risk Management and/or BCM in accordance with ISO/IEC 27001, ISO 31000 and/or ISO 22301.
  • To understand the relationship between an Information Security Management, Risk Management, BCM, controls and compliance with the requirements of different stakeholders of the organisation.
  • To know the concepts, approaches, standards, methods and techniques allowing to effectively manage and audit the Information Security Management, Risk Management and/or BCM processes.
  • To acquire the necessary knowledge to contribute in implementing and auditing Information Security, Risk Management and/or BCM.
    Get hands-on experience through group discussions, practical exercises, role plays, video reviews and management games.

Optional ISO 27001, ISO 31000 and/or ISO 22301 Foundation / Lead Implementer / Lead Auditor exam(s)

The examinations are governed by the international certification body PECB but facilitated by Business As Usual. If you choose to do both Lead exams, and pass them both, you can also apply for the Master level, an unusual achievement!

We are proud to report that 99% of our delegates who have participated in the certification courses and taken the exams since we’ve started hosting them, have passed their exam and obtained the internationally acclaimed  ISO certificates. Become one of them! Foundation candidates even receive lifetime free recertification.

For more information about ISO/IEC 27001, ISO 31000 and/or ISO 22301 certifications and the PECB certification process, refer to

Key benefits of choosing us as your provider

1) The examination is provided by the international PECB certification body (not just a local training company). Your certificates are
recognised wherever you may travel in the world and by multinational companies, and the PECB institute is ANSI certified.
2) The training is delivered by an international expert trainer from Business As Usual, who have implemented Risk related processes across 5 continents and deliver courses in an engaging way, ensuring an optimal learning experience.

 Who should attend?

  • Members of Information Security teams and/or Risk Management and BCM teams
  • IT Professionals wanting to gain a comprehensive knowledge of the main processes included in an Information Security Management System (ISMS)
  • Any departmental managers handling information and/or involved in critical business processes
  • Staff involved in the implementation of the ISO/IEC 27001, ISO 22301 and/or ISO 31000 standards
  • Emergency Management consultants and staff
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the governance of an enterprise and the management of its risks.

Get trained by the best…

  • Trainer trained 1000+ individuals across Australasia, Europe, South America and AfricaRinske Geerlings
  • Consulted to 100+ companies regarding their Business Continuity, Disaster Recovery, Information Security and Risk Management challenges
  • Presented at conferences globally, totalling 10,000+ delegates.

 Benefits of the program and learning about the world’s best practice

  • Meeting regulatory requirements
  • Achieving insurance premium discounts
  • Gaining competitive advantage when responding to Requests for Tender/Proposal (RfPs)
  • Reducing risks, and improving the capability of your organisation to continue critical activities ’no matter what’
  • Providing shareholders, customers, employees, 3rd parties and general public with confidence in your business
  • Ensuring common terminology/language about Information Security, BCM and Risk Management across your organisation
  • Enhancing motivation of your teams to perform well in regards to IS and Risk workshops and improvements
  • Increase control over Risk/Security Management processes and improve your ability to measure progress.


The training is organised in Kampala (Uganda), Nairobi (Kenya) and Dar es Salaam (Tanzania) and is designed for professionals and managers in East Africa ‘and beyond’. Do you reside or work in Kenya, Uganda, Tanzania, Burundi, Ethiopia or Rwanda? Then this course in East Africa is designed for you. Local case studies and business examples from the East African region are included.

More information

For any in-house options and international dates of this program anywhere in the world, please submit an enquiry. Workshops in other cities in Australia, New Zealand, Africa, Europe, Latin America and Asia are held at request. Special rates apply when multiple delegates from one organisation register.

Send us an email: or call us for more information: +61 (0) 2 8006 2884.

Next dates

Enquire about our next Kenya/Uganda/Tanzania dates coming up.

For any in-house options and international dates of this program anywhere in the world, submit an enquiry. Workshops in other cities in Australia, New Zealand, Africa, Europe, Latin America and Asia are held at request.