Skip to main content
NITA AccreditedAdvancedPhysical + Virtual5 daysTOC&831

Training on Cybersecurity & Information Governance: Legal Risk and ISO Records Compliance

Comprehensive training on cybersecurity, information governance, and ISO records compliance to reduce legal and regulatory risks.

Next intake

20 Jul 2026 · Nakuru

View all dates

Duration

5 days

Live instruction

Delivery

Physical + Virtual

Cohort based

Level

Advanced

Working professionals

Certification

NITA reimbursable

For Kenyan cohorts

Language

English

All materials

Overview

About this programme

Organizations today must protect sensitive data while meeting strict regulatory and ISO compliance requirements. This course equips participants with the knowledge and skills to integrate cybersecurity practices with information governance strategies. It emphasizes legal risk management, ISO standards, and practical frameworks for building resilient and compliant governance systems. Case studies from different industries are used throughout to bring concepts to life and provide actionable insights.

Duration

5 Days

Who Should Attend

  • Information governance officers and records managers

  • Cybersecurity and IT security professionals

  • Compliance, legal, and risk management officers

  • ISO auditors, consultants, and quality managers

  • Executives and managers overseeing data and information security

Learning outcomes

What you'll walk away with

By the end of this course, participants will be able to:

  • Understand the intersection of cybersecurity, governance, and legal risk.

  • Apply ISO standards (ISO/IEC 27001, ISO 15489, ISO 30301) to records and governance practices.

  • Identify and mitigate legal risks associated with information management.

  • Implement information governance frameworks to protect sensitive data.

  • Align cybersecurity practices with compliance and risk management strategies.

  • Design governance models that balance business efficiency with legal accountability.

Course modules

What we cover, module by module

Module 1: Foundations of Cybersecurity and Information Governance

  • Principles of information governance in the digital environment
  • Cybersecurity risks and threats affecting governance frameworks
  • Emerging legal, regulatory, and operational risks in information management
  • Case Study: Governance failures caused by weak cybersecurity controls
  • Practical: Identify governance and cybersecurity risks within an organization

Module 2: ISO Standards and Records Compliance

  • Overview of ISO/IEC 27001, ISO 15489, and ISO 30301 standards
  • Aligning records management practices with compliance requirements
  • Managing records lifecycle, retention, access, and accountability
  • Case Study: Implementing ISO aligned records management frameworks
  • Practical: Develop a records retention and compliance matrix

Module 3: Legal Risk Management in Information Governance

  • Understanding global legal and regulatory frameworks including GDPR, HIPAA, CCPA, and NIS
  • Managing liabilities, legal risks, and records as evidence
  • Addressing cross border data governance and jurisdictional challenges
  • Case Study: Legal disputes and penalties arising from governance failures
  • Practical: Conduct a legal and compliance risk assessment for information governance

Module 4: Integrating Cybersecurity with Information Governance

  • Designing governance frameworks with embedded cybersecurity controls
  • Data classification, secure retention, and disposal practices
  • Auditing, monitoring, and compliance reporting for governance effectiveness
  • Case Study: Integrating governance and cybersecurity in regulated industries
  • Practical: Design a secure information governance framework for an organization

Module 5: Governance in Practice Frameworks and Action Planning

  • Lessons from successful and failed governance initiatives
  • Developing compliance and governance policies aligned with organizational goals
  • Creating roadmaps for ISO aligned governance and risk management
  • Case Study: Information governance transformation in a complex organization
  • Practical: Capstone exercise: Develop an ISO aligned governance, compliance, and cybersecurity action plan
Impact

Where the change lands

Organization Impact

  • Stronger compliance with ISO standards and legal frameworks

  • Reduced exposure to cybersecurity breaches and legal risks

  • Improved trust and accountability in information governance

  • Better alignment between records management, IT, and legal teams

Individual Impact

  • Practical skills in managing legal and ISO compliance risks

  • Ability to design and implement effective governance policies

  • Deeper understanding of cybersecurity and records management integration

  • Professional growth in governance, compliance, and security leadership roles

Dates and locations

Upcoming intakes

Every intake is limited to a small cohort. Booking closes when a date fills or three weeks before the start, whichever comes first.

Full calendar
FAQs

Common questions.

Still not sure? Send us a note and a facilitator will get back to you within a business day.

It covers both, but emphasizes governance frameworks where legal, ISO, and cybersecurity overlap.

Course finder

Find the right course for you

Prefer to talk it through? Send us an enquiry and a facilitator will scope a fit within a business day.

For corporate teams

Training 10+ professionals?

We deliver Training on Cybersecurity & Information Governance: Legal Risk and ISO Records Compliance in-house at your offices, at a venue we arrange, or fully virtual. Customise the curriculum against your KPIs, and get a bespoke price for the cohort size you need.