Leadership, People, and Organizational Management Botswana

Cybersecurity, Information Governance, Legal Risk Training Course

Cybersecurity Information Governance is the strategic alignment of information security, legal compliance, and data management. It involves the implementation of policies, processes, and controls to manage information as a strategic asset while mitigating the risks associated with data breaches and regulatory non-compliance. Professionals use this discipline to protect intellectual property, ensure cross-border data sovereignty, and maintain a legally defensible security posture. Do you know if your current data retention policies would withstand a forensic audit during high-stakes litigation? As organizations face an era of AI-driven threats and accelerating regulatory fragmentation, the gap between basic IT security and comprehensive legal defensibility is widening.

This course serves as the bridge from technical security aspirations to evidence-based governance action. Can you demonstrate to your board that your cybersecurity controls are mapped directly to your legal risk profile? Designed for Data Protection Officers, Corporate Counsel, and Information Security Managers, this program provides the tools to build a robust framework using the NIST Cybersecurity Framework 2.0 and ISO/IEC 27001:2022. You will move beyond theoretical awareness to produce tangible outputs such as Data Privacy Impact Assessments (DPIA) and integrated risk registers. By the end of this training, you will possess the capability to lead cross-functional initiatives that satisfy both the Chief Information Security Officer and the General Counsel.

Duration
10 Days
Duration
Certificate
Certificate
Included
Delivery
Instructor-Led
Delivery
Level
Intermediate To Advanced
Level
Download Brochure

Choose Your Preferred Training Format

Training Options

Reserve Your Spot Today — Pay When You're Ready!

Classroom Training

In-person sessions at premier locations

Nairobi Kenya
Mon - Fri
10 Days
USD 3,200
View Sessions
Kigali Rwanda
Mon - Fri
10 Days
USD 3,800
View Sessions
Dubai United Arab Emirates (UAE)
Mon - Fri
10 Days
USD 8,200
View Sessions
Zanzibar Tanzania
Mon - Fri
10 Days
USD 4,800
View Sessions
Customized Content
Team Training
Flexible Dates

In-person training at our premier venues — pick a city and date that works for you.

Location Duration Fee Language
Nairobi, Kenya Mon - Fri (10 Days) USD 3,200 English See dates & reserve →
Kigali, Rwanda Mon - Fri (10 Days) USD 3,800 English See dates & reserve →
Dubai, United Arab Emirates (UAE) Mon - Fri (10 Days) USD 8,200 English See dates & reserve →
Zanzibar, Tanzania Mon - Fri (10 Days) USD 4,800 English See dates & reserve →
Addis Ababa, Ethiopia Mon - Fri (10 Days) USD 4,900 English See dates & reserve →
Abuja, Nigeria Mon - Fri (10 Days) USD 5,600 English See dates & reserve →
Mombasa, Kenya Mon - Fri (10 Days) USD 3,400 English See dates & reserve →
Cape Town, South Africa Mon - Fri (10 Days) USD 7,800 English See dates & reserve →
Johannesburg, South Africa Mon - Fri (10 Days) USD 7,000 English See dates & reserve →
Kampala, Uganda Mon - Fri (10 Days) USD 3,800 English See dates & reserve →
Pretoria, South Africa Mon - Fri (10 Days) USD 6,600 English See dates & reserve →
Lagos, Nigeria Mon - Fri (10 Days) USD 5,000 English See dates & reserve →
Arusha, Tanzania Mon - Fri (10 Days) USD 4,000 English See dates & reserve →
Dar es Salaam, Tanzania Mon - Fri (10 Days) USD 3,800 English See dates & reserve →
Accra, Ghana Mon - Fri (10 Days) USD 7,600 English See dates & reserve →
Naivasha, Kenya Mon - Fri (10 Days) USD 3,400 English See dates & reserve →
Nakuru, Kenya Mon - Fri (10 Days) USD 3,200 English See dates & reserve →
Kisumu, Kenya Mon - Fri (10 Days) USD 3,300 English See dates & reserve →

Live, instructor-led sessions you can join from anywhere — pick the next start date below.

Code Start Date End Date Duration Fee
No Data

Our instructor comes to your office — same curriculum and accredited certificate, with case studies built around the work your team actually does.

Team Training

Train your entire team together in a familiar environment for better collaboration

Fully Customized

Content tailored to your industry, tools, and specific business challenges

Cost Effective

Save on travel & accommodation costs when training multiple employees

Flexible Scheduling

Choose dates that work best for your team's availability and projects

How It Works
1
Request a Quote

Tell us about your team size, preferred dates, and training goals

2
Get a Custom Proposal

Receive a tailored training plan and competitive pricing within 24 hours

3
We Come to You

Our certified trainer arrives ready to deliver impactful, hands-on training

Ready to upskill your team on Cybersecurity, Information Governance, Legal Risk Training?

No commitment required · Response within 24 hours

What You'll Master in This Training

Built by industry pros — practical insights, real-world examples, and strategies you can apply immediately.

Module 1: Information Governance Foundations and NIST Frameworks

  • Evolution of Information Governance in the digital enterprise
  • NIST Cybersecurity Framework 2.0 core functions and profiles
  • Alignment of security controls with corporate risk appetite
  • Roles and responsibilities in the governance ecosystem
  • Exercise: Build a NIST-aligned security profile for a critical asset
  • ISO/IEC 27001:2022 Information Security Management Systems (ISMS)
  • Mapping ISO controls to legal and regulatory requirements
  • Developing a Statement of Applicability (SoA) for governance
  • Continuous improvement cycles in security governance
  • Comparative analysis of GDPR, CCPA, and emerging privacy laws
  • Legal definitions of personal data and sensitive information
  • Enforcement trends and the cost of regulatory non-compliance
  • Managing cross-border data transfers and adequacy decisions
  • Exercise: Draft a regulatory compliance matrix for a global operation
  • Techniques for automated data discovery and classification
  • Building and maintaining an Information Asset Register
  • Data flow mapping for privacy and security visibility
  • Identifying 'Shadow IT' and unstructured data risks
  • Exercise: Create a data flow diagram for a core business process
  • CIS Critical Security Controls for effective cyber defense
  • Zero Trust Architecture (ZTA) principles in governance
  • Identity and Access Management (IAM) as a governance control
  • Encryption standards for data at rest and in transit
  • Exercise: Design a multi-layered control strategy for sensitive data
  • The 7 Principles of Privacy by Design (PbD)
  • Conducting Data Privacy Impact Assessments (DPIA)
  • Privacy Engineering and technical privacy controls
  • Managing Data Subject Access Requests (DSAR) at scale
  • Exercise: Complete a DPIA for a new AI-driven analytics tool
  • Developing a legally defensible Incident Response Plan (IRP)
  • Forensic readiness and evidence preservation protocols
  • Regulatory notification timelines and communication strategies
  • Post-incident analysis and governance remediation
  • Exercise: Simulate a breach response and draft a regulatory notice
  • The Electronic Discovery Reference Model (EDRM) lifecycle
  • Legal hold procedures and spoliation risk management
  • Data collection and preservation in cloud environments
  • Technology-Assisted Review (TAR) and predictive coding
  • Exercise: Develop a legal hold workflow for a litigation scenario
  • Third-Party Risk Management (TPRM) frameworks
  • Security clauses in vendor contracts and SLAs
  • Conducting remote and on-site vendor security audits
  • Managing fourth-party and supply chain dependencies
  • Exercise: Evaluate a vendor security assessment for high-risk services
  • Governance frameworks for Generative AI and Machine Learning
  • Managing algorithmic bias and data privacy in AI models
  • Legal implications of AI-generated content and IP
  • Automated compliance monitoring and reporting tools
  • Exercise: Draft an AI Acceptable Use Policy for the enterprise
  • ISO 15489 standards for records management
  • Developing defensible data retention and disposal schedules
  • Strategies for data minimization and 'de-identification'
  • Managing legacy data and decommissioning systems
  • Exercise: Design a data retention schedule for HR and Finance records
  • Internal audit techniques for information governance
  • Continuous monitoring using GRC (Governance, Risk, Compliance) tools
  • Developing governance dashboards and maturity metrics
  • Preparing for external certification and regulatory audits
  • Exercise: Build a governance scorecard using COBIT 2019 metrics
  • Communicating cyber risk in financial and legal terms
  • Building a business case for governance investments
  • Managing stakeholder pushback and organizational change
  • Reporting to the Board of Directors and Audit Committees
  • Exercise: Create a 5-slide executive briefing on a critical cyber risk
  • Prioritizing governance initiatives based on risk impact
  • Resource allocation and cross-functional team building
  • Measuring the ROI of Information Governance programs
  • Final course review and certification preparation
  • Exercise: Develop a 24-month Integrated Governance Roadmap

Drop Us a Query

Fill out the form below and we'll get back to you.

About the Course

The modern enterprise operates in a complex ecosystem where data is both the primary value driver and the most significant legal liability. Organizations require results they can prove in the domains of privacy, security, and discovery. To succeed, you must demonstrate mastery in five core areas: information asset mapping, regulatory gap analysis, cybersecurity control implementation, e-discovery readiness, and third-party risk oversight. This course utilizes the Electronic Discovery Reference Model (EDRM) and COBIT 2019 to provide a structured system for managing these competing priorities. You will practice hands-on application of the FAIR (Factor Analysis of Information Risk) methodology to quantify digital threats in financial terms.

During this intensive 10-day program, you will gain a comprehensive toolkit for navigating the intersection of technology and law. What you will learn includes the ability to design a Privacy by Design framework, conduct automated data discovery, and build a legally defensible incident response plan. You will be introduced to AI-powered governance tools and blockchain-based audit trails at an overview level, while focusing your hands-on practice on building Information Asset Registers and Compliance Matrices. This course is specifically designed for professionals who must deliver measurable risk reduction under the constraints of limited budgets and evolving international standards.

Target Audience

This program is tailored for mid-to-senior level professionals responsible for the intersection of data security, legal compliance, and corporate governance.

This course is designed for:

  • Data Protection Officers managing global privacy compliance programs
  • Information Security Managers aligning technical controls with legal requirements
  • Corporate Legal Counsel overseeing digital discovery and litigation readiness
  • Information Governance Specialists designing enterprise records management systems
  • IT Auditors evaluating cybersecurity frameworks against international standards
  • Risk Management Directors quantifying digital liabilities for executive reporting
  • Compliance Officers navigating cross-border data sovereignty and transfer regulations
  • Chief Information Officers integrating governance into digital transformation initiatives
  • Privacy Engineers implementing technical controls for data minimization
  • External Audit Consultants specializing in cybersecurity and information governance

Course Objectives

The curriculum is structured to move from foundational frameworks to advanced integration of security and legal strategies.

By the end of this course, you'll be able to:

  • Analyze organizational data flows using the EDRM framework to identify litigation risks
  • Apply NIST Cybersecurity Framework 2.0 to build a defensible security posture
  • Design an Information Asset Register that maps data to legal obligations
  • Construct a Data Privacy Impact Assessment (DPIA) for high-risk processing activities
  • Evaluate third-party vendor contracts against ISO/IEC 27001:2022 security requirements
  • Navigate complex cross-border data transfer requirements using standard contractual clauses
  • Implement measurable governance KPIs using the COBIT 2019 maturity model
  • Synthesize technical security metrics into actionable reports for board-level stakeholders

Requirements & Prerequisites

Participants should have at least 3-5 years of experience in IT security, legal compliance, or risk management. Familiarity with basic cybersecurity concepts and a working knowledge of data protection principles (such as GDPR) is highly recommended. No specific technical programming skills are required, but an understanding of enterprise IT infrastructure is beneficial.

Professional and Organizational Impact

Advancing your expertise in this domain positions you as a critical bridge between the IT department and the legal suite.

As a professional, you will benefit by:

  • Build authority in the high-demand field of information governance
  • Gain confidence in defending security budgets using risk-based data
  • Strengthen your ability to lead cross-functional compliance task forces
  • Enhance your technical credibility with legal and executive leadership
  • Develop expertise in internationally recognized frameworks like NIST and ISO
  • Position yourself for senior roles in privacy and security leadership
  • Expand your capability to manage complex e-discovery and litigation projects

Organizations that integrate security and governance reduce the financial impact of breaches and ensure long-term regulatory resilience.

Your organization will benefit from:

  • Reduce legal exposure through proactive data minimization and retention
  • Mitigate financial risks associated with regulatory non-compliance and fines
  • Improve operational efficiency by streamlining digital discovery and auditing
  • Strengthen brand reputation through demonstrated commitment to data privacy
  • Optimize security investments by targeting high-value information assets
  • Enhance resilience against AI-driven cybersecurity threats and data exfiltration
  • Ensure seamless compliance with evolving global data protection mandates

Training Methodology

This is a practical, outcome-driven course designed to turn governance theory into measurable action and credible reporting.

Methodology includes:

  • Hands-on risk quantification exercise using the FAIR methodology and datasets
  • Scenario simulation requiring incident response decisions under legal pressure
  • Audit diagnostic using the ISO/IEC 27001:2022 compliance checklist
  • Stakeholder mapping exercise for reporting security risks to the board
  • Case study analysis from the financial, healthcare, and technology sectors
  • Group workshop producing a comprehensive Data Privacy Impact Assessment deliverable
  • Reflection exercise benchmarking current governance maturity against COBIT 2019 standards

Upcoming Sessions

Next available dates worldwide

Nairobi

Kenya
USD 2,900
6th Jul-17th Jul 2026
Reserve my seat See all dates

Kigali

Rwanda
USD 3,800
20th Jul-31st Jul 2026
Reserve my seat See all dates

Dubai

United Arab Emirates (UAE)
USD 7,800
27th Jul-7th Aug 2026
Reserve my seat See all dates

Addis Ababa

Ethiopia
USD 4,900
22nd Jun-3rd Jul 2026
Reserve my seat See all dates

Zanzibar

Tanzania
USD 4,200
6th Jul-17th Jul 2026
Reserve my seat See all dates

Mombasa

Kenya
USD 3,300
29th Jun-10th Jul 2026
Reserve my seat See all dates

Cape Town

South Africa
USD 7,900
22nd Jun-3rd Jul 2026
Reserve my seat See all dates

Johannesburg

South Africa
USD 6,500
13th Jul-24th Jul 2026
Reserve my seat See all dates

Pretoria

South Africa
USD 6,500
29th Jun-10th Jul 2026
Reserve my seat See all dates

Kampala

Uganda
USD 3,800
29th Jun-10th Jul 2026
Reserve my seat See all dates

Dar es Salaam

Tanzania
USD 4,200
27th Jul-7th Aug 2026
Reserve my seat See all dates

Naivasha

Kenya
USD 3,200
22nd Jun-3rd Jul 2026
Reserve my seat See all dates

Accra

Ghana
USD 7,900
29th Jun-10th Jul 2026
Reserve my seat See all dates

Certification

Recognized credentials that advance your career

Participants who complete the Cybersecurity, Information Governance, Legal Risk Training Program earn a Trainingcred Certificate of Achievement, demonstrating professional competence and alignment with global standards in learning and development.

NITA Accredited

Accredited by the National Industrial Training Authority, ensuring programs meet nationally recognized standards of quality and relevance.

CPD Certified

Recognized by the CPD Certification Service, ensuring every program meets internationally benchmarked standards of professional excellence.

Each certification reflects practical expertise, strategic insight, and readiness to excel in today's competitive, fast-evolving workplace.

Why this course earns its place on your CV

Accredited training, practitioner trainers, and peers on the same career track — the three things real expertise is built on.

Expert-Led Insights

  • Learn from top cybersecurity experts with real-world experience.
  • Master industry-specific legal frameworks in cybersecurity and risk.
  • Gain insights from leading professionals in information governance.

Career Advancement

  • Boost your career with skills in high-demand cybersecurity sectors.
  • Achieve recognition with a certification in cybersecurity governance.
  • Prepare for leadership roles with advanced risk management training.

Practical Skills Application

  • Apply legal and cybersecurity concepts through interactive case studies.
  • Navigate complex compliance issues using hands-on simulation tools.
  • Implement actionable strategies to protect your organization from cyber threats.

Real Results from Real Professionals

Thousands of professionals have transformed their careers through our training programs. Now, it's your turn.

View All Reviews

Frequently Asked Questions

Got questions? We've gathered the answers to common queries to help you feel confident and informed.

You will gain hands-on proficiency in conducting Data Privacy Impact Assessments (DPIA), building Information Asset Registers, and applying the FAIR risk quantification methodology. You will also master the use of the EDRM framework for litigation readiness and the NIST CSF 2.0 for security profiling.
This course is designed for intermediate to advanced professionals, including Data Protection Officers, Information Security Managers, and Corporate Legal Counsel. It is ideal for those who already understand basic security concepts but need to integrate them into a formal legal and governance framework.
The course is delivered through a blend of practitioner-led lectures and intensive workshops, with a 60/40 split between instruction and hands-on exercises. Each day focuses on a specific module, culminating in the creation of a tangible work product such as a risk register or compliance matrix.
Upon successful completion, you receive a TrainingCred Certificate of Completion in Advanced Cybersecurity Information Governance and Legal Risk Management. This certificate documents your mastery of international standards including ISO/IEC 27001:2022 and the NIST Cybersecurity Framework.
Prerequisites include 3-5 years of professional experience in a related field such as IT, Law, or Audit. While no pre-reading is mandatory, reviewing your organization's current data retention policy and incident response plan will help you get the most out of the practical workshops.

Trusted by 100+ organizations across 40+ countries

Premier Bank
Amnesty International
UNDT SACCO
UNFPA
USAID
AMREF Health Africa
KENTRADE
CPF
UFIA
UNICEF
Central Bank of Kenya
UNDP
GIZ
Premier Bank
Amnesty International
UNDT SACCO
UNFPA
USAID
AMREF Health Africa
KENTRADE
CPF
UFIA
UNICEF
Central Bank of Kenya
UNDP
GIZ
Barbours
Bank of Rwanda
RFA
Dahabshil Bank
Dorcas Aid
Finn Church Aid
KCB Foundation
Ministry of Education Saudi Arabia
NSSF Uganda
RBA
Reserve Bank of Malawi
WASREB Kenya
Virginia Commonwealth University
Barbours
Bank of Rwanda
RFA
Dahabshil Bank
Dorcas Aid
Finn Church Aid
KCB Foundation
Ministry of Education Saudi Arabia
NSSF Uganda
RBA
Reserve Bank of Malawi
WASREB Kenya
Virginia Commonwealth University