Computing, IT Systems, and Emerging Technologies Lesotho

Cyber Security Risk Assessment and Management Training Course

Every organization is a target. But not every leader understands where the real cyber risks are coming from or what to do about them. Are you confident that your critical systems and data are adequately protected? Do you have a clear, repeatable way to identify, prioritize, and respond to cyber risk? Do you understand which risks you can accept, which you must mitigate, and which you should transfer?

This course is an essential guide for professionals who must see beyond firewalls and tools to manage cyber risk as a business issue, not just an IT problem. It’s about making informed choices, balancing security with usability, and ensuring that cyber decisions support operations, strategy, and compliance.

Duration
5 Days
Duration
Certificate
Certificate
Included
Delivery
Instructor-Led
Delivery
Level
Foundation To Intermediate
Level
Download Brochure

Choose Your Preferred Training Format

Training Options

Reserve Your Spot Today — Pay When You're Ready!

Live Online Training

Join from anywhere with interactive virtual sessions

Starts
Ends
Mon - Fri (5 Days)
USD 850
Register Group
Starts
Ends
Weekend (4 Wks)
USD 850
Register Group
Starts
Ends
Weekend (4 Wks)
USD 850
Register Group
Starts
Ends
Mon - Fri (5 Days)
USD 850
Register Group
Starts
Ends
Weekend (4 Wks)
USD 850
Register Group
Starts
Ends
Mon - Fri (5 Days)
USD 850
Register Group
Starts
Ends
Weekend (4 Wks)
USD 850
Register Group

Classroom Training

In-person sessions at premier locations

Nairobi Kenya
Mon - Fri
5 Days
USD 1,600
View Sessions
Kigali Rwanda
Mon - Fri
5 Days
USD 1,900
View Sessions
Dubai United Arab Emirates (UAE)
Mon - Fri
5 Days
USD 4,100
View Sessions
Abuja Nigeria
Mon - Fri
5 Days
USD 2,900
View Sessions
Customized Content
Team Training
Flexible Dates

In-person training at our premier venues — pick a city and date that works for you.

Location Duration Fee Language
Nairobi, Kenya Mon - Fri (5 Days) USD 1,600 English See dates & reserve →
Kigali, Rwanda Mon - Fri (5 Days) USD 1,900 English See dates & reserve →
Dubai, United Arab Emirates (UAE) Mon - Fri (5 Days) USD 4,100 English See dates & reserve →
Abuja, Nigeria Mon - Fri (5 Days) USD 2,900 English See dates & reserve →
Zanzibar, Tanzania Mon - Fri (5 Days) USD 2,400 English See dates & reserve →
Addis Ababa, Ethiopia Mon - Fri (5 Days) USD 2,400 English See dates & reserve →
Mombasa, Kenya Mon - Fri (5 Days) USD 1,700 English See dates & reserve →
Cape Town, South Africa Mon - Fri (5 Days) USD 3,900 English See dates & reserve →
Johannesburg, South Africa Mon - Fri (5 Days) USD 3,800 English See dates & reserve →
Pretoria, South Africa Mon - Fri (5 Days) USD 3,500 English See dates & reserve →
Kampala, Uganda Mon - Fri (5 Days) USD 1,900 English See dates & reserve →
Lagos, Nigeria Mon - Fri (5 Days) USD 2,500 English See dates & reserve →
Arusha, Tanzania Mon - Fri (5 Days) USD 2,000 English See dates & reserve →
Dar es Salaam, Tanzania Mon - Fri (5 Days) USD 1,900 English See dates & reserve →
Accra, Ghana Mon - Fri (5 Days) USD 5,950 English See dates & reserve →
Naivasha, Kenya Mon - Fri (5 Days) USD 1,700 English See dates & reserve →
Nakuru, Kenya Mon - Fri (5 Days) USD 1,600 English See dates & reserve →
Kisumu, Kenya Mon - Fri (5 Days) USD 1,600 English See dates & reserve →

Live, instructor-led sessions you can join from anywhere — pick the next start date below.

Code Start Date End Date Duration Fee
CSR-01 Mon - Fri (5 Days) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Weekend (4 Weeks) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Weekend (4 Weeks) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Mon - Fri (5 Days) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Weekend (4 Weeks) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Mon - Fri (5 Days) USD 850 Reserve my seat → Reserve team seats →
CSR-01 Weekend (4 Weeks) USD 850 Reserve my seat → Reserve team seats →

Our instructor comes to your office — same curriculum and accredited certificate, with case studies built around the work your team actually does.

Team Training

Train your entire team together in a familiar environment for better collaboration

Fully Customized

Content tailored to your industry, tools, and specific business challenges

Cost Effective

Save on travel & accommodation costs when training multiple employees

Flexible Scheduling

Choose dates that work best for your team's availability and projects

How It Works
1
Request a Quote

Tell us about your team size, preferred dates, and training goals

2
Get a Custom Proposal

Receive a tailored training plan and competitive pricing within 24 hours

3
We Come to You

Our certified trainer arrives ready to deliver impactful, hands-on training

Ready to upskill your team on Cyber Security Risk Assessment and Management Training?

No commitment required · Response within 24 hours

What You'll Master in This Training

Built by industry pros — practical insights, real-world examples, and strategies you can apply immediately.

Module 1: Principles of Cyber Security Risk Thinking

  • What cyber risk is and why it matters beyond IT
  • Understanding assets, threats, vulnerabilities, impact, and likelihood
  • Cyber risk vs. information security vs. IT operations
  • When to apply cyber risk assessment in projects and operations
  • Common missteps in framing cyber risk as purely technical
  • Mapping business services, systems, and information flows
  • Classifying data by sensitivity, criticality, and regulatory requirements
  • Identifying 'crown jewels' and single points of failure
  • Considering people, technology, and third-party dependencies
  • Using asset registers and data inventories
  • Common threat actors and tactics (internal and external)
  • Typical vulnerabilities in applications, infrastructure, and processes
  • Human factor risks: social engineering, weak practices, insider threats
  • Emerging risks from cloud, mobile, and remote work models
  • Simple techniques to map and visualize threat paths
  • Qualitative vs. quantitative approaches to risk assessment
  • Estimating likelihood and impact with practical scales
  • Risk matrices, heat maps, and scoring models
  • Using scenarios and what-if analysis to test assumptions
  • Creating and maintaining a cyber risk register
  • Types of controls: preventive, detective, corrective, and compensating
  • Aligning controls with frameworks such as ISO 27001 or NIST CSF
  • Assessing control effectiveness and control gaps
  • Balancing usability, cost, and security requirements
  • Prioritizing controls based on risk reduction and value for money
  • Integrating risk assessment into system development and procurement
  • Evaluating cloud services, third-party platforms, and outsourcing arrangements
  • Security requirements in contracts and service level agreements
  • Managing risk during digital transformation and system upgrades
  • Case examples from public, NGO, and corporate projects
  • The role of policies, standards, and governance structures
  • Data protection, privacy, and sector-specific regulations
  • Documentation, evidence, and audit readiness
  • Roles and responsibilities: boards, executives, IT, and business units
  • Aligning cyber security with enterprise risk management
  • Why people are both the weakest link and strongest defense
  • Designing effective awareness and training programs
  • Policy design that supports, rather than frustrates, staff
  • Handling user resistance and fatigue toward security measures
  • Measuring and reinforcing security culture improvements
  • Linking risk assessment with incident response planning
  • Identifying likely incidents and preparing playbooks
  • Roles and communication during an incident
  • Learning from incidents: root cause, lessons, and improvements
  • Ensuring continuity of critical services during cyber disruptions
  • Tailoring messages for executives, boards, regulators, and technical teams
  • Using visuals, dashboards, and summaries to explain risk clearly
  • Reporting assumptions, limitations, and residual risk transparently
  • Handling scrutiny and difficult questions about security decisions
  • Turning cyber risk discussions into shared understanding and action

Drop Us a Query

Fill out the form below and we'll get back to you.

About the Course

Today’s organizations do not just want IT controls; they demand justified, risk-based cyber security decisions. Whether you are approving a new system, moving to the cloud, engaging a third-party vendor, or rolling out a digital service, leaders are expected to understand the cyber implications and demonstrate that risks are assessed, prioritized, and managed.

This course transforms cyber security risk assessment from a technical checklist into a practical management tool. Participants will not become penetration testers, but they will become disciplined evaluators of cyber exposure. They will learn how to identify critical assets, map threats and vulnerabilities, assess likelihood and impact, score and prioritize risks, and select cost-effective controls. Additionally, participants will align cyber risk decisions with legal, regulatory, and governance requirements and communicate risk clearly to executives and non-technical stakeholders.

The course is hands-on, scenario-based, and tailored for leaders and managers who must integrate cyber risk thinking into projects, operations, and strategy. By the end, participants will be equipped to ask better questions, challenge assumptions, and support their organizations in building a stronger security posture.

Target Audience

This course is designed for professionals who regularly make or influence decisions that affect cyber security risk:

This course is designed for:

  • IT managers and system owners responsible for critical applications and infrastructure
  • Information security and risk officers involved in cyber risk assessment and reporting
  • Compliance and governance professionals overseeing security, privacy, and regulatory requirements
  • Public sector staff managing digital services, citizen data, or national systems
  • NGO and development program leaders handling sensitive beneficiary and donor information
  • Procurement and vendor management teams evaluating third-party and cloud service providers
  • Finance and operations managers approving security budgets and investments
  • HR and people managers responsible for policies, access, and staff awareness
  • Project managers leading digital transformation, system upgrades, or new platforms
  • Anyone who must understand, explain, and justify cyber risk decisions to stakeholders

Course Objectives

This course equips you to identify, assess, prioritize, and manage cyber security risks in a structured, business-aligned way.

By the end of this course, you'll be able to:

  • Understand core principles of cyber security risk assessment and risk management
  • Identify critical assets, data, and processes that must be protected
  • Recognize common threats, vulnerabilities, and attack paths across sectors
  • Assess likelihood and impact to generate clear, comparable cyber risk ratings
  • Prioritize risk treatment options using structured, risk-based decision-making
  • Select and justify appropriate controls, safeguards, and mitigation measures
  • Communicate cyber risks and treatment plans clearly to technical and non-technical stakeholders
  • Align cyber risk decisions with legal, regulatory, and organizational governance frameworks

Requirements & Prerequisites

Participants should have a basic understanding of IT systems and security principles. Familiarity with organizational processes and decision-making is beneficial.

Professional and Organizational Impact

When you think in terms of cyber risk, impact, and likelihood, you move from reacting to incidents to leading secure, informed decisions.

As a participant, you will benefit by:

  • Improve your ability to interpret and explain cyber risk reports and dashboards
  • Gain confidence when challenging, approving, or defending cyber-related investments
  • Reduce guesswork and fear-driven decisions about security controls and tools
  • Strengthen your strategic planning by integrating cyber risk into project and portfolio decisions
  • Position yourself as a trusted partner between technical teams and senior leadership
  • Enhance your reputation as a risk-aware, security-conscious professional
  • Build your influence in digital transformation, compliance, and governance discussions

Organizations led by cyber risk thinkers are more resilient, trusted, and prepared for disruption.

Your organization will benefit from:

  • Smarter use of security budgets and technology investments
  • More consistent, transparent, and documented cyber risk decisions
  • Stronger alignment between security controls and business priorities
  • Reduced likelihood and impact of incidents, breaches, and service disruptions
  • Faster and more coordinated response when an incident occurs
  • Improved compliance with regulations, standards, and audit expectations
  • Increased stakeholder confidence in how digital assets and data are protected

Training Methodology

This is a practical, outcome-driven course designed to turn cyber security risk theory into daily decision-making power.

Methodology includes:

  • Interactive cyber risk assessment exercises using realistic scenarios
  • Threat and vulnerability mapping for real-world systems and processes
  • Simple tools, checklists, and templates for risk registers and treatment plans
  • Role-playing for presenting cyber risk and treatment options to executives
  • Group work comparing different risk treatment strategies and control options
  • Case studies from public, private, and NGO environments, including breaches and lessons learned
  • Reflection prompts to challenge current security assumptions and habits

Upcoming Sessions

Next available dates worldwide

Virtual

(Zoom) Training
USD 850
22nd Jun-26th Jun 2026
Reserve my seat See all dates

Nairobi

Kenya
USD 1,600
15th Jun-19th Jun 2026
Reserve my seat See all dates

Kigali

Rwanda
USD 1,900
22nd Jun-26th Jun 2026
Reserve my seat See all dates

Dubai

United Arab Emirates (UAE)
USD 4,100
22nd Jun-26th Jun 2026
Reserve my seat See all dates

Addis Ababa

Ethiopia
USD 2,500
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Abuja

Nigeria
USD 2,800
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Zanzibar

Tanzania
USD 2,100
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Mombasa

Kenya
USD 1,600
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Cape Town

South Africa
USD 3,500
22nd Jun-26th Jun 2026
Reserve my seat See all dates

Johannesburg

South Africa
USD 3,800
27th Jul-31st Jul 2026
Reserve my seat See all dates

Pretoria

South Africa
USD 3,000
22nd Jun-26th Jun 2026
Reserve my seat See all dates

Kampala

Uganda
USD 1,800
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Lagos

Nigeria
USD 2,500
29th Jun-3rd Jul 2026
Reserve my seat See all dates

Certification

Recognized credentials that advance your career

Participants who complete the Cyber Security Risk Assessment and Management Training Program earn a Trainingcred Certificate of Achievement, demonstrating professional competence and alignment with global standards in learning and development.

NITA Accredited

Accredited by the National Industrial Training Authority, ensuring programs meet nationally recognized standards of quality and relevance.

CPD Certified

Recognized by the CPD Certification Service, ensuring every program meets internationally benchmarked standards of professional excellence.

Each certification reflects practical expertise, strategic insight, and readiness to excel in today's competitive, fast-evolving workplace.

Why this course earns its place on your CV

Accredited training, practitioner trainers, and peers on the same career track — the three things real expertise is built on.

Skills Relevance

  • Master the latest cyber security frameworks and minimize organizational risk.
  • Equip yourself with top-industry tools for proactive threat assessment.
  • Adopt best practices in risk mitigation to safeguard critical data assets.

Expert Delivery

  • Learn from seasoned cyber security professionals with real-world experience.
  • Interactive sessions ensure you gain practical insights, not just theoretical knowledge.
  • Each module is crafted by experts with a focus on current cyber risk landscapes.

Career Advancement

  • Enhance your resume with in-demand cyber security risk assessment skills.
  • Position yourself as a key player in your company's cyber security strategy.
  • Unlock new career opportunities in a rapidly growing field of cyber security.

Real Results from Real Professionals

Thousands of professionals have transformed their careers through our training programs. Now, it's your turn.

View All Reviews

Frequently Asked Questions

Got questions? We've gathered the answers to common queries to help you feel confident and informed.

Who else has attended this training course?

Join global leaders and experts from top-tier organizations who have already benefited from this training. Here are just a few of our past participants:

Designation Organization
Protection and Security Advisor Amnesty International, NIGERIA
Anything international organization, SELECT COUNTRY
Consultant Professional, RWANDA
Risk Officer Pensions and Insurance Authority, Zambia
Security Operation Coordinator Barrick North Mara Limited, Tanzania, United Republic of
Self BAP Energy Limited, NIGERIA

Your seat is waiting.

Join these industry leaders and take the next step in your career.

Yes. Trainingcred Institute offers tailored versions of the Cyber Security Risk Assessment and Management Training to meet specific organizational goals, industry requirements, and staff experience levels.  

Customizations can include:  

- Industry-specific risk scenarios and compliance frameworks.  

- Focused modules on internal risk assessment or third-party risk management.  

- Flexible scheduling and delivery formats (online, onsite, or hybrid).  

Customized corporate training helps teams strengthen their cybersecurity posture and align risk strategies with organizational objectives.

The Cyber Security Risk Assessment and Management Training is a comprehensive program designed to help professionals identify, analyze, and mitigate cyber risks that threaten organizational data, systems, and operations. This course covers essential frameworks and methodologies such as ISO 27005, NIST SP 800-30, and risk governance best practices. Participants learn how to assess vulnerabilities, implement security controls, and develop proactive risk management strategies to protect digital assets and ensure business continuity in today’s evolving threat landscape.

This training is ideal for professionals responsible for managing or assessing cyber risks, as well as those seeking to strengthen their cybersecurity and compliance expertise, including:  

- IT Managers and Security Analysts  

- Risk and Compliance Officers  

- Information Security Consultants  

- Internal Auditors and Governance Professionals  

- System Administrators and Cybersecurity Engineers  

It’s also beneficial for individuals preparing for cybersecurity certifications or transitioning into security risk management roles.

By attending the Cyber Security Risk Assessment and Management Training, participants will:  

- Gain a deep understanding of cyber risk identification, evaluation, and mitigation frameworks.  

- Learn to design and implement effective risk management plans aligned with international standards.  

- Strengthen organizational resilience against data breaches, ransomware, and insider threats.  

- Enhance compliance with regulations such as ISO 27001, GDPR, and NIST frameworks.  

- Build confidence in applying cybersecurity risk management concepts in real-world scenarios.  

Completing this course helps professionals become more valuable to their organizations by improving governance and reducing cyber risk exposure.

The Cyber Security Risk Assessment and Management Training is a 5-day program designed to balance theory with practical exercises.  

Each day includes instructor-led sessions, group discussions, and case study workshops to help participants apply learned concepts effectively.  

Flexible scheduling options are available to accommodate corporate and individual learners.

Yes. The course is available in multiple delivery modes to suit your needs, including:  

- Online (Live Virtual Classes): Instructor-led sessions conducted in real time via secure video conferencing.  

- Classroom Training: Available at select global Trainingcred Institute locations.  

- Onsite Corporate Training: Delivered directly at your organization’s premises for teams.  

This flexibility ensures that learners can access world-class cybersecurity training regardless of their location.

Trusted by 100+ organizations across 40+ countries

Premier Bank
Amnesty International
UNDT SACCO
UNFPA
USAID
AMREF Health Africa
KENTRADE
CPF
UFIA
UNICEF
Central Bank of Kenya
UNDP
GIZ
Premier Bank
Amnesty International
UNDT SACCO
UNFPA
USAID
AMREF Health Africa
KENTRADE
CPF
UFIA
UNICEF
Central Bank of Kenya
UNDP
GIZ
Barbours
Bank of Rwanda
RFA
Dahabshil Bank
Dorcas Aid
Finn Church Aid
KCB Foundation
Ministry of Education Saudi Arabia
NSSF Uganda
RBA
Reserve Bank of Malawi
WASREB Kenya
Virginia Commonwealth University
Barbours
Bank of Rwanda
RFA
Dahabshil Bank
Dorcas Aid
Finn Church Aid
KCB Foundation
Ministry of Education Saudi Arabia
NSSF Uganda
RBA
Reserve Bank of Malawi
WASREB Kenya
Virginia Commonwealth University