Information Security Management

Course Date Onsite fees: Location Register
02/09/2024 To 06/09/2024 1,000 USD, 90,000 Ksh Nairobi
02/12/2024 To 06/12/2024 1,000 USD, 90,000 Ksh Nairobi


Information is the lifeblood to all organisations, without it, it would be severely impacted and ultimately cease to function. Information is knowledge and knowledge is power. With an ever changing climate of technology and threats (both technical and human), the need for trained security personnel to protect our information becomes increasingly critical evolutionary task. Information is at risk from many sources, legal, electronic, physical, internal and external to mention a few. It is paramount that security and related management personnel have an understanding of the risks, controls and countermeasures that are available to secure information and technology within an effective management framework. Furthermore utilising countermeasures, best practice and management techniques will mitigate electronic and physical risks and enhance protection to an organisation.



5 Days



By the end of this training course, participants will be able to:

  • Gain knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, counter measures, etc)
  • Understand the current legislation and regulations which impact upon information security management
  • Be fully Aware of current national and international standards such as ISO 27002, frameworks and organisations which facilitate the management of information security
  • Understand the current business and common technical environments in which information security management has to operate
  • Gain knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics



Module 1:

Information Security Management - An Overview

  • IT Risk Management
  • Categorising Physical and Electronic Risk
  • IT and Networks
  • Computer Systems Design
  • Legal and Regulatory Considerations
  • Information, Business and Risk – Case Study


Module 2:

Information Security Management

  • Ensuring Information Security
    • Confidentiality
    • Integrity
    • Availability
    • Authenticity
    • Non Repudiation of Data
  • Ethical hacking and Industrial Espionage
  • Where to design and place effective computer and management controls
  • Case Study


Module 3:

Information Management – International Standards

  • Code or Practice for Information Security Management – ISO 17799 / ISO27002
  • Best Practice and Implementing Guidance and Controls For ISO27002
    • Information Security Management Overview
    • Risk Assessment and Controls
    • Security Policy Documentation
    • Organising Information Security Management
    • IT Asset Management
    • Personnel and Human Resources


Module 4:

Information Management ISO27002

  • Best Practice and Implementing Guidance and Controls For ISO27002
    • Physical and Environmental Security
    • Operations Management and Communications
    • Access Control
    • Information Systems (Design, Development, Maintenance)
    • Incident Management
    • Business Continuity
    • Regulatory Compliance
  • Best Practice and Implementation Guidance for BS ISO/IEC 38500:2008 – IT Management
  • Case Study


Module 5:

Implementing Effective Information Security Management Frameworks

  • Successful steps for IT Security Management
  • Audit and Compliance for IT Resources
  • Business Process Engineering
  • Case Study





This training can also be customized for your institution upon request. You can also have it delivered your preferred location.

For further inquiries, please contact us through Mobile: +254 732 776 700 or Email:



Participants should be reasonably proficient in English.  During the trainings, participants should come with their own laptops.



The course fee covers the course tuition, training materials, two break refreshments, lunch, and study visits.



Accommodation is arranged upon request. For reservations contact us through Mobile: +254732776700

or Email:



Payment should be transferred to FineResults Research Limited bank before commencement of training. Send proof of payment through the email:



  • All requests for cancellations must be received in writing.
  • Changes will become effective on the date of written confirmation being received.


Call us on +254 732 776 700/ +254 759 285 295
Book your Training (Training Calender)
Follow us