Impact of Volatile U.S. Presidency on Africa: ISO 27001 & ISO 31000 Risk Analysis in a Changing Geopolitical Landscape

1. Introduction

Here’s a detailed article addressing the external context analysis as per Clause 4 of ISO/IEC 27001:2022, using principles from ISO 31000:2018 and the external context considerations of ISO 31073. The article also focuses on the volatile nature of the American presidency and the extreme changes within the first 17 days of Donald Trump's presidency, analyzing their effects on Africa’s geopolitical and economic stability from an information security and risk management perspective.

In an increasingly interconnected world, organizations must consider external factors when designing and implementing their information security management systems (ISMS). Clause 4 of ISO/IEC 27001:2022 requires organizations to evaluate the external context that influences their risk landscape. This is reinforced by ISO 31000:2018, which provides a structured approach to risk management, and ISO 31073, which focuses on the broader external risk environment.

One of the most extreme examples of rapid geopolitical shifts affecting global stability occurred during the first 17 days of Donald Trump’s presidency in 2017. His executive orders, economic policies, and diplomatic shifts had an immediate and significant impact on Africa, affecting trade relations, cybersecurity strategies, and political risk management.

This article explores how such volatile global leadership decisions shape Africa’s risk environment through the lens of ISO 27001 and ISO 31000.

2. External Context Analysis in ISO 27001:2022

Clause 4 of ISO 27001:2022 requires organizations to determine the external issues relevant to their information security objectives. These include:

  • Geopolitical risks
  • Economic trends
  • Regulatory and legal landscapes
  • Technological advancements
  • Cybersecurity threats and resilience measures

ISO 31000:2018 further emphasizes continuous environmental scanning and dynamic risk assessment to help organizations anticipate, prepare for, and mitigate risks arising from external changes.

The first 17 days of Donald Trump’s presidency provide an ideal case study of volatile external context variables that African governments, businesses, and financial institutions had to rapidly adapt to in terms of risk management.

3. Case Study: The First 17 Days of the Trump Presidency

Donald Trump took office on January 20, 2017, and within the first 17 days, he signed a flurry of executive orders that triggered global economic and diplomatic uncertainty. These included:

  • Withdrawal from the Trans-Pacific Partnership (TPP) – signalling a shift toward economic nationalism.
  • Implementation of the "Muslim Ban" (Executive Order 13769) – restricting immigration from predominantly Muslim countries, affecting African nations with strong ties to the U.S.
  • Escalation of trade war rhetoric – leading to unpredictable financial markets and potential economic instability for Africa.
  • Dismantling of key environmental agreements – impacting Africa’s climate policies and sustainable development strategies.
  • Hardline stance on China – indirectly affecting African economies that rely on China for investment and trade.
  • Each of these executive actions created external risks that organizations in Africa had to assess and mitigate in their risk management frameworks.

4. ISO 31073: External Context Considerations for Africa

ISO 31073 focuses on external risk factors that organizations should assess, including:

  • Political instability
  • Regulatory shifts
  • Supply chain vulnerabilities
  • Cybersecurity threats
  • Economic fluctuations

The following factors illustrate how the Trump administration’s first 17 days influenced Africa’s external risk landscape:

5.1 Geopolitical Uncertainty and Trade Risks

Trump’s protectionist stance disrupted African economies dependent on trade with the U.S.. Countries under the African Growth and Opportunity Act (AGOA), such as Kenya, Nigeria, and South Africa, faced uncertainty over trade preferences.

Organizations managing supply chain risks under ISO 31000 had to re-evaluate exposure to trade volatility, including:

  • Supply chain diversification
  • Foreign exchange risk management
  • Geopolitical intelligence gathering

5.2 Cybersecurity Threats Escalation

The Trump administration's unpredictable policies on cybersecurity led to increased global cyber threats, particularly state-sponsored attacks from Russia, China, and North Korea. Africa’s financial institutions and governments faced rising cyber espionage, hacking attempts, and data security breaches.

To comply with ISO 27001:2022, African organizations had to:

  • Enhance cyber threat intelligence capabilities.
  • Improve incident response planning to counteract state-sponsored cyber threats.
  • Align data protection policies with shifting global compliance requirements.

5.3 Immigration Policies and Workforce Disruptions

The Muslim Ban affected professionals, students, and business leaders from Africa who had visa restrictions imposed. This disrupted:

  • Cross-border collaboration in tech industries.
  • Investment flows from African entrepreneurs in the U.S.
  • Human capital mobility, affecting industries relying on U.S. training and expertise.
  • From a risk management perspective (ISO 31000:2018), organizations needed business continuity strategies to counteract workforce disruptions.

5.4 Financial Market Volatility and Investment Risks

Trump’s America First economic policies led to:

  • Currency fluctuations affecting African stock markets.
  • Reduction in foreign aid and investment flows.
  • Uncertainty over World Bank and IMF policies toward Africa.
  • To mitigate these risks, African financial institutions adopted risk assessment models aligned with ISO 31073, incorporating:
  • Hedging strategies for currency volatility.
  • Alternative financing and investment sourcing.
  • Strategic risk mapping for global economic shifts.

5. Strategic Responses for Africa Using ISO 27001 & ISO 31000

Given the lessons from the early Trump presidency, organizations in Africa should implement the following strategic risk responses:

  • Enhanced Political and Economic Risk Monitoring
  • Implement real-time geopolitical risk dashboards.
  • Engage in scenario planning to assess future U.S. policy shifts.
  • Cybersecurity Resilience Strengthening
  • Adopt zero-trust architectures and threat intelligence frameworks.
  • Improve data sovereignty policies in response to shifting U.S. cybersecurity regulations.
  • Regulatory and Compliance Adaptation
  • Align data protection laws with international standards (GDPR, U.S. laws).
  • Establish flexible compliance structures for rapid policy shifts.
  • Diversification of Trade and Investment Partnerships
  • Expand intra-Africa trade to reduce reliance on U.S. policies.
  • Strengthen relations with the European Union and China.

6. Conclusion

The first 17 days of Donald Trump’s presidency serve as a critical case study of how sudden geopolitical shifts can reshape the external risk environment for Africa. By leveraging ISO 27001:2022, ISO 31000:2018, and ISO 31073, African organizations can better anticipate, analyse, and mitigate the impact of volatile global leadership changes on their information security and risk management frameworks.

As the global risk landscape remains highly uncertain, organizations must continue external context monitoring, implement agile risk management approaches, and maintain resilient cybersecurity frameworks to navigate future geopolitical disruptions effectively.