When people finished work on Friday 5th August 2011 they probably didn’t consider that a weekend of riots and unrest was about to hit the Tottenham area, London.
However, businesses who correctly implemented an ISO 27001 Information Security Management System immediately had the upper hand, thanks to a particular control in Annex A of the standard.
Control A9.1.4 ‘Protecting against external and environmental threats’ explicitly identifies ‘Civil Unrest’ as a potential threat.
The majority of our UK clients initially greet ‘Civil Unrest’ as a low risk that is unlikely to occur, however when we assess the impact of such an event on the business, concerns start to be raised.
Therefore the majority of ISO 27001 Information Security Management Systems will have addressed the risk of civil unrest with appropriate treatment plans.
This is a good example of how a structured management system can protect the business by saving time and resources when they are needed most.
If you are considering an ISO 27001 Information Security Management System, contact our consultants on 020 3432 2854.