by: Gian-Rico Luzzi, VMware Senior Manager Physical Security EMEA
Accelerated by the pandemic, globalization, the proliferation of mobile workers and other emerging issues, the subject of Travel Risk Management (TRM) as a corporate mandate is now in the spotlight – and for good reason.
One of the most important aspects of MRT is the management of health and safety (H&S) risk. This can be broken down into two categories, with overlapping subcategories: traveler risk and business risk.
Now, traveler (except …)
The risk to people in this context relates to the physical or psychological harm that can affect the traveler. It can be due to injury, illness, physical assault, or sexual assault. It also extends to accidents, travel stress, exhaustion from improper recovery, exposure to extreme weather conditions, poor local sanitation, poor medical care and fatigue. limited access to prescription drugs or specialized medical care.
The characteristics of diversity can also give rise to challenges and risks. There are six countries where being gay is punishable by death, about 70 countries and territories that criminalize same-sex relationships, 32 countries that have laws restricting free speech about sex, and many more countries that have human rights. LGBTQ + but the population is still intolerant. Any of them can give rise to an incident (assault, abuse, discrimination, detention) that could affect the health and safety of travelers.
Travelers trying to conceal a feature may even be exposed. For example, specific types of drugs discovered during an airport check or if it is necessary to organize specialized medical care in a hostile location. And LGBTQ + travelers are not alone. Women, BAME * / BIPOC ** and disabled travelers are all exposed to additional health and safety risks.
Call of Duty
Health and safety issues also pose various types of business risks. Foremost among them is failure to meet the risks of complying with so-called due diligence requirements and, ultimately, being found negligent by a court.
Due diligence is defined in the ISO 31030 travel standards as the moral responsibility or legal requirement of an organization to protect the traveler from dangers and threats. Essentially, this means that a business must take reasonable steps to protect its employees’ travelers from foreseeable damage. These efforts include ensuring that a proportional and personalized risk assessment program / framework is in place to disclose and mitigate known risks, now and for the foreseeable future. They also ensure that processes are flexible enough to change as business travel conditions change, such as frequent changes to airport / country pandemic protocols that could lock up an employee or negatively impact travel.
Easier to say (and do!)
For businesses, many of the vulnerabilities lie in, or lack of, the processes required to manage risk. The good news is that, despite all of the aforementioned concerns, implementing MRT in an organization of any size is not as daunting as you might think, if done correctly.
An effective TRM program will identify any health and safety concerns applicable to the business based on its profile, as well as the nature of its industry and type of service. These are then correlated with its travel destinations and the various characteristics of its traveling population. The processes must ensure visibility on all trip planned so that the risk assessment specific to the trip can be carried out. Failure to obtain this right can potentially override existing risk reduction measures, as stakeholders may inadvertently be âblindâ to the risk, but performing a risk assessment is a legal requirement. The key is to make sure the processes are scalable.
That said, large companies with thousands of travelers cannot be expected to conduct individual risk assessments for each trip. It may be necessary to partner with experienced and knowledgeable third-party service providers to automate risk assessment and disclose location-specific medical and safety risk ratings / levels to all travelers. This makes the entire travel risk process more efficient and allows internal TRM teams to focus their attention on high risk travel.
For an organization that adopts travel risk management and the systematic approach outlined in ISO 31030, there is one major factor that will determine management’s commitment to success. As with any company-wide initiative, senior management must take and demonstrate responsibility for travel risk. This ensures that the TRM policy and objectives are established and integrated into business processes, appropriately resourced, and enacts the need to comply with the TRM policy and processes. If leadership support and commitment is not achieved, TRM’s mandates essentially become a series of fragmented, ad hoc protocols that fail to adequately prepare and protect travelers and the business.
Check back soon for the third blog in our TRM series that will cover details regarding best practices for deploying TRM. In the meantime, check out our first TRM blog and our ISO30310 blog.
* Black, Asian and ethnic minorities ** Black, indigenous, people of color
VMware on VMware Blogs are written by IT experts who share stories about our digital transformation using VMware products and services in a global production environment. Contact your sales representative or [email protected] to schedule an information session on this topic. Visit VMware on VMware microsite and follow us on Twitter.