This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
  • InfoCenters
    • Break-in Prevention
    • Building AppSec in Enterprises
    • Video Management Systems
  • Contact
    • Editorial Guidelines
  • Advertise
Home » What Should be in a Travel Risk Policy?
Security Enterprise ServicesSecurity Leadership and Management

What Should be in a Travel Risk Policy?

business travel
August 16, 2019
Bruce McIndoe
KEYWORDS business travel / employee travel / risk management program / risk management tools
Reprints
No Comments

Policies and the procedures to implement them provide clarity to everyone involved regarding accountability issues or activities of critical importance to an organization, such as health and safety, regulatory requirements, legal liabilities, or other issues that may have serious consequences. Given the critical importance of protecting an organization’s people, having a travel risk policy is an imperative. However, simply having a travel risk policy is not enough. An organization must develop and implement procedures to ensure the policy is followed. Not doing so can result in creating more liability for an organization.

An organization may choose to address the elements of a travel risk policy across other existing policies covering travel, health/safety, risk, and security. However, having a standalone travel risk policy helps all involved quickly find relevant information and results in better compliance.

A travel risk policy needs to address the three essential elements of a travel risk management (TRM) program: 1) help the organization and traveler avoid problems; 2) provide help when the traveler needs it; and 3) protect the business from financial loss. In addition to addressing these, the policy needs to address its scope, as well as the roles and responsibilities of all those involved, including the traveler.

Here are the essential elements of a travel risk policy.

  1. Policy Scope
  2. Policy Aim and Objectives
  3. Roles and Responsibilities
  4. Travel Planning and Approval
  5. Travel Risk Assessment
  6. Incident Reporting
  7. Insurance

Policy Scope, Aims, and Objectives

A policy should always start with the reason for having the policy. In this case, the importance of the health, safety, and wellbeing of those traveling should be clear. The policy should also raise awareness of your TRM program. Specifically, the policy should focus on the need to identify any potential risks and what should be done by both the organization and the traveler to mitigate them.

Roles and Responsibilities

It is very important to designate which department owns responsibility for the policy and ensures that it is properly implemented. Likewise, the policy needs to address other groups responsible for carrying out the policy and specific procedures. This section will also include senior management, line manager, and employee responsibilities.

Travel Planning and Approval

This section of the policy needs to outline what should be done to plan a trip and get approval before travel. A range of issues should be considered beyond the organizational need for the trip and the cost, including risks such as geopolitical instability, security, natural disasters, and endemic disease. You should also address information asset protection risks, any regulations, and how traveler risk profile issues (e.g., LBGTQ, religion, gender, etc.) will be handled. The travel approval process will be the key procedure to develop, document, and provide training for both the traveler and management.

Travel Risk Assessment

To help all involved avoid potential problems, it is imperative the policy include a risk review for each trip prior to departure. Most organizations classify a country based on the assessed overall risk level with a multi-level system consisting of two, three, or up to five levels. Each level should define what is required for further risk review and required approvals. The policy should address reviewing the risk profile of the person traveling and ensuring that they are included in the assessment.

Incident Reporting

The policy must address the responsibility and limitations of the organization to provide support and assistance to the traveler and how to get that support. Ideally, this assistance would be through a single phone number. If not, the policy should include a list of support numbers for travel, medical, security, device/information loss, etc.

In addition, the policy should spell out how to report an incident and how the organization will handle incidents and a crisis, if one arises. The actual procedures for activating an incident or crisis management team will likely be embodied in other procedures.

Insurance

Finally, the policy should address key areas of loss along with specifics about what is covered and key exclusions. The policy should be “traveler friendly” to provide clear direction for the traveler. For example, should the traveler purchase the collision/damage loss waiver when renting a car? What if a traveler’s personal mobile device is lost or stolen? What about other personal effects? If the traveler must pay for medical care, will the expense be reimbursed? The policy needs to clearly state the employee’s obligation to report the loss and support filing a claim.

Overall, the objective of a travel risk policy is to help keep an organization and its people safe from harm and risk. By implementing the essential elements of a travel risk policy outlined here, you can help ensure the health, safety, and security of your travelers while protecting the organization legally and financially. 
 

Subscribe to Security Magazine

Bruce-mcindoe

Bruce McIndoe is a leader in the risk management, travel, and intelligence industries. A WorldAware founder, McIndoe has been the key contributor to the company’s strategic growth, securing its position as a leader in business resiliency with the development of the Worldcue® Global Control Center. Prior to joining WorldAware, McIndoe was founder and CEO of CSSI, an Inc. 500 and four-time Washington Technology FAST 50 company that developed software for the intelligence community. He has also served as a lead architect on intelligence programs for the US government. He is a trustee of Allegheny College, where he received a BS in Physics, and holds a MS in Computer Science from Johns Hopkins University.

Related Articles

Why Your Next Intelligence Analyst Should Be a Workplace Violence Analyst

Why Reputational Risk is a Security Risk and What to Do About It

Related Events

A4M 27th Annual World Congress

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

cybersecurity breach

The Top 12 Data Breaches of 2019

ransomware-enews

British American Tobacco Suffers Data Breach and Ransomware Attack

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

Major Retailer Macy's Is Hacked

server room, cybersecurity, penetration testing,

Explained: Firewalls, Vulnerability Scans and Penetration Tests

cyber network

How to Achieve Cybersecurity with Patience, Love and Bribery

SEC2019_Everbridge_1119_360x184customcontent

Events

December 17, 2019

Conducting a Workplace Violence Threat Analysis and Developing a Response Plan

There are few situations a security professional will face that is more serious than a potential workplace violence threat. Every security professional knows and understands that all employers have a legal, ethical and moral duty to take reasonable steps to prevent and respond to threats of violence in their workplace.
January 23, 2020

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe.
View All Submit An Event

Poll

Emergency Communications

What does your enterprise use to communicate emergencies to company employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
SEC500_250x180 clear

Security Magazine

SEC-December-2019-Cover_144px

2019 December

This month, Security magazine brings you the 2019 Guarding Report, featuring David Komendat, Boeing CSO, and many other public safety leaders to discuss threats and solutions for 2020 and security officer training. Also, we highlight Hector Rodriguez, Director of Public Safety and Security at Marymount California University, CCPA regulations, NIST standards, VMS and much more.

View More Create Account
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing