RiskPal logo
RiskPal logo mobile

International Location Safety & RiskPal Join Forces to Enhance Risk Management

2025-03-20T11:29:29+00:00February 25, 2025|Company Update|

We are delighted to announce a new partnership with International Location Safety (ILS), bringing an exciting new offering to travel risk management for Higher Education.

This partnership provides access to a complimentary combination of RiskPal’s cutting-edge risk assessment software and the ILS risk advisory and training services. With the new Help Desk service, clients can now have responsive, cost-effective travel risk management support from the ILS Risk Advisory team.

The partnership was born from a desire to improve the travel risk management services on offer to the Higher Education sector.

Here is what RiskPal’s COO, Tom Bacon, and ILS Managing Director, George Shaw, want you to know:

Tom Bacon, RiskPal COO

“University travel managers have to oversee hundreds or thousands of trips a year, often without in-house risk management expertise to advise on more complex trips. We are delighted to bring together the ILS risk advisory services with our risk assessment platform, giving the sector a scalable, cost-effective solution that enhances duty of care. I’m really excited about this partnership.” – Tom Bacon

“We are absolutely thrilled to be working with RiskPal. ILS has been delivering ‘human’ risk management and training solutions to support academic sector travel for many years. However, we believe that the scale of need in the sector, driven more recently by the requirements of ISO31030, demands the application of a technology solution that enables University Travel Risk Managers to deliver a robust, cost effective and scalable risk assessment platform. We believe that RiskPal is the perfect solution, and we are thrilled to be working with them to deliver advice, support and training for complex and high-risk trips through our exclusive HelpDesk service.” – George Shaw

George Shaw, ILS Managing Director

What This Partnership Offers Universities

The ILS-RiskPal partnership gives universities access to an all-in-one pre-travel risk management solution, combining innovative technology with expert consultancy and training. Key benefits include:

  • Subscription to RiskPal’s leading risk assessment platform – featuring customisable templates, integrated approvals, and a comprehensive safety advice library.
  • Retained access to the ILS Helpdesk – offering expert consultancy support and risk management advice for specific destinations and activities.
  • ILS’ in-person and online travel safety training – equipping students and staff with essential skills to navigate risks effectively.

About ILS

International Location Safety (ILS) Logo

ILS is a specialist risk management consultancy that has been providing risk advisory and training services to academic institutions and the NGO community for 15 years. Learn more.

Elevate Your University Travel Risk Management

With RiskPal and ILS, university travel managers now have access to an unparalleled combination of cutting-edge risk assessment software and expert advisory support. Whether you need on-the-spot guidance for a complex trip or a scalable solution to enhance duty of care, our joint offering provides the tools and expertise to help you navigate travel risks with confidence.

Discover how our partnership can support you.

Read More
 0

Why RiskPal is the Smarter Choice for Risk Management

2025-02-24T16:52:06+00:00February 24, 2025|Risk Assessment, SaaS|

Risk assessments are crucial to safety, compliance, and business continuity, but common objections often arise.

Risk assessments can be time-consuming and cumbersome, yet some companies remain reluctant to change.

At RiskPal, we aim to make your life easier by streamlining the risk assessment process. This article explores common objections to adopting risk management software and highlights how RiskPal makes the process simpler and more efficient while boosting overall safety standards.

Common Objections

“Our Current Risk Assessment Process Works Well Enough.”

One of the most common objections we face is that existing risk assessment processes work well enough. While traditional methods like Word or Google Docs may seem sufficient, they are often disliked by the workforce and create inefficiencies, version control issues, and compliance risks.

Outdated systems lack the adaptability needed for ever-changing regulations or company-specific requirements, leading to irrelevant assessments and time-consuming workflows. At RiskPal, we eliminate these challenges by providing centralised content and template management, along with integrated approvals, enabling efficient collaboration, consistency, and a streamlined approval process.

When saying your current system works “well enough”, it’s important to consider who it is working for. A platform like RiskPal improves user experience across the board, enhancing efficiency and reducing staff reluctance to engage in the risk assessment process.

“Using a New System Can be Difficult and Time-consuming.”

Change can be daunting, but it is also inevitable. Embracing change and understanding the value of a digitalised risk assessment process is essential before you get left behind.

At RiskPal, we make the transition simple. A user-friendly interface, relevant custom-made templates, and hands-on onboarding support ensure a smooth implementation.

We provide continuous customer support and training resources to enable continued adoption among staff. Tech solutions, such as single sign-on integrations, further simplify the user journey and remove barriers to entry.

For more tips on effective change management, see our article Embracing Change: Barriers When Implementing SaaS.

”Our Staff Won’t Engage with Another Application.”

We understand that staff can be reluctant to learn and use a new system. RiskPal’s intuitive interface and automated workflows reduce friction and make participation seamless.

Features such as pre-built templates, a library of safety advice, and integrated approvals make risk assessments faster and more engaging for your staff. One of the best things you can do is let your staff test RiskPal firsthand — they’ll be on board with the switch in no time.

”Risk Assessments are a Pain.”

Traditional risk assessments can feel like unnecessary bureaucracy, with cumbersome processes overshadowing their safety benefits. RiskPal eliminates mundane copy-and-paste tasks, allowing users to focus on core safety risks and controls.

Alongside better workflows and proactive safety advice, RiskPal provides management with analytics dashboards, change logs, and centralised access to all risk assessments, enhancing oversight, compliance, and decision-making efficiency.

”It’s Just a Better Way of Doing Risk Assessment.”

RiskPal’s analytics dashboard provides data-driven insights into risk trends and behaviours. This allows management to compare risks across departments, identify trends, and accelerate reporting.

A central, searchable record of risk assessments provides instant oversight of past, current, and future operations, enabling quick responses in case of an incident. Comprehensive change logs offer visibility into risk assessment progress and serve as critical records for audits and incident investigations — something you won’t get from documents stored in folders and emails.

”We’re Concerned About Data Security and GDPR Compliance.”

The safety of your data security is our top priority. With RiskPal, you can be confident that your most sensitive information is always protected. Our security-by-design architecture, data encryption, and role-based access controls ensure confidentiality and GDPR compliance.

We conduct regular penetration and recovery tests and are ISO 27001 certified.

Why RiskPal is the Superior Choice?

If you’re still not convinced, ask yourself whether your current solution offers these benefits:

  • Efficiency: RiskPal reduces time spent on risk assessments and approvals.
  • Safety & Compliance: High-standard data safety protocols and centralised records for easy audit.
  • Full Customisation: Centrally configure templates to meet your business needs.
  • Easy Collaboration: Align workflows and teams for seamless participation and engagement.
  • Insight: RiskPal’s analytics provide valuable data insights and reporting tools.
RiskPal Risk Assessment Software Features

Not Just Another Risk Management Tool…

RiskPal isn’t just another off-the-shelf risk assessment tool — it’s a comprehensive risk management solution designed to enhance safety, save time, and improve compliance.

We help organisations in a range of industries, including higher education, NGOs, and media and production, to assess and manage their risks effectively.

To find out how RiskPal can streamline your risk assessment process or to book a demo, contact our team today.

Read More
 0

2025 Journalist Safety Outlook: The Vacuum of Order

2025-02-06T12:46:06+00:00January 23, 2025|Geopolitical, Media|

Editor’s Comment

We hosted our Journalist Safety Outlook panel one week before the inauguration of US President Trump. Two weeks into the new administration, it is already clear that 2025 will present many an unknown, both for geopolitics and journalist safety.

Our expert discussion revealed considerable anxiety about media safety in 2025; with agreement among panellists that we are witnessing an “incredibly fragile moment” and the “most complicated time to be a journalist.”

Drawing on the themes discussed and trajectory for international journalism, we have chosen the title “the vacuum of order” to describe the current environment. Ending 2024 with the fall of President Assad in Syria and starting this year with vast forest fires in Los Angeles and escalating violence in eastern DRC, news coverage continues to put journalists at the forefront of risk. Whilst risk taking is not something new, we now live with a “complete change in the risk paradigm” where physical threats present just one category amid a plethora of risk management calculations.

Today the institutions and pillars of “order” that have protected frontline journalism are being eroded; political attacks on media institutions have escalated, technological advances are amplifying surveillance and long-assumed legal protections that media practitioners could historically rely on, at last in the West, are being weakened.

2025 will take journalists to many unstable and fast changing environments. We cannot predict the news cycle nor scenario plan every eventuality, but as risk managers, either industry professionals or editors and commissioners in the newsroom, it is essential to monitor changes, communicate within and across teams; and prepare. The threat environment is evolving and we must keep pace with the change.

We are in for a rocky ride.

Thanks to Oksana Rondel Bhavani (Deputy Managing Editor, Financial Times), Phil Chetwynd (Global News Director, Agence France-Presse), Leila Mollana-Allen (Special Correspondent for PBS Newshour) and Colin Pereira (Co-Founder, RiskPal) for their valuable insights and participation.

A “New” Threat Landscape?

New it is not, but escalating it is.

The panel widely agreed that journalists and newsrooms are seeing a growing level of dangers. Physical threats have been transformed by drones and other technological advances that have enabled new methods of surveillance. Covering environmental extremes, whether it be forest fires, hurricanes or flooding, will become more frequent and require adequate training and resources. Added to which, the autocrat playbook could go into overdrive, fuelling the parallel dangers of online vitriol and intimidation through the courts.

In the legal sphere, news organisations are treading a nervous path. Governments have used tax investigations or defamation charges to both disrupt operations and financially kneecap some major media organisations, sending shockwaves through media legal teams and executive boards. The politicisation of visa renewals, something we’ve covered in previous outlooks, continues unabated, but in new geographies, creating unease among editors and affected journalists alike. Restricted access to politicians for journalists representing purportedly unfriendly news organisations provide another mechanism through which some governments are trying to silence criticism and shape public discourse.

Online abuse persists, with journalists having to carry a major emotional burden at the forefront of attacks. The removal of fact checking in place of community notes on social media will only fuel the trolls. Newsrooms, like the online regulators themselves, continue to play catch-up given the scale of the problem.

From the political extremes we are also seeing concerted effort to undermine credibility of established media at every opportunity. Attacked from below by the anonymous masses online, many in the public limelight are also taking every opportunity of airtime to question the agenda of the interviewee or the media company they represent. It’s increasingly commonplace to hear subjects directly challenge or reveal some systemic media agenda, using the airtime they are given to drip feed mistrust of the media. The need to counter such narratives about fake news and political biases will become increasingly important as editorial integrity is attacked from all angles.

Navigating the dangers that drones present to journalist safety will also grow in 2025. Having become a key tool of the media, as well as transforming the nature of conventional warfare, we have seen drones become a common tool of surveillance and threat to frontline journalists in conflicts in Ukraine, Gaza, Lebanon and Sudan. We will be publishing more work on this later in the year.

What Can Be Done? Risk Management 2025

Preparation, communication and training remain integral to effective risk management. Like every year, 2025 will throw up news in unforeseen locations that require hasty deployments, however, uncertainty cannot excuse complacency. Reviewing and testing your protocols, ensuring staff are aware of them, and stress testing resilience will be essential amid the unpredictability. Keeping abreast of changes to the operating environment and being ready to respond quickly are vital; the transforming access dynamics in Syria in recent weeks vividly demonstrate this.

Training should adapt to changes in the physical and technological realm, factoring in the shifting dynamics of drone warfare, extreme weather and evolving surveillance. Evaluating how changes in broadcasting techniques such as live streaming can also present new risks also merits attention. This training, however, should not be confined to hostile environment training alone; legal teams must prepare for a range of scenarios given the aforementioned threat from financially powerful governments, interest groups or individuals.

Scenario planning can have some role especially for potentially major international stories where a vacuum of order will need to be navigated. Escalation in Tawain, succession voids in Iran or the previously unthinkable in Greenland or Panama could throw up logistical and access challenges in new frontiers. Basic checklists considering the likes of communications (and back-ups), evacuation routes, legal recourse for detained journalists, and clarity on duty of care for staff and affected families are necessary. Sensitivity of post-production responsibilities for sources and third parties still remain paramount.

A key consideration during the panel discussion also focused on how newsrooms must not be seen to reward unnecessary risk taking and the need to review how work is commissioned, especially from freelancers, to avoid them putting themselves unnecessarily in harm’s way. In addition, we are seeing a commitment to protecting journalists from online abuse whilst increasing a clear personification of news delivery, placing the individual and their social handle firmly and persistently in the spotlight. These difficult issues must continue to be reviewed in the year ahead as organisations balance their duty of care obligations with groundbreaking journalism.

RiskPal: Your Risk Assessment Solution

RiskPal is an online risk assessment platform, supporting many international media organisations with international and domestic assignments. The platform was built by risk management professionals with decades of combined experience delivering risk management and crisis management consultancy.  

Read More
 0

Preventing Sexual Harassment: A Guide to Safer Christmas Parties

2024-11-27T10:49:05+00:00November 25, 2024|Events, Legal & Compliance, Risk Assessment|

With the festive season fast approaching, many employers are gearing up for work Christmas parties and other social events. While these events are an excellent way to foster team spirit and celebrate achievements, they also come with legal responsibilities.

As of 26 October 2024, the Worker Protection (Amendment of the Equality Act 2010) Act 2023 introduces a new duty for employers to take reasonable steps to prevent sexual harassment of their employees. This marks a significant shift in how employers must address sexual harassment in the workplace. This includes ensuring the safety and wellbeing of employees at organised social functions held away from the workplace. Failure to comply with these responsibilities can have serious legal and reputational consequences.

What does this mean for employers, and how can they ensure they are meeting these new requirements? Read on to discover practical tips and, at the end, download our free guide for a complete sexual harassment prevention and response plan.

The Risk of Sexual Harassment at Work Functions

The New Legal Framework for Employer Responsibilities

The legislative update addresses gaps in workplace safety. It places a responsibility on the employer to take a proactive approach in preventing harassment and safeguarding employees in the workplace. Under the new law, employers now have a clear legal obligation to:

  1. Identify Risks: Employers must conduct risk assessments to identify potential threats of sexual harassment in the workplace, including at work-organised social functions. They should consider risk factors such as alcohol consumption and the presence of third parties like contractors or clients.
  2. Take Reasonable Preventive Steps: Employers are required to develop and implement clear policies, provide relevant training, and put safeguards in place to ensure a safe and respectful environment for all employees.
  3. Accept Vicarious Liability: Employers are vicariously liable for any incidents of sexual harassment that occur both in the workplace and at work-organised social events, even when those events are held offsite.

Third-Party Harassment

Treat third-party harassment with the same seriousness as harassment by a colleague. Take proactive steps to prevent it by identifying high-risk scenarios. For instance, consider workplaces where employees may work alone with clients, customers, or contractors. Other high-risk situations include networking events, business travel, or offsite client meetings can also present elevated risks.

Responding to a Complaint: Key Steps for Employers

When a harassment complaint is made, employers must act promptly and fairly to address the issue while protecting everyone involved. Follow these key steps:

  1. Decisive Action: Address the complaint without delay and discuss how the complainant would like it resolved. Maintain an impartial stance throughout.
  2. Ensure Confidentiality: Protect the privacy of all parties, sharing details only with those directly handling the issue.
  3. Prevent Retaliation: Safeguard the complainant from further harassment or victimisation during the investigation, such as by reassigning the alleged harasser temporarily.
  4. Assess Legal Implications: If the complaint may involve a criminal offence, support the complainant in reporting it to the police if they choose to do so.
  5. Follow Disciplinary Processes: Investigate the complaint under company procedures. Harassment claims are often treated as gross misconduct and require a formal approach.
  6. Communicate Outcomes: Inform all parties of the resolution and any appeals process promptly and clearly.

A swift and fair response demonstrates a commitment to a safe and respectful workplace while helping to prevent future incidents.

Why Work Christmas Parties Require Special Attention

Work Christmas parties can pose unique challenges in managing the risks of sexual harassment. The relaxed environment of a social setting, often accompanied by alcohol, can blur professional boundaries, making it harder to maintain appropriate workplace behaviour. The inclusion of diverse attendees, such as external guests, partners, or clients, further increases the complexity and potential risks. Additionally, the informal tone of these events may leave employees uncertain about what constitutes acceptable behaviour in such a context.

To address these challenges effectively, employers must develop a comprehensive strategy that mitigates risks while preserving the festive spirit of the occasion.

Planning a Work Christmas Party: Key Considerations

When organising a festive celebration, employers should focus on the following:

  • Venue Selection: Choose a location that aligns with your company’s values and offers appropriate security measures. Vet event venues, including their risk assessments, safety policies, controls, and staff training details. 

  • Emergency Contacts: Designate point persons for on-the-day issues, including safety or harassment concerns.

  • Inclusive Activities: Plan events that cater to diverse interests and avoid activities with the potential for inappropriate behaviour.

  • Safe Transport: Arrange safe transport options to and from the venue.

  • Check-in Procedure: Establish check-in procedures for any young or vulnerable people.

  • Training: Provide a refresher training on workplace behaviour and reporting mechanisms.

  • Alcohol Consumption: Limit alcohol consumption with measures like drink tokens or professional bartenders.

  • Define Acceptable Behaviour: Set clear expectations for behaviour, including acceptable alcohol use, and communicate start and end times.

How RiskPal Can Help

Navigating the evolving legislative landscape can be challenging. RiskPal’s innovative platform helps employers streamline their risk assessments and stay compliant with recent changes to workplace safety laws.

Many of our clients are already using RiskPal to stay on top of their health and safety responsibilities, ensuring employee wellbeing at work and social events alike. Contact us today to learn how RiskPal can support your compliance efforts and safeguard your workplace culture.

Download Your Free Guide

For a comprehensive approach to preventing workplace sexual harassment, including a detailed response plan, download our free guide. It’s packed with actionable insights to help you stay compliant and protect your employees.

Read More
 0

Why Sensory Cues Are Critical in Risk Assessment

2024-11-26T13:23:36+00:00November 21, 2024|Risk Assessment|

Our senses are more powerful than we often realise, especially in high-stakes situations like risk assessment. From visual signals to auditory alerts, sensory cues can profoundly influence our decision-making, enabling us to react faster and more effectively.

In this piece, Colin Pereira, RiskPal Co-Founder and Director, shares his insights into how sensory cues influence risk assessment.

Sensory Cues in Action

A few years ago, I was enjoying a peaceful Saturday nap in my London living room when I was jolted awake by a faint hissing sound from a corner of the room. In a split second, I leapt onto the dining table, grabbing a saltshaker as a weapon. An extreme reaction for a peaceful afternoon in London you may think. However, having grown up in the tropics, my primal instincts kicked in immediately. My brain performed a rapid risk assessment, opted for a “better safe than sorry” approach, and concluded there was a snake in the room.

Imagine my humiliation a few minutes later when my wife walked in to inform me the source of the hiss was a faulty valve on the heating system that I needed to fix.

Although this is an amusing anecdote, it reveals how our brains are hard-wired to risk assess sensory cues often before we consciously process them.

Nature’s Danger Signals: Lessons for Risk Management

Mother Nature is a master of sensory communication. Vibrant colours, sharp sounds, and distinctive smells are universal indicators of danger:

  • Yellow and black stripes on a wasp warn predators of a sting.
  • Bright red berries often signify toxicity.
  • The distinctive rattle of a rattlesnake alerts us to steer clear.

These natural cues provide a blueprint for how sensory information can enhance risk management.

Visual cues of danger

The Power of Visualisation in Risk Assessment

In risk management, clear communication is crucial, yet documentation is often lengthy, repetitive and quite frankly boring. Incorporating visual elements can drastically improve clarity and impact.

  • Visual triggers enhance understanding: Images and colours are processed faster by the brain than text, making them invaluable for conveying complex information.
  • Improved memory retention: Studies show we retain 80% of what we see compared to only 20% of what we read.
  • Prioritisation and clarity: Tools like traffic light systems or risk matrices enable users to identify and act on high-risk scenarios swiftly.

At RiskPal, we’ve embraced these principles by integrating visually appealing tools into our platform, such as customisable risk matrices. Users can easily score risks based on severity and likelihood, with results plotted on an intuitive grid. This approach ensures critical information is prioritised and easily understood by all stakeholders.

The RiskPal Risk Matrix

Simplify Safety with RiskPal

RiskPal is a game-changer for organisations seeking to improve their risk assessment capabilities. By offering a more visual, efficient and data-driven approach, our platform empowers you to make informed decisions and mitigate risks effectively.

Although we have still not explored the potential of adding sounds and smells to our risk assessment platform… Maybe that is the next technological frontier?

Want to learn more? Get in touch to see how RiskPal is making safety simple and compliance straightforward.

Read More
 0

Feature Update: Assigning Mandatory Risks and Activities in Risk Assessments

2024-11-20T10:54:41+00:00November 20, 2024|Feature Updates|

What’s Changed?

When creating risk assessment templates, you can now easily set specific risks, activities, or questions as mandatory, ensuring that key details and safety considerations are not ignored.

So What?

Clients were telling us that often end users would skip key fields in a risk assessment or unintentionally miss providing vital information. At times, this created unnecessary back-and-forth between authors and approvers during risk assessment sign-off. 

Assigning mandatory fields in the risk assessment helps to: 

  • Improve data at first attempt.
  • Boost efficiency, reduce frustration and bolster user experience.
  • Speed up decision-making, enabling participants to focus on the risks not the process.

End users now clearly see mandatory fields, streamlining the workflow and completion of more comprehensive risk assessments. Risk managers can drive consistency in their risk assessments and gain confidence that critical risks are not overlooked.

What’s Coming Up?

In the months ahead we will be releasing a series of exciting new features and product enhancements, including: 

  • Risk Assessment Unique Identification Numbers 
  • Improved Multi-Factor Authentication (MFA) User Sign-in 
  • Risk Assessment Reminders and Tasks 

Keep up to date with more exciting RiskPal feature developments via our Newsletter – sign up below or get in touch if you want to learn more about RiskPal.

Read More
 0

Best Practices for Security Management in NGOs

2024-10-16T16:27:20+01:00October 16, 2024|NGO & Humanitarian|

Insights from Peter Walsh, Head of Global Security at Save the Children

Non-governmental organisations (NGOs) operating in high-risk environments face a complex dilemma: how to fulfil their life-saving mission while ensuring the safety of their staff. Operating in regions marked by instability, conflict, or natural disasters is increasingly perilous. Last year, 280 aid workers were killed across 33 countries, making 2023 the deadliest year on record for the global humanitarian community.

Save the Children is an international organisation dedicated to protecting and promoting the rights of children worldwide. Operating in over 120 countries, Save the Children provides essential services such as education, healthcare, and humanitarian aid to children in need.

Peter Walsh, the Global Head of Security at Save the Children, works tirelessly to keep the humanitarian staff under his charge as safe as possible. With over 12 years of experience in volatile environments such as South Sudan, Ukraine and Gaza, Peter has gained valuable insights into how NGOs can manage risks effectively.

Peter shared the core principles of the security framework he employs at Save the Children, offering a detailed look into best practices for NGO security management.

Understanding a Security Framework

A security framework in risk management refers to a structured approach that organisations use to manage and mitigate security risks. It consists of guidelines, best practices, standards, and tools designed to identify, assess, and address security vulnerabilities, ensuring that critical assets – such as personnel, data and systems – are protected.

What goes into a security framework?

The Save the Children Security Framework

Risk Assessment and Analysis

The ability to identify, assess, and prioritise potential risks is fundamental to effective security management. NGOs must develop a deep understanding of the environments in which they operate, considering political, social, economic, and security factors. This knowledge enables organisations to anticipate threats and devise appropriate mitigation strategies.

Peter Walsh, Global Safety and Security, Save the Children International

“Any risk [to an organisation] is only as good as its framework, and that risk framework should never be created in a silo. We shouldn’t be making decisions based on assumptions or personal knowledge or what we’ve done in the past because we think it will work again. We have to do it through an informed process, and that’s done through risk assessment.” – Peter Walsh

Security Planning

Developing comprehensive security plans is vital for safeguarding personnel and assets. This includes creating emergency response procedures, evacuation plans, and protocols for handling various security incidents. Effective planning requires collaboration with local authorities, security experts, and staff to ensure everyone is aware of their roles and responsibilities.

Crisis Management

NGOs must be prepared to respond effectively to security crises. This entails having clear decision-making processes, robust communication channels, and access to the necessary resources. Key crisis management skills include remaining calm under pressure, coordinating response efforts, and providing support to affected personnel.

People and Leadership

The workforce must be certified, competent, and current. “Certified” means having the proper qualifications for their role; “competent” means the ability to perform their job effectively; and “current” means staying up to date with the latest risk information. This is achieved through a combination of effective recruitment, ongoing training, and consistent knowledge transfer.

Security leaders should inspire and motivate their teams, delegate responsibilities, and make tough decisions when faced with complex security challenges. NGOs must select leaders who have demonstrated effective decision-making capabilities throughout their careers.

Leadership is critical. We need strong leadership to make decisions; we (also) need diversity of thought, the diversity of critical thinking, and also (different) opinions when it comes to decisionmaking. – Peter Walsh

Peter Walsh, Global Safety and Security, Save the Children International

Negotiation and Diplomacy

In many cases, resolving security challenges requires diplomatic skills and the ability to negotiate with local authorities, armed groups, or other stakeholders. NGOs must be adept at building relationships, understanding different cultural contexts, and finding common ground to address security concerns.

Cultural Awareness and Sensitivity

Operating in diverse cultural environments demands a deep understanding of local customs, traditions, and values. NGOs must be sensitive to cultural differences to avoid actions that could be perceived as disrespectful. Cultural awareness is crucial for building trust with local communities and mitigating potential conflicts.

Stakeholder Engagement

Building relationships with local authorities, security forces, and other key stakeholders is crucial for effective security management. NGOs must be able to engage with these stakeholders, communicate their objectives, and address their concerns. Strong relationships can help create a more secure operating environment and provide access to vital resources.

Continuous Learning and Adaptation

The security landscape is constantly changing, and NGOs must be able to adapt to new challenges and threats. This requires a commitment to continuous learning, staying informed about emerging trends, and updating security protocols accordingly.

Peter Walsh, Global Safety and Security, Save the Children International

You must document all decisions and evidence thoroughly because there are people who are mission-driven. They want to deliver at all costs and that’s not okay. We [Save The Children] deliver everything we possibly can with as much mitigation as possible and without becoming an impediment.” – Peter Walsh

Ensure the Best Practices Are in Place for NGOs

If you’re looking to strengthen your NGO’s risk management processes, following Peter Walsh’s advice is an excellent place to start.

From implementing cutting-edge technology to ensuring strong leadership, these are the practices to keep in mind when managing security for your NGO.

To learn more about simplifying your risk assessment processes, check out RiskPal, one of the leading NGO Risk Management Software solutions available today.

Read More
 0

Navigating Personal Data in Travel Risk Assessments

2024-09-23T16:08:47+01:00September 23, 2024|Risk Assessment, Travel Risk|

Collecting key personal data from workers and business travellers has long been essential for ensuring their safety and enabling effective emergency responses. Traditionally, employers would gather information such as date of birth, next of kin, vaccinations, and allergies.

However, as the concept of duty of care has evolved and the world has grown more complex, the range of personal details required to safeguard individuals has expanded. It is now increasingly common for organisations to request that individuals volunteer information about their ethnicity, religion, gender, sexual orientation, disability status, and pregnancy.

This sensitive data falls under what is known as protected characteristics.

Protected characteristics are personal traits that the law recognises to safeguard individuals from discrimination.

The Importance of Protected Characteristics in Risk Assessment

Risk assessments should not just examine threats related to physical safety, digital intrusion, geographic location and mental well-being, but also factor in the individuals themselves and their personal traits. Understanding this data enables organisations to implement tailored safety measures.

Consider the implications of sending an employee to a country where LGBTQ+ individuals face criminal penalties or discrimination could expose them to unnecessary danger. Similarly, sending an individual with mental health concerns to a high-stress environment, could exacerbate their condition.

In emergencies or crises, having accurate information about travellers’ protected characteristics allows for a more effective response. Knowing details such as age, health conditions, or dietary restrictions ensures appropriate medical or logistical support is provided.

Additionally, understanding the cultural backgrounds of travellers enables organisations to offer more culturally sensitive assistance and avoid potential misunderstandings. Considering diversity factors also enhances inclusivity and accessibility, enriching the travel experience for everyone involved.

The Challenge of Managing Protected Characteristics Data

Collecting, managing, and storing data on protected characteristics presents significant challenges for organisations:

  • Trust: Acquiring this sensitive information requires a high level of trust. Employees may be reluctant to disclose personal details due to fears of discrimination or misuse of their data.
  • Legal Compliance: Organisations must navigate complex legal requirements, such as obtaining explicit consent and ensuring that data is only used for its intended purpose. Missteps in data management can lead to serious legal consequences, including fines for non-compliance with the General Data Protection Regulation (GDPR) or similar data protection laws globally.
  • Secure Storage: Storing this sensitive information securely requires robust technical solutions. In the event of a data breach, the exposure of protected characteristics could cause severe harm to individuals, leading to reputational damage for the organisation and potential legal liability.

Balancing the need for comprehensive risk assessments with the obligation to maintain employee privacy makes managing this data an ongoing pain point for many businesses.

How to Incorporate Protected Characteristics into Risk Assessments

To effectively incorporate protected characteristics into risk assessments, begin by identifying the diversity factors relevant to your organisation. These may include demographics such as race, ethnicity, gender, age, disability, religion, sexual orientation, or other protected traits.

To address staff concerns about potential misuse or discrimination, outline the specific risks linked to travel in certain regions, and provide employees with a confidential screening form to identify any protected characteristics that could increase their vulnerability. This data can then be used to categorise risks (low, medium, high) and develop tailored safety plans that prioritise both individual protection and privacy.

Lastly, ensure that the collection and handling of this sensitive data is conducted with empathy and compliance. Risk managers should follow these key steps to safeguard data and protect individuals effectively:

Transparency and Consent

Be transparent about why you’re collecting sensitive data. Clearly explain its purpose and ensure individuals give explicit consent. Make it clear how the information will be used and shared to mitigate potential risks, particularly in high-risk regions.

Data Minimisation and Retention

Collect only the necessary data to achieve your objectives and ensure the information is used solely for risk assessment purposes. Store data only for as long as necessary and dispose of it securely when no longer needed. 

Data Security and Access Control

Implement strong security measures to protect sensitive data from breaches or unauthorised access, following regulations such as GDPR, by keeping protected characteristics data secure and separated from general records. Limit access only those directly involved in risk management or health and safety and share information only when absolutely necessary.

Ongoing Monitoring and Review

Continuously monitor and review your risk assessment processes and how you manage protected characteristics to ensure they are effective and non-discriminatory. Regularly update risk management strategies in response to changing legal regulations and new risk factors.

By following these steps, risk managers can ensure they comply with data protection regulations, protect employee privacy, and provide tailored safety measures that account for diverse risks without crossing ethical lines.

How RiskPal Can Help

RiskPal offers a solution to help organisations manage these complexities. Our platform allows you to build risk management processes that are fully compliant with data protection laws, including the GDPR. We enable secure, transparent collection and storage of sensitive information, ensuring that it is only accessible by authorised personnel and deleted when no longer needed.

With Riskpal, you can tailor risk assessments to specific demographics and personal needs while protecting your employees’ privacy. As an ISO 27001-certified organisation, we follow strict international standards for information security management. As a SAAS provider, we have implemented robust measures to protect your sensitive data – giving you peace of mind and confidence in RiskPal’s security.

Conclusion

By incorporating diversity data into your risk assessments, you can create a safer and more inclusive workplace. Remember to handle this sensitive information with care, comply with data protection regulations, and use it to drive positive change within your organisation.

Learn more about how RiskPal can support you in navigating personal data in risk assessments at RiskPal.com, or contact us for more information.

Read More
 0

Enhance Your Risk Assessments with RiskPal’s New CKEditor Integration

2024-09-18T12:33:19+01:00September 17, 2024|Feature Updates|

We are excited to announce a major feature update to the RiskPal platform – introducing the CKEditor! This new feature allows you to fully customise the appearance of your risk assessment text, providing greater flexibility and clarity in reporting. 

With the CKEditor integration, you can now:

  • Adjust font styles (typography, bold, italic, etc.). 
  • Change font size and colour. 
  • Highlight key text. 
  • Create bullet points and numbered lists. 
  • Add and customise tables. 

The CKEditor has been seamlessly integrated across all sections of the RiskPal risk assessment process, including the Essential Information and Risk and Mitigation pages. 

Benefits for RiskPal Users

This new feature gives you more control over how your risk assessments are presented. Clear, well-formatted assessments not only improve readability but also enhance communication with stakeholders, ensuring that key information stands out. Whether it’s emphasising critical risks or organising detailed mitigation strategies, the CKEditor makes it easier for teams to deliver professional, polished reports. 

Start customising your risk assessments today and make your reports as impactful as they are informative!

RiskPal is making safety simple and compliance straightforward. Get in touch to find out more.

Read More
 0

How to Safeguard Digital Nomads: Building a Robust Security Management Programme

2024-08-26T11:50:55+01:00August 26, 2024|Risk Assessment, Travel Risk|

Digital nomad working on a beach

In recent years, the global workforce has undergone a profound transformation in the way people work, and how organisations hire and manage their staff. Thanks to advances in technology and the growing acceptance of remote work, organisations are no longer limited to hiring talent within their local markets. Instead, they can recruit from a global pool of professionals, all connected through a digital office.

This shift offers workers unprecedented flexibility. No longer tied to a physical office, they can relocate to more affordable and desirable locations or even travel the world, all while continuing to work. Welcome to the age of the digital nomad! From Bali to Buenos Aires, today’s knowledge workers can access the digital office from anywhere in the world and enjoy freedoms previously unimaginable.

This trend is an exciting opportunity, but it comes with challenges and risks. The freedom and autonomy that come with remote work need to be carefully thought through with regards to the safety of individuals and the operational security of the organisation. This is where a comprehensive security management programme becomes essential.

Key Stats on Digital Nomads

  • Throughout 2015–2023, the percentage of people working remotely around the world quadrupled, from 7% to 28%. 
  • 2023 estimates showcase 40 million digital nomads around the world. 
  • Freelancing is the most common work arrangement for digital nomads, followed by full time employment. 
  • 80% of surveyed digital nomads report high job satisfaction (compared to 59% non-nomads).

Source: TechReport, 8 July 2024

Understanding the Risk for Digital Nomads

Destinations with beautiful beaches, exceptional cuisine, or a higher quality of life are undeniably appealing. However, it’s important to also consider potential downsides that may accompany these attractions.

  • Personal Security Risks: Digital nomads may find themselves in locations that are political unstable, more authoritarian or prone to natural disasters. Additionally, the nature of their work may influence their risk profile, potentially making them more vulnerable in certain environments. Employers need to understand what their responsibility is if a worker is arrested, injured or even killed.
  • Information Security Risks: Information security is a critical concern for remote workers who rely on technology to stay connected and productive. Digital nomads who travel the world are more vulnerable to cyberattacks and digital surveillance, increasing the risk of data breaches that could compromise sensitive company information.
  • Legal and Compliance Risks: Working across borders introduces legal complexities. Workers may inadvertently violate local laws or work visa requirements. Organisations must consider issues related to visas, work permits, and tax compliance.
  • Health and Safety Risks: Remote workers, especially digital nomads, may find themselves in locations with varying standards of healthcare and safety.

How to Keep Digital Nomads Safe

Digital nomads present a unique challenge from a security perspective. Unlike a traditional workforce based in a controllable workspace, digital nomads are isolated and scattered, making a one-size-fits-all approach ineffective. Instead, risks need to be assessed and mitigated on an individual basis.

An added complication from a security standpoint is that digital nomads, often on freelance contracts, frequently collaborate with other organisations and use their own devices to access company information. Therefore, your operational security must adapt to their needs, not the other way around.

So, where should you begin? Here are the key steps to include in your security management programme:

Understand the Scope:

Start with understanding how big the issue really is. How many digital nomads do you have, and where are they located? How frequently do they travel for personal reasons while continuing to work?

Also, consider how your workers are contracted, the amount of time they work for you, and the nature of their tasks and access permissions.

Understand Your Duty of Care:

Get consensus regarding your organisation’s duty of care for all workers, including employees, freelancers, consultants, and volunteers. Consider legal obligations, moral responsibilities and reputational issues.

In short, ask: What level of risk does your C-Suite find acceptable and what do they expect you to do if a digital nomad gets into trouble?

Scenario Planning:

Use real cases to explore what could go wrong and how you would respond. For example, what would happen if your digital nomad were based in or visits a country hostile to your company’s home country?

Consider several scenarios tailored to your organisation to identify common threats. Consult with international workers and experts to understand the threats they may face and how these could impact your organisation.

Scenario planning helps pinpoint vulnerabilities at both the organisational and individual levels, allowing you to prepare for worst-case situations and develop risk mitigation strategies.

Policy Development and Operational Implementation:

This is the crucial stage of building a security management program. After mapping the scope of the problem, setting expectations, and compiling a bank of realistic scenarios, you are now in a position to develop clear policies and safety protocols.

Your policy should not only address the identified risks but also detail how these risks will be managed operationally and the specific workflow required. For instance, if you determine that visits or stays in high cybercrime destinations necessitate restricted access to certain systems for relevant individuals, you’ll first need to identify which parts of the system should be restricted. Following this, you should establish a travel notification process and assign responsibility to someone for implementing these restrictions.

Communication and Training:

All new processes and policies need to be effectively communicated to the business. Provide staff with ongoing training on company policies and processes, as well as information security best practices and personal safety. Regular updates and refresher courses are essential to ensure that staff remain informed and prepared for the risks they may encounter.

Review and Adaptation:

Security risks are constantly evolving, so it’s crucial to regularly review and update your security management programme. Gather feedback from your people and adjust the programme as needed to address new challenges and ensure its effectiveness.

Conclusion

The rise of digital nomads presents both opportunities and challenges for organisations and workers. By implementing a comprehensive security management programme, employers can fulfil their duty of care, protect their staff, and ensure that the benefits of a flexible, modern workforce are realised without compromising safety or security.

At RiskPal, we provide practical guidance on building strong security management programmes that address the unique needs of a global workforce. We also offer expert advice on conducting risk assessments for staff in or travelling to high-risk remote locations worldwide. Learn more at RiskPal.com, or contact us for assistance with your risk management programme.

Read More
 0

Transform Your
Risk Assessments

Subscribe to our newsletter to keep up to date with the latest news, trends and product updates:

RiskPal 2025 |  Terms Of Use | Privacy Policy | Cookies | Designed & Built by Fresh01

cyber essentials

ISO-27001-2013-badge-white-cropped

Certificate No: 408582022

RiskPal 2025 |  Terms Of Use | Privacy Policy | Cookies | Designed & Built by Fresh01

Go to Top