Governance & Security

Every worker has the right to a safe and secure working environment.

Employees must be protected from security risks during their work, including from assault, kidnapping, attack from armed groups, terrorist attacks and cyber-attacks. Businesses must undertake adequate security risk assessments to determine if any security threats exist in relation to their workplace. Regular monitoring is required by employers to identify security risks and to have measures in place to recognize and address new security risks as they arise.

As part of this ongoing monitoring, businesses should ensure that they know which countries are currently experiencing, or at risk of experiencing, armed conflict and maintain an accurate and comprehensive conflict register for risk management purposes. In addition, businesses should regularly assess the areas in which they operate for all conflict and military targeting risks. The risks of cyber-attacks should also be considered as an emerging security risk.

Once security risks are identified, employers should ensure sufficient security protection measures are in place to protect workers. Businesses should review their security risk protection measures regularly to ensure the measures are sufficient. Adequate training should be provided by businesses regarding their security risk management frameworks and policies.

As a part of security protection, businesses should engage with and utilize existing security infrastructure where appropriate, including use of national security providers (such as the police). In circumstances where existing security infrastructure is inadequate, businesses may need to arrange private security infrastructure.