A security assessment is an expert assessment of an organisation’s security policies, systems, and procedures.

Safety stands for accident avoidance. These are incidents that have been caused by natural forces (hurricanes, earthquakes etc.) or human errors. The main characteristic is that they are unintentional acts.

Security is the protection of people and assets from any threat that is intentional or deliberate. This could be any type of crime, like theft, harassment, assault, or fraud. Issues like conflict between states, civil war, civil unrest and terrorism also fall under security’s remits.

Yes, it forms part of the contractual agreement set out in the Security Health & Safety Addendum, which forms part of your contract with TUI Group.

TUI understands that in the current global climate, it is important to work harder than ever to meet the changing needs and expectations of its customers and colleagues and protect them as much as possible. TUI is implementing our own set of Hotel Security Standards to continuously improve security for our customers and people.

Currently, there are no global security standards in the travel industry. However, the needs and expectations of our customers, colleagues and governments around security are growing, and we are determined to fulfil those expectations and continuously improve security for our customers and people. In  2019 we conducted a trial to see what Security Standards were in place, and we collected feedback from our hotel partners to understand how the various security measures might work in practice. Experience gained during that time allowed us to define a security benchmark for our third-party hotel portfolio. This is how the TUI Hotel Security Standards have evolved. All the questions have been compiled by TUI Group Security in line with best practice

This is based on our Four Objectives. The Four Objectives were created to define the key topics and activities that we believe are necessary to ensure the safety and security of our guests. We primarily focus on your security processes and procedures, which we call Security Management System, to ensure your hotel is following the TUI Hotel Security Standard.

To read more about the Four Objectives, please click HERE

Intertek Cristal is a global leader in providing hoteliers with brand quality, standards, and risk management solutions. TUI chose Intertek Cristal to manage our risk-based security assessment specifically for 3^rd party hoteliers. Intertek Cristal provides expertise for TUI in security-related issues. To find more information about Intertek Cristal please click HERE.

TUI also works with SGS to carry out health and safety audits. Their expertise is in health and safety. These audits will continue to take place. You can find more information about Intertek Cristal HERE.

Yes, Intertek-Cristal has a complaints and appeals process. A complaint is a formal (written) and/or informal (verbal) expression of dissatisfaction with regard to the performance of Intertek Cristal in relation to the Security Hospitality assessment function. A complaint can be raised by a supplier for the following:

1. Customer service contact and response
2. Assessors’ general behaviour

An appeal is a disagreement between you and Intertek Cristal regarding assessors’ recommendations/decisions/opinions at any stage of the on-site assessment and mainly focuses on the following:

1. Assessment coverage and interpretation
2. Assessors competence and consistency

Security Pre-Assessment (SPA) This is the best way for you to check if your security measures are already in line with the TUI Hotel Security Standard prior to any security assessment. Complete the SPA to establish what you already have in place and where there is potential to improve your security. The SPA follows the TUI Hotel Security Standard and guides you through what is required. There is no need for you to return this form. To download the SPA please click HERE.

Intertek Cristal may send you an “online assessment” to complete. This is called the Security Self-Assessment (SSA).

• • TUI uses the SSA questionnaires to assess how well your unit complies with TUI Hotel Security Standards. In the SSA, we only require you to confirm if a measure and/or document exists and is in working order. By clicking on the link in the email, a webpage will open. Follow the instructions in the email and on the web page to complete the questionnaire. To get more information on SSA please click HERE.

Alternatively, Intertek Cristal may send you an invitation for a “consultant-led interview” to obtain answers and suitable evidence to some of the questions. This type of assessment is called Remote Security Validation (RSV).

• • Intertek Cristal will arrange an appointment and conduct the “consultant-led interview” via its proprietary application called “InView” to answer the questions and obtain suitable evidence. The Inview software is designed to be very simple to operate for the end user. All you need to do is download the app and the assessor will do the rest. Information will be provided via email at the planning stage.
  • During the “consultant-led interview” your assessor will guide the conversation through the RSV checklist and review the key documents that the hotel has in place over the allocated 2-hour window. This will mitigate any confusion with certain documents such as risk assessments and risk treatment plans/security plans etc.

Please see below the required documents the hotels should have ready for review:

• • Security management system documentation:
    • • Version control page showing when it was last reviewed/updated
      • Contents page
      • Security policy (signed document)
      • Nomination of first responsible for security (Name, position, Experience, time in the post)
      • Security responsibilities to specific people
      • Emergency procedures
  • Emergency contact details document (police, fire brigade, hospital, regulatory authority etc.)
  • Evidence that a process is in place to inform Tour Operators or their representatives in case of any occurrences that impact customer security.
  • Security risk assessments document that covers foreseeable risks. These should include, for example, theft of goods or information, (child) abuse, harassment, personal assault, terrorism/active shooting, arson, vandalism etc.
  • Security awareness and staff training records

To get more information on RSV please click HERE.

If you receive a request for Intertek Cristal to attend your hotel, this is known as Physical Security Assessment (PSA).

• • Intertek Cristal will contact you to discuss a suitable date and time. Please bear in mind the Security Risk Assessment takes approximately 4 hours; this will be broken into sections. For more details, please click HERE.

We are sure you will appreciate that with our vast hotel network, it would be impossible for us to schedule a security risk assessment for all the selected hotels at once, so until Intertek Cristal contacts you, we urge you to start your preparation. HERE, we have provided you with guidance, templates and related information; in fact, all you will need to deliver the new TUI Security Standard to your hotel.

In case your hotel has been selected for a physical assessment, you will be contacted by Intertek Cristal directly. Once you are contacted, you will be able to liaise with them directly and agree on a suitable date for the physical assessment to be carried out.

There would be several factors which will contribute to how often your hotel will need to have an assessment completed – these will include but not be limited to:

• Previous assessment scores and outstanding defects
• Customer volume
• Your specific security risk environment

Member of staff nominated as responsible for the security of your hotel, called Security Responsible Person,  should be present during physical assessment or answer the online questionnaires SSA or RSV. This person should oversee security and have enough knowledge of the operation/property – including access to documentation and procedures. The Security Responsible Person shall always accompany the assessor during the assessment.

Please note that most of the physical assessments will be held in English, so you might find it helpful to have a translator available to ease communication and ensure any questions you have can be adequately answered.

Documents that the assessor will ask to see on the PSA will include but not be limited to:

• Security Management System document
• Security Emergency Procedures
• Security Training Program and attendance sheet
• Risk Assessment document
• Risk Treatment Plan or more commonly called the Security Plan

For the Security Responsible Person should not take more than 30 minutes to answer the PSA or SSA.

During the “consultant-led interview” your assessor will guide the conversation through the Remote Security Validation checklist and review the key documents that the hotel has in place over the allocated 2-hour window.

The Physical Security Assessment will take a maximum of four hours, which is dependent on features such as the scale or specific location of your hotel/resort, etc

• Emergency/special procedures
• Perimeter
• Access control
• Document handling
• Security training
• Public and private areas

On the day of the on-site assessment, the assessor will arrive at your property at the agreed time and present the confirmation letter sent back from the hotel and an official document proving the identity of the assessor.

An opening meeting will take place which will include an explanation of the assessment process and a discussion regarding the outstanding defects from any previous assessments (if applicable).

The assessment will then begin. The assessor will be required to take photographic evidence of highlighted defects.

Once the assessment has taken place it will end with a closing meeting to make you aware of any defects found, how to correct them and the time frame given to do so. This is the time to ask any questions you may have about any of the findings.

The findings of this assessment will not be shared with anyone outside of TUI and Intertek Cristal unless they are required for legal reasons.

No, routine accommodation security assessments are paid for by TUI Group as per contractual agreements between Intertek-Cristal and TUI Group.

However, where an assessment is cancelled, by you within seven days of the confirmed date, TUI Group reserves the right to invoice the Hotelier the full cancellation fee.

We primarily focus on management-level requirements, which hotels must then fill with content, taking into account their security environment. This is not about incurring further costs unless you are already planning some changes in this area. This is about ensuring security becomes part of your business approach and is embedded into your day-to-day operations ergonomically. TUI Group has provided you with a guidance document that includes indicative security measures as well as practical examples and guidance on how each of these can be put in place. However, ultimately it is your responsibility to take financial ownership of implementing these security measures to improve the safety and security of your hotel’s/resort’s customers and staff.

TUI will provide guidance through its TUI Partners Website and with the help of TUI’s hotel security assessor Intertek Cristal. We have already launched our website and plan to upload new content constantly to help those who needed. On some occasions, TUI will provide face-to-face training through Intertek Cristal.

A detailed hotelier security guidance is available to download from HERE. The guidance document lists the measures that should be implemented in your hotel and supplies practical examples and guidance on how each can be put in place.

Security Self Assessment (SSA)

To close any defects found during the SSA we will need you only to confirm that the defect has been corrected. You can do that by clicking on the link in your last email received from Intertek Cristal and following the instructions in the email and on the web page.

Remote Security Validation (RSV)

To close any defects in RSV there will be two options. If a question requires photographic evidence and/or documentation to show, we will need to see photographic evidence and/or documentation to show the defect has been corrected. Intertek Cristal will validate the evidence provided to ensure it is suitable to close the defect. We will only need confirmation that the defect has been corrected for those issues where we have not requested photographic evidence and/or documentation. You can do that by clicking on the link in your last email from Intertek Cristal and following the instructions in the email and on the web page.

Physical Security Assessment (PSA)

To close any defects found during PSA, we will need to see photographic evidence and/or documentation to show the defect has been corrected. Intertek Cristal will validate the evidence provided to ensure it is suitable to close the defect. You can do that by clicking on the link in your last email from Intertek Cristal and following the instructions in the email and on the web page.

The deadline is two months usually or whatever is agreed with Intertek Cristal.