follow us
Planning your next holiday? Find an ATAS accredited agent here » ATAS Logo


If you're a new user and do not yet have a username/login.

Register Now

Participant Zone

Accredited ATAS participants click here for access to the secure business support area.


Returning users log in to commence or access your ATAS application.

My AFTA Login

News Hub

« Back

Crisis and Risk – are you prepared?

On 21 February 2019, the Council of Australian Tour Operators (CATO) held a full day seminar asking the question “Are you Crisis Ready?”. The event was attended by many of the Australian Wholesalers that travel agents rely on every day, and Gow-Gates was very privileged to be part of this day. It was very encouraging seeing how many members of the organisation are committed to taking every available action to ensure your passengers are safe when they travel.

The General Manager, Brett Jardine, and his fine committee gathered many of their long term supporters (including AFTA) to put together a program to examine risks faced in their businesses.

Key highlights from the Crisis Ready conference include:

  • Understanding a crisis and what tools are available to manage these events
  • DFAT is Australia’s front line when it comes to major international incidents 
  • The benefits of having your clients registered with Smartraveller to help in time of crisis
  • Communicating clearly and accurately with all stakeholders after the event
  • Emerging risks such as Cyber-attacks and the effect it can have on your business, your reputation and your clients need to be addressed

We also hear from one of Australia’s most experienced academics in the field of Tourism Risk, Crisis and Recovery, Dr David Beirman, who basically summed up the starting point of how to understand Risk Management – you need to look at:

1. Likelihood
2. Consequences
3. Priorities

But what does it all mean for you? Firstly, it is exceptionally encouraging to know that if you are booking with a CATO Member, they are taking the care and safety of your customers exceptionally seriously. Secondly, maybe it is time for you to look at what you would do in a disaster? Not every disaster happens in remote areas of the world where you could imagine a crisis – sometimes they strike much closer to home.

Crisis Management

How Can I Be Prepared?

It is important to have the correct insurance in place to keep your doors open after a loss such as fire, storm or flood. But there is more to protecting your business than just taking out an insurance policy and hoping that everything will work out fine.

Protecting your business, staff and customers during a time of crisis can determine if your business reopens – or not. Even though every situation is unique, any travel business can be better prepared if it plans carefully, puts emergency procedures in place and practices for emergencies.

Pilots practice in simulators for many hours. During these sessions, pilots run through scenarios to test their skills, reflexes and problem-solving skills teaching them how to react to a disaster, how to protect themselves and mitigate their losses. Have you done the same for your business? Ask any business owner who has suffered a major loss, if they could do it all again, they would have a Disaster Recovery Plan in place.

Emergency procedures should be part of your Disaster Recovery Plan. Keep a copy of your Plan at an off-site location and ensure that more than one person knows where it is.

Who and what to include in your emergency procedures

While every business is different, some things are vital to running a business and you need to protect them.

For employees:

• Ensure that all your staff are aware of the building’s evacuation procedures
• Document each staff member’s emergency contact details
• Decide who is in charge when regular managers are unavailable
• Create an Emergency Communication Protocol for staff members, customers and suppliers and designate individuals who will initiate the communication process
• Train your staff on the Disaster Plan

For your customers:

• Keep a copy of your customer records off-site in a secure location
• Have a plan for an alternate worksite from which to communicate to customers until you are up and running again

For contents:

• Maintain an inventory of all equipment used by your business
• Keep a maintenance schedule for all equipment, as well as manufacturer and service contact information for each

For property:

• Ensure your property meets all local council building safety and fire codes
• Know where utility shut-offs are located and how to operate them

For records:

• Document all processes that make your business run, from the telephones to tracking finances, to making your bookings
• Develop a schedule for backing up all computer records
• Keep current copies of computer files off-site and ensure they are accessible (keeping the back-up disks in the desk drawer next to the computers is no use in the event of a major storm or fire)

Cyber Attacks - are you prepared?

For insurance:

• Coverage can mean the difference between reopening after a disaster strikes and having to close your doors. Discuss regularly with your broker to ensure you have adequate coverage and make sure you have their contact details should disaster strike.

• Take the matter of setting up your insurance seriously - not just as another bill for you to pay. If spending a bit of extra time understanding your coverage to ensure you are adequately covered could make the difference between your business surviving or you losing it all – surely it is worthwhile.

• Always look at including adequate coverage not only for the loss of your assets but also the loss of business income.

• The best chance of surviving a major loss is having the correct insurance in place at appropriate sums insured – review these regularly and if anything changes, tell your Insurance Broker.

Disaster Recovery Plans for Cyber Attacks
Nowadays there is a new threat for businesses – Cyber Attacks. We are seeing the frequency of attacks increasing at an alarming rate. Your business needs to be prepared for a cyber attack or data privacy breaches.

It is no longer enough to merely have IT systems that will defend against attacks as determined hackers may still find a way through the defences.

Your business needs to update the Disaster Recovery Plan to include what to do in the event of a Cyber-attack.
Internal threats (such as employees inadvertently clicking on a suspect link or abusing confidential information) account for nearly 80% of security issues. Limiting access to sensitive information, logging events and backing up information is crucial, but so is educating employees on safe emailing and internet practices.

For employees:

• Ensure every employee can take part in the post-attack process – all teams, not just the IT department or provider should be trained how to communicate with clients after a cyber attack
• The most effective cyber response plans are tailored to the individual business and the employees should be made aware of their specific role
• Ensure all staff are regularly updated on correct procedures and to report anything suspicious immediately to management
For Insurance:
• Discuss with your broker the most appropriate level of Cyber Insurance for your organisation

• Ensure that the Insurance Provider has an experienced Cyber response team to help you navigate the waters following an attack

If you are not sure if the wholesalers you use are members of CATO, there is an extensive list on their website at

If you believe that this issue is relevant to your business, please feel free to contact Rebecca Fleming, Account Manager of our Travel Industry Division at Gow-Gates Insurance Brokers on (02) 8267 9919 or to discuss your circumstances or to obtain a quotation.

Gow-Gates Insurance Brokers advises that persons should not act on the material contained in this article as the items are of a general nature only and may be misinterpreted. We therefore recommend that advice be sought before acting in these areas.