There is a great article in the USA today on how criminals target hotels and steal their guest’s credit card info. You can read the entire article on the USA Today website by clicking here.
The article says that hotels are considered hacker’s number one target and mentions how Wyndham was breached 3 times in the last 12 months.
Our favorite post from the comment section: Ladies Man writes “A bigger and far more serious crime is coming down to breakfast and discovering it consists of bagels, honey buns, and those weird chewy off-brand fruit bars. If my credit card info must be stolen, I’d rather find out after I’ve had a large and proper breakfast.”
It is a common question, how often should your hotel have an internal audit done? The answer: well, it depends. Here is why:
First, how often do most hotels actually conduct an internal audit? Most hotels will say they are audited once per year. However, most hotels have the goal of being audited once per year. In reality, they are audited only every 2 or 3 years in most cases.
Having a goal of once per year is a good start. But we recommend that you set your goal based on the results of the last audit. If the hotel scored 90 percent or better on the last audit, conducting one audit per year is fine. However, if the hotel scored less than 90 percent, we recommend that the hotel creates a 90 day action plan to improve their results and then the hotel is audited again after 90 days.
We understand the expense of conducting an audit, however, the amount of money that could be lost by a hotel with improper controls could easily be far more than the cost of an audit.
A few additional audit tips:
First, the audits should always be completely unannounced. We usually recommend that the Controller and other key managers who are needed for the audit submit a schedule of any vacation days so the auditor does not show up during their vacation.
Second, the follow up on the audit is just as important as the audit itself. Many hotels will score poorly year after year. Passing the internal audit should be on every Controller’s list of goals and yearly review.