What is ISO 31030?
It is derived from the well-established ISO 31000 (2018) Risk Management Standard, bringing it into the travel industry to create the first globally recognised Travel Risk framework that organisations can work to. Even companies that have a holistic approach to manage risk in general (ISO 31000) will need to align their existing processes due to the specific context of travel-related risks.
The ISO 31030 focuses on the travellers and the risks involved in their travel, providing guidance, common language, and tools for managing the risks involved. The new standard will cover all aspects of business travel including authorisations, planning, policy, traveller assessment, transportation, destination, accommodation and much more.
The new ISO is not going to be certifiable yet, but will “drive the conversation towards accreditation” sometime in the future.
Why ISO 31030 for international business travel?
For many organisations, business travel is a must in order to expand their operations in new markets. The number of visited countries worldwide is growing and includes an increasing number of medium to high-risk areas. However, in the middle of these statistics are the actual employees who could be exposed to different variety of risks, from road accidents, natural disasters, cybersecurity, disease outbreaks to just simple and unexpected events, such as nobody meeting them at airports to do the pick-up.
Managing risks in a foreign country where the organisation has no local base is much more complex. Therefore, a more focussed approach is needed compared to domestic locations where risk profiles are better known and understood.
World Travel Protection advised that, the most common issues that jeopardise the trips are the “unpreparedness for the destination” including no meet and greet or lack of understanding of the visiting countries. Also added, there are certain countries where nobody should visit without a thorough travel risk management plan, a perfect example being Mexico.
It was highlighted by the panel that while it is common for organisations have a strict financial controls in place regarding business travel such as: how to travel, where to buy tickets, how to claim expenses, what the budget is, there is often “zero input” on how to take care of the actual travellers. For example, in the case of COVID related issues, basic employee tracking and having a meeting and greet organised.
The new ISO 31030, combined with the pandemic, has created an opportunity for organisations to look at the gaps in their travel management systems and implement a more robust process to keep the travellers healthy and safe, addressing the risks the travellers are facing.
The aim of the standard is to promote a global culture where travel-related risk is taken seriously, resourced enough and managed efficiently, under a common language and principle.
Where to start with implementing a travel risk management plan?
Travel risk can sit across functions and departments from security, risk management, HR, health and safety, procurement, sales to marketing. This differs from one company to the other. But they all can add value to the travel risk management plan, so identifying all of the stakeholders is a good starting point. The aim is to bring all these stakeholders under one single streamlined policy.
What about the rules and responsibilities with regards to ISO 31030?
At what point do the rules and responsibilities switch over from one company to the other?
It is important to mention that the responsibility of the organisation doesn’t stop when the employee arrives at the receiving destination. The company sending an employee abroad needs to do its own due diligence on the location and travel plans, as the employee is out of area and risks are involved. This is where a contingency plan is needed.
We all agree that every business has a duty of care to their employees when travelling abroad, but travellers also have a duty of loyalty towards their organisations. Providing feedback on their trip can help this, creating a “full loop of accountability under a singular process”.
The employees need to communicate back to the business on their travel not just at the end of the trip, but as and when an incident occurs. The organisations then need to have processes in place on how and where to feed critical data back (nuisances and mistakes, as well as positives). Processes are also needed for how to learn from issues and how to implement changes so they can save money and time for any future business excursions.
Basically, all stakeholders need to be in the know regarding feedback.
Most organisations today don’t have a feedback mechanism, so the ISO 31030 will give the opportunity to implement one.
Travel risk and accommodation
One of the critical parts of travel risk management is the accommodation side, so the hoteliers were involved in the expert travel industry group who created the ISO 31030.
It was paramount to have the hotel industry adapt to certain standards relating to hygiene, safety and fire safety. When a business person arrives at a hotel, it needs to be fit for purpose and strictly regulated rather than just a relaxed attitude.
So, the new standard ensures preferred suppliers and corporate partners (like hotels) meet appropriate standards.
Does the ISO31030 document suggest a risk profile for international business travel?
There is an advice on how to build a profile risk templates in the document. The new ISO has many referrals to ISO 31000 for example on how to build risk tolerance and how you deal with risk generally. While many people usually would jump straight into risk assessment, the panel highlighted agreeing with the ISO doc that “the most important part of any risk assessment is the threat assessment and that a risk assessment needs to be built up from the threat assessment”.
Which type of organisations does it apply to?
Regardless of its sector or company size, the new ISO standard will be applicable to all organisations from commercial, charitable, government to non-government organisations. It will not apply to tourism and leisure-related travel.
ISO 31030 is in its final tweaks, and is scheduled for release in October 2021, however companies who are keen to take it onboard could start looking at the existing draft now.
While the covid pandemic brought devastation to the world, it also had a “positive” impact on the presumptions around business travel, highlighting the importance of an organisation’s duty of care to its employees.