Navigating travel risk with ISO 31030:2021

Navigating travel risk with ISO 31030:2021

Organisations and travellers alike are constantly seeking opportunities to minimise or mitigate potential travel-related risks. In September 2021, the International Organization for Standardization (ISO) published ISO 31030:2021 Travel risk management — Guidance for organisations. Travellers whose organisations have robust travel management policies may have an advantage should eventualities strike

For this insight, focus will be placed on some of the terms and definitions from ISO 31030:2021. Duty of care is the moral responsibility or legal requirement of an organisation to protect the traveller from hazards and threats. Travel risk is theeffect of uncertainty on objectives due to travel, while travel risk management refers to coordinated activities to direct and control an organisation with regard to travel risk.

The journey starts in an organisation’s operating environment, where external and internal factors are likely to impact the extent to which an organisation’s travel risk management (TRM) programme objectives can be achieved. The challenges encountered by business travellers as a result of uncertainties, for example, are likely to derail their travel objectives.

These can include unreliable transport, natural disasters, and geopolitical risks triggered by increased tension or conflict between countries. Similarly, issues such as local health infrastructure, medical care, cybersecurity, and the quality of accommodation should not be taken for granted, while the state of road conditions should also be in the spotlight.

During business travel, emergency situations are inevitable. An organisation’s duty of care should indicate how it will support its travellers should these scenarios arise.

On some occasions, travellers are faced with travel risks as a result of the industry sectors in which their organisations operate. In South Africa, an example of an industry that has witnessed social unrest is the road freight industry, which has had its share of risks as a result of attacks on drivers causing supply chain disruptions.

Not all organisations face the same threats. Therefore, it’s important that organisations understand their business environment and related industry sectors. For instance, a humanitarian organisation which operates or plans to operate in a conflict-torn country might have to conduct a real-time review of its TRM objectives. This is to ensure that individual travellers’ safety risks and appropriate risk controls are carefully analysed. According to the World Bank, “By 2030, up to two-thirds of the world’s extreme poor could live in fragility, conflict, and violence settings.”

More than ever, the risk landscape is changing, thus impacting the internal and external environment. This should prompt any organisation to regularly review its risk profile for travel. The results of the risk profile review ought to then be communicated to the relevant internal and external stakeholders related to an organisation’s TRM.

Organisations should also pay attention to a traveller’s profile as this may differ from one employee to another. According to ISO 31030:2021, factors such as race, competencies, nationality, cultural identity, gender, sexual orientation, religion, age, occupation, position, disability, or medical history can all affect the risks associated with travel.

Whether travellers are working for or on behalf of the organisation may necessitate different duty of care requirements. This also relates to other types of travellers such as direct workers, and other workers in the organisation and its supply chain.

Business travel is a tough balancing act. Organisations should weigh all options in pursuit of their business objectives and opportunities. This approach provides tactics that can be used to deal with potential risks that arise. One of the strong statements in ISO 31030:2021 is that the organisation’s overall appetite and acceptance of risk should not take precedence, or be used exclusively, in deciding whether travel is appropriate for security, safety, or health reasons.

ISO 31030:2021 is applicable to all organisations, irrespective of the sector in which they operate. However, there is no one-size-fits-all approach when it comes to managing travel risk. This is because each organisation’s risk profile is different. Hence, the focus is on top management, which is expected to lead, commit, support, and take ownership of their organisation’s travel risks. This can be accomplished by establishing a TRM policy and TRM objectives in line with the organisation’s plans and actions.

Some organisations may unintentionally fail to invest in understanding their duty of care to their travellers, but the wake-up call comes when an incident undesirably affects their travellers. The allocation of resources to support the TRM programme, however, ensures the achievement of desired results, and this TRM programme should be an agenda item during management reviews.

Travel risks must be continually identified, analysed, and evaluated. ISO 31030:2021 suggests that travel risk assessments should cover both security threats and safety and health hazards. Some organisations’ TRM policies stipulate that when travelling as a group, travellers should not all travel together. This is an attempt to safeguard the personal safety of their travellers as much as practically possible, while at the same time ensuring business continuity should uncertainties occur. Once travel risks have been evaluated, appropriate controls should be implemented.

Hence, risk-informed decisions are made to either avoid risk, share it through a third party such as insurance, or even retain the risk. You may recall that where possible, risk avoidance was the norm during the Covid-19 pandemic. For example, working from home (WFH) ushered in widespread use of technology for meetings. Yet following the WFH measures, cybersecurity risks became the talk of the town.

ISO 31030:2021 has put a lot of emphasis on risk reduction. As stipulated in clause 7.4, this includes selecting treatment options, competence of travellers and those involved in TRM, reliability of information, advice and updates, communication protocols/platforms, accommodation selection, information security and privacy protection, appropriate modes of transportation, journey management, medical and health risk reduction, traveller recuperation, medical treatments, travellers with special needs, medical and security support services, incident management planning, incident and emergency contact points, traveller tracking, kidnap and ransom planning, and evacuation planning.

There is no shortage of opportunities for improving a TRM programme. Monitoring and reviewing of the TRM programme should therefore be done periodically, or as and when travel risk situations arise. When effectively used, surveys and benchmarking exercises provide valuable input into opportunities for improvement, while the TRM programme should also have clearly defined key performance indicators that are tracked and evaluated.

Travellers and relevant stakeholders should equally be aware of their obligations in reducing the impacts of travel risks on their work productivity, safety, security, and health.

Bearing all of this in mind, one can clearly predict that ISO 31030:2021 will be a game changer for those managing and participating in organisational travel.

Published by

Hope Kiwekete

Hope Mugagga Kiwekete is a managing consultant at the Centre for Enterprise Sustainability. Previously he was a principal risk management consultant at Transnet Freight Rail and a management systems specialist and senior EHS auditor at the South African Bureau of Standards. He has practised as a management systems consultant, trainer and auditor in the fields of risk management, environment, energy, occupational health and safety and quality management in various industry sectors in eastern and southern Africa and Southeast Asia.
Prev Standards: a key driver of business excellence
Next Covid-19 still vexing occupational health

Leave a comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.