ISO 31030: One Year On
One year on from the publication of ISO 31030, we assess the impact it has had and what to look out for as corporate travel resumes.
We spoke to travel risk consultant Bex Deadman and Global Secure Accreditation’s Nick Hawkins about the standard. Bex is an independent consultant who advises organisations on their travel risk management and is working with industry groups on the evolution of ISO 31030. Nick and GSA provide readiness assessments to organisations wanting to benchmark their travel safety programmes alongside ISO 31030 and contributed significantly to the creation of the standard.
RiskPal (RP): One year on from the publication of the ISO 31030 standard, what do you think it has achieved?
Bex: It’s crazy for me that we are still in what is the infancy of this standard. When standards are launched, they tend to go through a few years of adoption and use across the industries that they are intended for. ISO31030 seems to have already been well received across corporations, certainly the larger global ones who have a real interest in understanding how they measure up against the guidance. The work PWC did with GSA has most certainly raised its profile and was recognised with a Business Travel People’s Award as best Duty of Care initiative. This is all positive news for a standard that has only been for just over a year.
Nick: The standard has been well received although there still needs to be a lot of education around how it impacts organisations of all sizes. We have seen travel buyers now working more closely with their own internal risk management teams , something also driven by the COVID-19 pandemic. The new ISO 31030 travel risk management guidance supports standardisation across the industry. It creates industry best practice that both corporates and suppliers can adopt.
RP: What are the most common questions you get about ISO 31030?
Bex: ‘Is it possible to be certified in it?’ The answer to this is no, not yet, and it probably won’t be for some time to come, if ever. It’s first revision will be circa 2024, so definitely not before that. There are already companies offering gap analysis and readiness assessments, which will continue to grow over time. This helps the standard to become normalised, but it is not an official certification standard at this time.
I think the second most asked question is ‘who is ISO 31030 for?’ There is still confusion about the audience and a perception it is just for travel companies and large organisations. Conveying the message that the standard is for any and all organisations with employees who travel on behalf of the business, domestically or internationally, is important.
Nick: The most common questions we get asked include:
- ‘How should we handle the issue of sensitive personal information that may be relevant to travel decisions?’Health data and other sensitive personal information needs to be handled sensitively but is important for traveller safety. For example, knowing whether someone has sufficient medication for the duration of a visit and if it is legal in the destinations can catch travellers and employers out.
- ‘What do we do about bleisure?’
Bleisure is off-duty activity or staying on for tourism after a business visit is completed. Organisations need to understand the parameters of their insurance and corporate travel policies should clearly define how this is managed.
- ‘Does ISO 31030 apply to us?’If you send staff on national or international travel as part of their duties then, yes, it does apply to you. However, ISO 31030 guidance is recognises proportionately and reasonably foreseeable travel risks, so whilst organisations shouldn’t be complacent, there is no need to panic.
RP: What do you think is preventing more organisations embracing the standard?
Bex: Honestly, I don’t think that there are that many people well-versed in it yet to talk knowledgeably about it from a travel consultancy side but, as I said, it’s still early days. Within organisations, I think there just isn’t the hours / people to look at it and it’s fallen into the list of “really should look into it” tasks, especially given the disruption from the pandemic in the past couple of years.
Nick: A lot of organisations are still not aware of the standard, its implications to their own business and what they actually need to do. Having adequate resources to actually look at the standard amid all of the current challenges in corporate travel is another issue.
RP: Which elements of the guidance do you think organisations find most difficult to achieve?
Bex: I think there is a gap in knowledge across the corporations and travel industry which makes starting this project seem quite daunting. The truth is that it can be started in a variety of different areas across a business, depending which department has the scope to take it on. A key feature of this standard is that it’s stakeholder focused and not sole responsibility of one person. My advice is if you have an interest in your part of the business then start from there. Secondly, the vendor management piece is not easy. This is simply because vendors are learning as much as the end-users, it’s something that needs to be worked on and tackled together.
Nick: GSA reviewed a number of organisations – large and small – in the last year and the common challenges we have seen include:
- Getting some ‘airtime’ with their organisation’s ‘C-suite’ so that top management understand their role in the travel risk management programme, particularly when trying to get the programme established.
- Organisational capacity to put a programme together.
- Getting effective co-ordination between different departments and functions.
- Getting post-travel feedback from busy travellers.
RP: Being only guidance, do you think more organisations would take it more seriously if it was a certifiable standard?
Bex: I think there is a danger that some organisations are missing the point of standards altogether, seeing them as a checklist to achieve when it’s either demanded of them from customers or similar. Standards are a collection of learnings and guidance from the very best within that industry and take many years to create. They are not there to demand “Thou Shalt Not Pass”, although it’s possible to see how we got to this understanding. This standard, along with the rest of its 31000 Risk Management family are there to offer guidance to businesses. These standards are very much pitched for you to understand the topic but then decide how it best fits your organisation and how to apply it. You record it all in some way and then, most importantly, you do what you say you do. This final piece is what can be audited.
Nick: The general feedback we see from organisations, falls in to two camps, 1) those who see the standard as a benchmark to allow them to map their own travel risk policies/procedures alongside an industry recognised standard of good practice and 2) those that do not see implementation as a priority because it is guidance. Camp 2 could still suffer litigation in the event of an unfortunate travel incident; the guidance provides in one place the standard of reasonableness that courts would consider in litigation where a traveller who is a worker suffers a detriment as a result of a reasonably foreseeable risk. The guidance already has made an impact as a reference that lawyers will reach for when considering the merit of a potential claim.
Read our other articles about ISO 31030
ISO 31030 Travel Risk Management: Where to Begin?
ISO 31030 Travel Risk Management [Part 2]: Getting Started
Lead the Way: How RiskPal Can Help Your ISO 31030 Objectives