ISO 31030 Travel Risk Management: Where to Begin?
RiskPal’s COO, Tom Bacon, assesses some of the implementation challenges of ISO 31030 and why embracing digital solutions are essential to success. This is the first in a three-part series focused on the new travel risk management standard and how organisations can achieve some of its recommendations.
Here’s what Tom shared in our exclusive #RPTalks 101 series on ISO 31030 standards for Travel Risk Management.
Last week I read the 48 pages of the ISO 31030 standard (no skimming, honest!) As expected, it provides a very comprehensive framework for travel risk management. Reassuringly, it offers no major surprises and all its key concepts will be familiar to travel and risk managers.
The fundamentals such as a travel management policy, incident management plan and risk management structure (risk assessment process, insurance, preferred external providers etc) will already be established for many organisations, as I highlighted when writing about this in June.
I see the more difficult parts that organisations will face implementing ISO 31030 as twofold: firstly orientated around general process management; and secondly regarding a few specific elements of the guidance.
Thankfully, neither area is insurmountable.
Process Management
Familiar to any risk manager and embedded in enterprise risk management, is the primacy of ensuring management support. A clear delineation of roles, avoiding silos and single points of dependency; and keeping on top of necessary updates to policies and risk treatments are some of the other requirements that ISO 31030 outlines that can be common workplace challenges that can derail success.
ISO 31030 Specific Features
Speaking to practitioners about their travel risk programmes, I see some of the following areas among the more challenging aspects to implement and maintain:
- Comprehensive recording and reporting of risk management metrics.
- Crisis resilient (i.e. accessible and up-to-date when you need it) emergency records that comply with privacy regulations and secure InfoSec standards.
- Efficient and scalable capturing and sharing of traveller feedback on destinations and suppliers.
- Incorporating individual traveller profiles into risk assessments.
- Factoring activity-focused health and safety considerations into risk assessments, alongside traditional destination-based analysis.
Nearly There?
I predict that many organisations will have more than 50% of the features that The Standard covers already in place. But I also believe that achieving and then maintaining the full suite of ISO recommendations will be impossible without the use of a digital solution.
ISO 31030 outlines great suggestions around programme reporting and metrics that are just too time consuming and prone to error without automated analytics. It’s the same for capturing staff feedback on destinations and international suppliers; manual ways of reporting are not scalable and allow cases to fall between the cracks, especially during busy periods or a crisis. Whether in response to a new or changing threats or for audit purposes, manually updating templates or risk treatment advice can be also laborious without access to a centralised document database.
Digital solutions offer you management data and workflow efficiency without any compromise on quality. They are definitely not the single solution but will help facilitate the achievement of your travel risk management goals.
We know change can be scary and introducing new systems can seem like a headache, (especially if you have complex or disparate procurement processes), but digital transformation is happening all around us and your risk management process has to evolve, before you get left behind.
So Where to Begin with ISO 31030 for Travel Risk Management?
For small organisations or departments at the start of their journey, ISO 31030 might seem a little overwhelming, but it need not be the case. There is no-one-size-fits-all route to success and it can be achieved over time in manageable stages.
Over the next few weeks, I will share some additional thoughts for where you could start and what to think about, wherever you are on the journey.
Stay tuned & follow us on LinkedIn to catch up with all the latest RiskPal updates!
You can read my previous article, Getting Ready for ISO 31030 here.
Please Contact Us to find out more about RiskPal.