By Kayleigh Rogers, consulting manager, Global Business Consulting

The devastating earthquakes suffered by Turkey and Syria earlier this year provided a sad reminder that travel risk management and duty of care remain as relevant as ever.

The International Organization for Standardization (ISO), an independent, nongovernmental international organization made up of 168 national standards bodies, developed the ISO 31030 standard to give companies the opportunity to measure the scope and effectiveness of the care they take of their travelers. Designed to become the global standard for travel risk management, ISO 31030 aims to “promote a culture where travel-related risk is taken seriously and resourced adequately.”

The benefits of introducing a travel risk culture extend far beyond traveler well-being; protection of assets, reduced legal exposure, security of supply chains, and assurance to investors are some of the many advantages of managing travel risk effectively. ISO 31030 will challenge travel and security managers to look beyond more obvious risks and consider other factors that can range from road conditions and availability of telecommunications to employees’ physical and mental health.

Why it matters

ISO 31030 is not a currently a formal accreditation; there is no legal requirement for an organization to comply with its recommendations. However, organizations do have a duty of care to employees traveling on company business and, potentially, where employees blend work and leisure travel. Even if not mandatory today, the ISO 31030 standard will become more important. In recent years, legal actions such as Dennis versus the Norwegian Refugees Council have highlighted the implications for organizations that cannot show that they took every reasonable step to protect their travelers.1

What to look out for

The ISO 31030 standard covers all aspects of corporate travel; there are areas in travel programs where organizations can be more likely to encounter gaps in their risk management governance. These include:

  • No mandatory booking process in place.
  • No enforcement of mandatory booking process.
  • Pretravel authorization.
  • Pretravel risk assessments.
  • A new or addendum travel risk policy.
  • Potential changes to sourcing processes.
  • Pretravel checks for travelers.
  • Travel safety training for travelers.

Where to get started

As business travel continues to recover, now could be a good time for organizations to review and strengthen their travel risk management governance, using the ISO 31030 guidelines as a comprehensive framework. Be under no illusions; this is a big job. Travel managers can start gradually and build up by taking the following steps:

  • Identify the gaps in risk management.
  • Define the stakeholders in travel risk and assess the organization’s risk profile.
  • Engage with security teams and providers.
  • Work with the travel management company to explore changes to booking processes.
  • Consider a preapproval tool like Expert AuditorTM, which can support both budget oversight and safe travel. Expert Care™ can help you manage duty of care, including identifying threats, learning which employees are most at risk, and seeing where they are at any given moment.
  • During sourcing, ask additional security questions and consider expanding hotel coverage in your risk locations.
  • Use this as a positive opportunity to address leakage.

With ISO 31030, travel managers can adopt a best practice approach that will help them manage travel risk more effectively, protecting both the traveler and the organization.

To learn more about implementing ISO 31030 in your organization, contact Global Business Consulting.


1 In 2015, aid worker Steve Dennis won a landmark case against his former employer, the Norwegian Refugee Council (NRC). NRC was found to have failed in its duty of care to Steve Dennis while he was working for the NGO in a refugee camp in Kenya.