Travel risk management — Guidance for organizations

This document gives guidance to organizations on how to manage the risk(s), to the organization and its travellers, as a result of undertaking travel. This document provides a structured approach to the development, implementation, evaluation and review of: policy; programme development; threat and hazard identification; opportunities and strengths; risk assessment; prevention and mitigation strategies. This document is applicable to any type of organization, irrespective of sector or size, including but not limited to: commercial organizations; charitable and not-for-profit organizations; governmental organizations; non-governmental organizations; educational organizations. This document does not apply to tourism and leisure-related travel, except in relation to travellers travelling on behalf of the organization.

Gestion des risques liés aux voyages — Recommandations pour les organismes

Le présent document fournit des recommandations aux organismes sur la manière de gérer le ou les risques, pour l’organisme et ses voyageurs, lorsqu’ils effectuent un voyage. Le présent document fournit une approche structurée pour l’élaboration, la mise en œuvre, l’évaluation et le contrôle des éléments suivants: la politique; l’élaboration de programmes; l’identification des menaces et des dangers; les opportunités et les points forts; l’appréciation du risque; les stratégies de prévention et d’atténuation. Le présent document s’applique à tout type d’organisme, quel que soit son secteur d’activité ou sa taille, y compris, sans s’y limiter: les organismes commerciaux; les organismes caritatifs et à but non lucratif; les organismes publics; les organisations non gouvernementales; les organismes éducatifs. Le présent document ne s’applique pas aux voyages à but touristique et de loisirs, sauf en ce qui concerne les voyageurs qui voyagent pour le compte de leur organisme.

Obvladovanje tveganja na potovanjih - Napotki za organizacije

General Information

Status
Published
Publication Date
13-Sep-2021
Technical Committee
Drafting Committee
Current Stage
6060 - International Standard published
Start Date
14-Sep-2021
Completion Date
14-Sep-2021

Buy Standard

Standard
ISO 31030:2021 - Travel risk management -- Guidance for organizations
English language
48 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO 31030:2021 - BARVE na PDF-str 9
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ISO 31030:2021 - Gestion des risques liés aux voyages -- Recommandations pour les organismes
French language
52 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/FDIS 31030:Version 19-jun-2021 - Travel risk management -- Guidance for organizations
English language
48 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/FDIS 31030:2021 - BARVE na PDF-str 9
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Draft
ISO/FDIS 31030:Version 07-avg-2021 - Gestion des risques liés aux voyages -- Recommandations pour les organismes
French language
48 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO
STANDARD 31030
First edition
2021-09
Travel risk management — Guidance
for organizations
Gestion des risques liés aux voyages — Recommandations pour les
organismes
Reference number
ISO 31030:2021(E)
ISO 2021
---------------------- Page: 1 ----------------------
ISO 31030:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 31030:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Understanding the organization and its context................................................................................................................. 5

4.1 Operating context ................................................................................................................................................................................. 5

4.1.1 General...................................................................................................................................................................................... 5

4.1.2 Industry/sector specific ............................................................................................................................................ 6

4.1.3 Risk profile ............................................................................................................................................................................ 6

4.2 Stakeholders .............................................................................................................................................................................................. 6

4.3 Travelling population ........................................................................................................................................................................ 7

4.4 Business objectives, risk appetite and criteria ............................................................................................................ 8

4.5 Travel risk management and delivery ................................................................................................................................ 8

5 Managing travel risk ......................................................................................................................................................................................... 8

5.1 Leadership and commitment ..................................................................................................................................................... 8

5.2 Policy ............................................................................................................................................................................................................... 9

5.3 Roles, responsibilities and accountability ....................................................................................................................10

5.4 Objectives..................................................................................................................................................................................................10

5.5 Planning/establishing the programme ...........................................................................................................................10

5.6 Implementation ...................................................................................................................................................................................11

6 Travel risk assessment ................................................................................................................................................................................12

6.1 General ........................................................................................................................................................................................................12

6.2 Risk identification .............................................................................................................................................................................14

6.3 Risk analysis ...........................................................................................................................................................................................14

6.4 Risk evaluation .....................................................................................................................................................................................15

7 Travel risk treatment ....................................................................................................................................................................................16

7.1 General ........................................................................................................................................................................................................16

7.2 Risk avoidance ......................................................................................................................................................................................16

7.2.1 Pre-travel authorizations.......................................................................................................................................16

7.2.2 Restrictions ........................................................................................................................................................................17

7.3 Risk sharing ............................................................................................................................................................................................17

7.3.1 General...................................................................................................................................................................................17

7.3.2 General insurance ........................................................................................................................................................17

7.3.3 Specialist insurance ....................................................................................................................................................18

7.4 Risk reduction .......................................................................................................................................................................................18

7.4.1 Selecting treatment options ................................................................................................................................18

7.4.2 Competence .......................................................................................................................................................................19

7.4.3 Information, advice and updates ....................................................................................................................19

7.4.4 Communication protocols/platforms .........................................................................................................19

7.4.5 Accommodation selection .................. ...................................................................................................................20

7.4.6 Information security and privacy protection .......................................................................................20

7.4.7 Transportation ................................................................................................................................................................21

7.4.8 Journey management ................................................................................................................................................22

7.4.9 Medical and health risk reduction .................................................................................................................22

7.4.10 Medical and security support services ......................................................................................................24

7.4.11 Incident management planning .......................................................................................................................24

7.4.12 Incident and emergency contact points ....................................................................................................25

7.4.13 Traveller tracking .........................................................................................................................................................26

7.4.14 Kidnap and ransom planning .............................................................................................................................27

7.4.15 Evacuation planning ..................................................................................................................................................27

© ISO 2021 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO 31030:2021(E)

8 Communication and consultation ...................................................................................................................................................27

8.1 Programme/strategic communications .........................................................................................................................27

8.2 Operational/technical communications ........................................................................................................................28

9 Programme monitoring and review ..............................................................................................................................................29

9.1 General ........................................................................................................................................................................................................29

9.2 Surveys ........................................................................................................................................................................................................30

9.3 Benchmarking.......................................................................................................................................................................................30

9.4 Metrics .........................................................................................................................................................................................................30

10 Programme recording and reporting ..........................................................................................................................................31

10.1 General ........................................................................................................................................................................................................31

10.2 Documentation ....................................................................................................................................................................................31

10.3 Recording and reporting .............................................................................................................................................................32

Annex A (informative) Development and implementation of a TRM programme .............................................34

Annex B (informative) Minors travelling without legal guardians ....................................................................................37

Annex C (informative) Travel considerations during global disruption ......................................................................40

Annex D (informative) Risk treatment restrictions ...........................................................................................................................42

Annex E (informative) Training ..............................................................................................................................................................................43

Annex F (informative) Considerations for accommodation in higher-risk locations .....................................45

Bibliography .............................................................................................................................................................................................................................48

iv © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 31030:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 262, Risk management.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO 31030:2021(E)
Introduction

This document is intended to assist those managing and participating in organizational travel. The

management of travel risk is a component of any organization’s travel-related activities and should

include interaction with stakeholders.

There are many reasons why people travel for their organization. Travelling has increasingly become

a common feature of people’s jobs or functions. Consequently, organizations need to meet their duty of

care across multiple jurisdictions in different parts of the world.

Travellers, whether international or domestic, can be faced with unfamiliar situations and environments

that have different risk profiles to those of their normal location. Road accidents, disease outbreaks,

epidemics and natural disasters, as well as conflict, crime (including cyber and information), cyber

threats, terrorism and political and socially motivated instability, can threaten the safety, security

(including information security) and health (including mental health) of travellers, and can adversely

affect the outcome of their travel objectives.

NOTE Unless otherwise indicated, any reference to security also includes information security.

Managing risks for travel to a country where the organization has no local base requires more

comprehensive controls than for locations where risk profiles are well known and treatments have

already been established. Timeliness and accuracy of intelligence, analysis and advice, including travel

warnings, are increasingly important in influencing travel decisions.

Travel risk management (TRM) requires that organizations anticipate and assess the potential for

events, develop treatments and communicate anticipated risk exposures to their travellers. Advising

and providing travellers with adequate medical and emergency response guidance, security and

information security precautions, including challenges to travel logistics, can significantly impact the

outcome of disruptive events.

This document provides a means for organizations to demonstrate that travel decisions are based on

the organization’s capacity to treat risk using internal resources or with external assistance. Not all

travel requires the same level of rigour for risk assessment and management. Although this document

provides a comprehensive set of risk treatment options that an organization can consider, application

should be reasoned and proportionate to the risk exposure. This will help the organization and

individual travellers realize the opportunities and benefits for which travel is required.

This document proposes that the organization’s overall appetite and acceptance of risk should not take

precedence, or be used exclusively, in deciding whether travel is appropriate for security, safety or

health reasons.

This document is based on the principles, framework and process of ISO 31000, as illustrated in

Figure 1. Travel-related risk presents a specific context and an organization’s existing risk management

process can be adapted to reflect this. It is also aligned with the core occupational health and safety

management system set out in ISO 45001. As such, elements of this document can assist or inform

organizations developing such management systems, but it is not a management system standard.

This document can be used on a standalone basis or integrated within other risk management

programmes.
vi © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
ISO 31030:2021(E)
Figure 1 — Principles, framework and process

One of the aims of this document is to promote a culture where travel-related risk is taken seriously,

resourced adequately, and managed effectively. And where the benefits to the organization and relevant

stakeholders are recognized. Such benefits include:
— protecting personnel, data, intellectual property and assets;
— reducing legal and financial exposure;
— enabling business in high-risk locations;

— enhancing an organization’s reputation and credibility, which in turn can have a positive effect on

competitiveness, staff turnover and talent acquisition;

— improving worker confidence in health, safety and security arrangements with regard to travel;

— contributing to business continuity capability and organizational resilience;

— demonstrating the organization’s ability to control its travel-related risks effectively and efficiently,

which can also help in lowering its insurance premiums;

— providing assurance to business partners, thus banks and investors will be more willing to finance

its business;

— enabling the organization to meet customers’ expectations in terms of the security and stability of

their supply chain;
— increasing general productivity;

— contributing to meeting the sustainable development goals by strengthening the social dimension

of sustainability.
© ISO 2021 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO 31030:2021(E)
In this document, the following verbal forms are used:
a) “should” indicates a recommendation;
b) “may” indicates a permission;
c) “can” indicates a possibility or a capability.

Information marked as “NOTE” is intended to assist the understanding or use of the document.

“Notes to entry” used in Clause 3 provide additional information that supplements the terminological

data and can contain provisions relating to the use of a term.
viii © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
INTERNATIONAL STANDARD ISO 31030:2021(E)
Travel risk management — Guidance for organizations
1 Scope

This document gives guidance to organizations on how to manage the risk(s), to the organization and

its travellers, as a result of undertaking travel.

This document provides a structured approach to the development, implementation, evaluation and

review of:
— policy;
— programme development;
— threat and hazard identification;
— opportunities and strengths;
— risk assessment;
— prevention and mitigation strategies.

This document is applicable to any type of organization, irrespective of sector or size, including but not

limited to:
— commercial organizations;
— charitable and not-for-profit organizations;
— governmental organizations;
— non-governmental organizations;
— educational organizations.

This document does not apply to tourism and leisure-related travel, except in relation to travellers

travelling on behalf of the organization.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 31000, Risk management — Guidelines
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 31000 and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
© ISO 2021 – All rights reserved 1
---------------------- Page: 9 ----------------------
ISO 31030:2021(E)
3.1
competence
ability to apply knowledge and skills to achieve intended results

Note 1 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for

ISO management system standards.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crisis

abnormal or extraordinary event or situation that threatens an organization (3.9) and requires a

strategic, adaptive and timely response in order to preserve its viability and integrity

Note 1 to entry: The event can include a high degree of uncertainty.

Note 2 to entry: The event can exceed the response capacity or capability of the organization.

Note 3 to entry: Given the nature of a crisis, it is possible that there will not be an adequate or appropriate plan to

deal with the event, such that a flexible and dynamic approach is needed.
3.3
crisis management team

group of individuals functionally responsible for the direction and implementation of the organization’s

(3.9) crisis (3.2) management capabilities
3.4
duty of care

moral responsibility or legal requirement of an organization (3.9) to protect the traveller (3.21) from

hazards (3.5) and threats (3.17)

Note 1 to entry: The legal aspect of duty of care can arise from, among others, negligence, contract and statute.

Note 2 to entry: Legal requirements and how they arise, including insurance coverage, can differ between

jurisdictions.

Note 3 to entry: Legal requirements can be qualified in scope (e.g. it is possible they will not be absolute).

Note 4 to entry: Organizations should seek advice from a competent legal adviser to ascertain the scope and

nature of their duty of care relating to the context of this document.
3.5
hazard
source of potential harm
[SOURCE: ISO 31073:— , 3.7.5, modified — Note 1 to entry has been deleted.]
3.6
incident

adverse event that can be, or can lead to, a disruption, loss, emergency or crisis (3.2)

Note 1 to entry: An incident can negatively impact a traveller’s (3.21) health, safety and security.

Note 2 to entry: An incident can negatively impact the organization (3.9), e.g. by reputational damage, financial

loss.
Note 3 to entry: An incident can negatively impact organizational resilience.
1) Under preparation. Stage at the time of publication: ISO/DIS 31073:2021.
2 © ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 31030:2021(E)
3.7
incident management team

group of individuals functionally responsible for planning for the likelihood and management of an

incident (3.6)

Note 1 to entry: Responsibilities of the incident management team can include liaison with external organizations

(3.9), stakeholders (3.15) and families.
3.8
off-duty time

time when travellers (3.21) are not engaged in work activities but remain under the general supervisory

responsibility of the organization (3.9)
Note 1 to entry: This can include a weekend depending on the trip duration.
3.9
organization

person or group of people that has its own functions with responsibilities, authorities and relationships

to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation,

firm, enterprise, authority, partnership, association, charity or institution, or part or combination thereof,

whether incorporated or not, public or private.
[SOURCE: ISO 31022:2020, 3.4, modified — Note 1 to entry has been modified.]
3.10
personal leave time

period of time, occurring before, after or within the scheduled duration of the work activity or project,

that falls outside the supervisory responsibility of the organization (3.9)
3.11
provider

organization (3.9) providing services or products, or both, to the organization in accordance with

agreed specifications, terms and conditions
3.12
risk
effect of uncertainty on objectives

Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address,

create or result in opportunities and threats (3.17).

Note 2 to entry: Objectives can have different aspects and categories and can be applied at different levels.

Note 3 to entry: Risk is usually expressed in terms of risk sources, potential events, their consequences and their

likelihood.
[SOURCE: ISO 31000:2018, 3.1]
3.13
risk assessment
overall process of risk identification, risk analysis and risk evaluation
[SOURCE: ISO 31073:—, 3.6.1]
3.14
risk treatment
process to modify risk (3.12)
Note 1 to entry: Risk treatment can involve:

— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;

© ISO 2021 – All rights reserved 3
---------------------- Page: 11 ----------------------
ISO 31030:2021(E)
— taking or increasing risk in order to pursue an opportunity;
— removing the risk source;
— changing the likelihood;
— changing the consequences;

— sharing the risk with another party or parties (including contracts and risk financing);

— retaining the risk by informed decision.

Note 2 to entry: Risk treatments that deal with negative consequences are sometimes referred to as “risk

mitigation”, “risk elimination”, “risk prevention” and “risk reduction”.
Note 3 to entry: Risk treatment can create new risks or modify existing risks.
[SOURCE: ISO 31073:—, 3.10.1]
3.15
stakeholder

person or organization (3.9) that can affect, be affected by, or perceive themselves to be affected by a

decision or activity

Note 1 to entry: The term “interested party” can be used as an alternative to “stakeholder”.

[SOURCE: ISO 31000:2018, 3.3]
3.16
student

individual on placement, internship, apprenticeship or otherwise, under the control of an employing

organization (3.9) as part of a training programme, or enrolled in a school or other educational

institution

Note 1 to entry: As students can be under the age of legal responsibility, it is possible they will not be able to

make legal decisions themselves.
3.17
threat
potential source of danger, harm or other undesirable outcome
[SOURCE: ISO 31073:—, 3.
...

SLOVENSKI STANDARD
SIST ISO 31030:2021
01-december-2021
Obvladovanje tveganja na potovanjih - Napotki za organizacije
Travel risk management - Guidance for organizations
Gestion des risques liés aux voyages - Recommandations pour les organismes
Ta slovenski standard je istoveten z: ISO 31030:2021
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
03.200.01 Prosti čas in turizem na Leisure and tourism in
splošno general
SIST ISO 31030:2021 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST ISO 31030:2021
---------------------- Page: 2 ----------------------
SIST ISO 31030:2021
INTERNATIONAL ISO
STANDARD 31030
First edition
2021-09
Travel risk management — Guidance
for organizations
Gestion des risques liés aux voyages — Recommandations pour les
organismes
Reference number
ISO 31030:2021(E)
ISO 2021
---------------------- Page: 3 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Understanding the organization and its context................................................................................................................. 5

4.1 Operating context ................................................................................................................................................................................. 5

4.1.1 General...................................................................................................................................................................................... 5

4.1.2 Industry/sector specific ............................................................................................................................................ 6

4.1.3 Risk profile ............................................................................................................................................................................ 6

4.2 Stakeholders .............................................................................................................................................................................................. 6

4.3 Travelling population ........................................................................................................................................................................ 7

4.4 Business objectives, risk appetite and criteria ............................................................................................................ 8

4.5 Travel risk management and delivery ................................................................................................................................ 8

5 Managing travel risk ......................................................................................................................................................................................... 8

5.1 Leadership and commitment ..................................................................................................................................................... 8

5.2 Policy ............................................................................................................................................................................................................... 9

5.3 Roles, responsibilities and accountability ....................................................................................................................10

5.4 Objectives..................................................................................................................................................................................................10

5.5 Planning/establishing the programme ...........................................................................................................................10

5.6 Implementation ...................................................................................................................................................................................11

6 Travel risk assessment ................................................................................................................................................................................12

6.1 General ........................................................................................................................................................................................................12

6.2 Risk identification .............................................................................................................................................................................14

6.3 Risk analysis ...........................................................................................................................................................................................14

6.4 Risk evaluation .....................................................................................................................................................................................15

7 Travel risk treatment ....................................................................................................................................................................................16

7.1 General ........................................................................................................................................................................................................16

7.2 Risk avoidance ......................................................................................................................................................................................16

7.2.1 Pre-travel authorizations.......................................................................................................................................16

7.2.2 Restrictions ........................................................................................................................................................................17

7.3 Risk sharing ............................................................................................................................................................................................17

7.3.1 General...................................................................................................................................................................................17

7.3.2 General insurance ........................................................................................................................................................17

7.3.3 Specialist insurance ....................................................................................................................................................18

7.4 Risk reduction .......................................................................................................................................................................................18

7.4.1 Selecting treatment options ................................................................................................................................18

7.4.2 Competence .......................................................................................................................................................................19

7.4.3 Information, advice and updates ....................................................................................................................19

7.4.4 Communication protocols/platforms .........................................................................................................19

7.4.5 Accommodation selection .................. ...................................................................................................................20

7.4.6 Information security and privacy protection .......................................................................................20

7.4.7 Transportation ................................................................................................................................................................21

7.4.8 Journey management ................................................................................................................................................22

7.4.9 Medical and health risk reduction .................................................................................................................22

7.4.10 Medical and security support services ......................................................................................................24

7.4.11 Incident management planning .......................................................................................................................24

7.4.12 Incident and emergency contact points ....................................................................................................25

7.4.13 Traveller tracking .........................................................................................................................................................26

7.4.14 Kidnap and ransom planning .............................................................................................................................27

7.4.15 Evacuation planning ..................................................................................................................................................27

© ISO 2021 – All rights reserved iii
---------------------- Page: 5 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)

8 Communication and consultation ...................................................................................................................................................27

8.1 Programme/strategic communications .........................................................................................................................27

8.2 Operational/technical communications ........................................................................................................................28

9 Programme monitoring and review ..............................................................................................................................................29

9.1 General ........................................................................................................................................................................................................29

9.2 Surveys ........................................................................................................................................................................................................30

9.3 Benchmarking.......................................................................................................................................................................................30

9.4 Metrics .........................................................................................................................................................................................................30

10 Programme recording and reporting ..........................................................................................................................................31

10.1 General ........................................................................................................................................................................................................31

10.2 Documentation ....................................................................................................................................................................................31

10.3 Recording and reporting .............................................................................................................................................................32

Annex A (informative) Development and implementation of a TRM programme .............................................34

Annex B (informative) Minors travelling without legal guardians ....................................................................................37

Annex C (informative) Travel considerations during global disruption ......................................................................40

Annex D (informative) Risk treatment restrictions ...........................................................................................................................42

Annex E (informative) Training ..............................................................................................................................................................................43

Annex F (informative) Considerations for accommodation in higher-risk locations .....................................45

Bibliography .............................................................................................................................................................................................................................48

iv © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 262, Risk management.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 7 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
Introduction

This document is intended to assist those managing and participating in organizational travel. The

management of travel risk is a component of any organization’s travel-related activities and should

include interaction with stakeholders.

There are many reasons why people travel for their organization. Travelling has increasingly become

a common feature of people’s jobs or functions. Consequently, organizations need to meet their duty of

care across multiple jurisdictions in different parts of the world.

Travellers, whether international or domestic, can be faced with unfamiliar situations and environments

that have different risk profiles to those of their normal location. Road accidents, disease outbreaks,

epidemics and natural disasters, as well as conflict, crime (including cyber and information), cyber

threats, terrorism and political and socially motivated instability, can threaten the safety, security

(including information security) and health (including mental health) of travellers, and can adversely

affect the outcome of their travel objectives.

NOTE Unless otherwise indicated, any reference to security also includes information security.

Managing risks for travel to a country where the organization has no local base requires more

comprehensive controls than for locations where risk profiles are well known and treatments have

already been established. Timeliness and accuracy of intelligence, analysis and advice, including travel

warnings, are increasingly important in influencing travel decisions.

Travel risk management (TRM) requires that organizations anticipate and assess the potential for

events, develop treatments and communicate anticipated risk exposures to their travellers. Advising

and providing travellers with adequate medical and emergency response guidance, security and

information security precautions, including challenges to travel logistics, can significantly impact the

outcome of disruptive events.

This document provides a means for organizations to demonstrate that travel decisions are based on

the organization’s capacity to treat risk using internal resources or with external assistance. Not all

travel requires the same level of rigour for risk assessment and management. Although this document

provides a comprehensive set of risk treatment options that an organization can consider, application

should be reasoned and proportionate to the risk exposure. This will help the organization and

individual travellers realize the opportunities and benefits for which travel is required.

This document proposes that the organization’s overall appetite and acceptance of risk should not take

precedence, or be used exclusively, in deciding whether travel is appropriate for security, safety or

health reasons.

This document is based on the principles, framework and process of ISO 31000, as illustrated in

Figure 1. Travel-related risk presents a specific context and an organization’s existing risk management

process can be adapted to reflect this. It is also aligned with the core occupational health and safety

management system set out in ISO 45001. As such, elements of this document can assist or inform

organizations developing such management systems, but it is not a management system standard.

This document can be used on a standalone basis or integrated within other risk management

programmes.
vi © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
Figure 1 — Principles, framework and process

One of the aims of this document is to promote a culture where travel-related risk is taken seriously,

resourced adequately, and managed effectively. And where the benefits to the organization and relevant

stakeholders are recognized. Such benefits include:
— protecting personnel, data, intellectual property and assets;
— reducing legal and financial exposure;
— enabling business in high-risk locations;

— enhancing an organization’s reputation and credibility, which in turn can have a positive effect on

competitiveness, staff turnover and talent acquisition;

— improving worker confidence in health, safety and security arrangements with regard to travel;

— contributing to business continuity capability and organizational resilience;

— demonstrating the organization’s ability to control its travel-related risks effectively and efficiently,

which can also help in lowering its insurance premiums;

— providing assurance to business partners, thus banks and investors will be more willing to finance

its business;

— enabling the organization to meet customers’ expectations in terms of the security and stability of

their supply chain;
— increasing general productivity;

— contributing to meeting the sustainable development goals by strengthening the social dimension

of sustainability.
© ISO 2021 – All rights reserved vii
---------------------- Page: 9 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
In this document, the following verbal forms are used:
a) “should” indicates a recommendation;
b) “may” indicates a permission;
c) “can” indicates a possibility or a capability.

Information marked as “NOTE” is intended to assist the understanding or use of the document.

“Notes to entry” used in Clause 3 provide additional information that supplements the terminological

data and can contain provisions relating to the use of a term.
viii © ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
SIST ISO 31030:2021
INTERNATIONAL STANDARD ISO 31030:2021(E)
Travel risk management — Guidance for organizations
1 Scope

This document gives guidance to organizations on how to manage the risk(s), to the organization and

its travellers, as a result of undertaking travel.

This document provides a structured approach to the development, implementation, evaluation and

review of:
— policy;
— programme development;
— threat and hazard identification;
— opportunities and strengths;
— risk assessment;
— prevention and mitigation strategies.

This document is applicable to any type of organization, irrespective of sector or size, including but not

limited to:
— commercial organizations;
— charitable and not-for-profit organizations;
— governmental organizations;
— non-governmental organizations;
— educational organizations.

This document does not apply to tourism and leisure-related travel, except in relation to travellers

travelling on behalf of the organization.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 31000, Risk management — Guidelines
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 31000 and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
© ISO 2021 – All rights reserved 1
---------------------- Page: 11 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
3.1
competence
ability to apply knowledge and skills to achieve intended results

Note 1 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for

ISO management system standards.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crisis

abnormal or extraordinary event or situation that threatens an organization (3.9) and requires a

strategic, adaptive and timely response in order to preserve its viability and integrity

Note 1 to entry: The event can include a high degree of uncertainty.

Note 2 to entry: The event can exceed the response capacity or capability of the organization.

Note 3 to entry: Given the nature of a crisis, it is possible that there will not be an adequate or appropriate plan to

deal with the event, such that a flexible and dynamic approach is needed.
3.3
crisis management team

group of individuals functionally responsible for the direction and implementation of the organization’s

(3.9) crisis (3.2) management capabilities
3.4
duty of care

moral responsibility or legal requirement of an organization (3.9) to protect the traveller (3.21) from

hazards (3.5) and threats (3.17)

Note 1 to entry: The legal aspect of duty of care can arise from, among others, negligence, contract and statute.

Note 2 to entry: Legal requirements and how they arise, including insurance coverage, can differ between

jurisdictions.

Note 3 to entry: Legal requirements can be qualified in scope (e.g. it is possible they will not be absolute).

Note 4 to entry: Organizations should seek advice from a competent legal adviser to ascertain the scope and

nature of their duty of care relating to the context of this document.
3.5
hazard
source of potential harm
[SOURCE: ISO 31073:— , 3.7.5, modified — Note 1 to entry has been deleted.]
3.6
incident

adverse event that can be, or can lead to, a disruption, loss, emergency or crisis (3.2)

Note 1 to entry: An incident can negatively impact a traveller’s (3.21) health, safety and security.

Note 2 to entry: An incident can negatively impact the organization (3.9), e.g. by reputational damage, financial

loss.
Note 3 to entry: An incident can negatively impact organizational resilience.
1) Under preparation. Stage at the time of publication: ISO/DIS 31073:2021.
2 © ISO 2021 – All rights reserved
---------------------- Page: 12 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
3.7
incident management team

group of individuals functionally responsible for planning for the likelihood and management of an

incident (3.6)

Note 1 to entry: Responsibilities of the incident management team can include liaison with external organizations

(3.9), stakeholders (3.15) and families.
3.8
off-duty time

time when travellers (3.21) are not engaged in work activities but remain under the general supervisory

responsibility of the organization (3.9)
Note 1 to entry: This can include a weekend depending on the trip duration.
3.9
organization

person or group of people that has its own functions with responsibilities, authorities and relationships

to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation,

firm, enterprise, authority, partnership, association, charity or institution, or part or combination thereof,

whether incorporated or not, public or private.
[SOURCE: ISO 31022:2020, 3.4, modified — Note 1 to entry has been modified.]
3.10
personal leave time

period of time, occurring before, after or within the scheduled duration of the work activity or project,

that falls outside the supervisory responsibility of the organization (3.9)
3.11
provider

organization (3.9) providing services or products, or both, to the organization in accordance with

agreed specifications, terms and conditions
3.12
risk
effect of uncertainty on objectives

Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address,

create or result in opportunities and threats (3.17).

Note 2 to entry: Objectives can have different aspects and categories and can be applied at different levels.

Note 3 to entry: Risk is usually expressed in terms of risk sources, potential events, their consequences and their

likelihood.
[SOURCE: ISO 31000:2018, 3.1]
3.13
risk assessment
overall process of risk identification, risk analysis and risk evaluation
[SOURCE: ISO 31073:—, 3.6.1]
3.14
risk treatment
process to modify risk (3.12)
Note 1 to entry: Risk treatment can involve:

— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;

© ISO 2021 – All rights reserved 3
---------------------- Page: 13 ----------------------
SIST ISO 31030:2021
ISO 31030:2021(E)
— taking or increasing risk in order to pursue an opportunity;
— removing the risk source;
— changing the likelihood;
— changing the consequences;

— sharing the risk with another party or parties (including contracts and risk financing);

— retaining the risk by informed decision.
Note 2 to entry: Risk treatments tha
...

NORME ISO
INTERNATIONALE 31030
Première édition
2021-09
Gestion des risques liés aux
voyages — Recommandations pour les
organismes
Travel risk management — Guidance for organizations
Numéro de référence
ISO 31030:2021(F)
ISO 2021
---------------------- Page: 1 ----------------------
ISO 31030:2021(F)
DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2021

Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette

publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,

y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut

être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.

ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii © ISO 2021 – Tous droits réservés
---------------------- Page: 2 ----------------------
ISO 31030:2021(F)
Sommaire Page

Avant-propos ................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Domaine d’application ................................................................................................................................................................................... 1

2 Références normatives ................................................................................................................................................................................... 1

3 Termes et définitions ....................................................................................................................................................................................... 1

4 Compréhension de l’organisme et de son contexte .......................................................................................................... 5

4.1 Contexte opérationnel ...................................................................................................................................................................... 5

4.1.1 Généralités ............................................................................................................................................................................ 5

4.1.2 Contexte spécifique à une industrie/un secteur d’activité .......................................................... 6

4.1.3 Profil de risque .................................................................................................................................................................. 6

4.2 Parties prenantes .................................................................................................................................................................................. 7

4.3 Population de voyageurs ................................................................................................................................................................ 7

4.4 Objectifs commerciaux, appétence au risque et critères de risques......................................................... 8

4.5 Gestion des risques liés aux voyages et mise en œuvre ....................................................................................... 8

5 Gestion des risques liés aux voyages ............................................................................................................................................... 9

5.1 Leadership et engagement............................................................................................................................................................ 9

5.2 Politique ........................................................................................................................................................................................................ 9

5.3 Rôles et responsabilités ......... .......................................................................................................................................................10

5.4 Objectifs .....................................................................................................................................................................................................11

5.5 Planification/élaboration du programme ....................................................................................................................11

5.6 Mise en œuvre.......................................................................................................................................................................................12

6 Appréciation des risques liés aux voyages .............................................................................................................................13

6.1 Généralités ...............................................................................................................................................................................................13

6.2 Identification des risques ...........................................................................................................................................................15

6.3 Analyse du risque ..............................................................................................................................................................................16

6.4 Évaluation du risque .......................................................................................................................................................................16

7 Traitement des risques liés aux voyages ..................................................................................................................................17

7.1 Généralités ...............................................................................................................................................................................................17

7.2 Évitement des risques....................................................................................................................................................................18

7.2.1 Autorisations préalables aux voyages ........................................................................................................18

7.2.2 Restrictions ........................................................................................................................................................................18

7.3 Partage du risque ...............................................................................................................................................................................19

7.3.1 Généralités .........................................................................................................................................................................19

7.3.2 Assurance générale .....................................................................................................................................................19

7.3.3 Assurance spécialisée ...............................................................................................................................................19

7.4 Réduction du risque ........................................................................................................................................................................20

7.4.1 Choix des options de traitement .....................................................................................................................20

7.4.2 Compétence .......................................................................................................................................................................20

7.4.3 Informations, conseils et mises à jour ........................................................................................................21

7.4.4 Protocoles/plates-formes de communication .....................................................................................21

7.4.5 Choix de l’hébergement ..........................................................................................................................................22

7.4.6 Sécurité de l’information et protection de la vie privée ..............................................................22

7.4.7 Transport .............................................................................................................................................................................23

7.4.8 Gestion du déplacement .........................................................................................................................................24

7.4.9 Réduction des risques médicaux et sanitaires ....................................................................................24

7.4.10 Services d’assistance médicale et à la sûreté .......................................................................................26

7.4.11 Planification de la gestion des incidents ..................................................................................................27

7.4.12 Points de contact pour les incidents et les urgences .....................................................................28

7.4.13 Suivi des voyageurs ....................................................................................................................................................28

7.4.14 Préparation à la gestion des enlèvements et des rançons ........................................................29

7.4.15 Planification de l’évacuation ...............................................................................................................................30

© ISO 2021 – Tous droits réservés iii
---------------------- Page: 3 ----------------------
ISO 31030:2021(F)

8 Communication et consultation ........................................................................................................................................................30

8.1 Communication du programme et de la stratégie .................................................................................................30

8.2 Communications opérationnelles/techniques .........................................................................................................31

9 Surveillance et revue du programme ...........................................................................................................................................32

9.1 Généralités ...............................................................................................................................................................................................32

9.2 Sondages ....................................................................................................................................................................................................33

9.3 Analyse comparative .......................................................................................................................................................................33

9.4 Mesures ......................................................................................................................................................................................................34

10 Enregistrement du programme et élaboration de rapports ................................................................................34

10.1 Généralités ...............................................................................................................................................................................................34

10.2 Documentation ....................................................................................................................................................................................34

10.3 Enregistrement et élaboration de rapports ................................................................................................................35

Annexe A (informative) Élaboration et mise en œuvre d’un programme de gestion des

risques liés aux voyages .............................................................................................................................................................................37

Annexe B (informative) Mineurs voyageant sans tuteur légal ................................................................................................41

Annexe C (informative) Considérations relatives aux voyages en cas de perturbation mondiale ....44

Annexe D (informative) Restrictions en matière de traitement du risque ................................................................46

Annexe E (informative) Formation ......................................................................................................................................................................47

Annexe F (informative) Considérations relatives aux hébergements situés dans des lieux à

haut risque ...............................................................................................................................................................................................................49

Bibliographie ...........................................................................................................................................................................................................................52

iv © ISO 2021 – Tous droits réservés
---------------------- Page: 4 ----------------------
ISO 31030:2021(F)
Avant-propos

L'ISO (Organisation internationale de normalisation) est une fédération mondiale d'organismes

nationaux de normalisation (comités membres de l'ISO). L'élaboration des Normes internationales est

en général confiée aux comités techniques de l'ISO. Chaque comité membre intéressé par une étude

a le droit de faire partie du comité technique créé à cet effet. Les organisations internationales,

gouvernementales et non gouvernementales, en liaison avec l'ISO participent également aux travaux.

L'ISO collabore étroitement avec la Commission électrotechnique internationale (IEC) en ce qui

concerne la normalisation électrotechnique.

Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont

décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier, de prendre note des différents

critères d'approbation requis pour les différents types de documents ISO. Le présent document a été

rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www

.iso .org/ directives).

L'attention est attirée sur le fait que certains des éléments du présent document peuvent faire l'objet de

droits de propriété intellectuelle ou de droits analogues. L'ISO ne saurait être tenue pour responsable

de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails concernant

les références aux droits de propriété intellectuelle ou autres droits analogues identifiés lors de

l'élaboration du document sont indiqués dans l'Introduction et/ou dans la liste des déclarations de

brevets reçues par l'ISO (voir www .iso .org/ brevets).

Les appellations commerciales éventuellement mentionnées dans le présent document sont données

pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un

engagement.

Pour une explication de la nature volontaire des normes, la signification des termes et expressions

spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion

de l'ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles

techniques au commerce (OTC), voir www .iso .org/ avant -propos.

Le présent document a été élaboré par le Comité technique ISO/TC 262, Management du risque.

Il convient que l’utilisateur adresse tout retour d’information ou toute question concernant le présent

document à l’organisme national de normalisation de son pays. Une liste exhaustive desdits organismes

se trouve à l’adresse www .iso .org/ fr/ members .html.
© ISO 2021 – Tous droits réservés v
---------------------- Page: 5 ----------------------
ISO 31030:2021(F)
Introduction

Le présent document est destiné à aider les personnes qui gèrent et participent à des voyages d’affaires.

La gestion des risques liés aux voyages est une composante des activités de voyage de tout organisme et

il convient d’y inclure l’interaction avec les parties prenantes.

Les raisons de voyager pour le compte d’un organisme sont nombreuses. Les voyages sont de plus en plus

fréquents dans le cadre de l’exercice d’un emploi ou d’une fonction. Par conséquent, il est nécessaire que

les organismes s’acquittent de leur devoir de protection sous de multiples juridictions dans différentes

parties du monde.

Les voyageurs, qu’ils soient internationaux ou nationaux, peuvent être confrontés à des situations et

à des environnements qu’ils ne connaissent pas et qui présentent des profils de risque différents de

ceux de leur lieu de résidence habituel. Les accidents de la route, les épidémies et les catastrophes

naturelles, ainsi que les conflits, la criminalité (y compris la cybercriminalité et le vol d’information), les

cybermenaces, le terrorisme et l’instabilité politique et sociale peuvent menacer la sécurité, la sûreté (y

compris la sécurité de l’information) et la santé (y compris la santé mentale) des voyageurs, et peuvent

avoir des conséquences négatives sur les objectifs de leurs missions.

NOTE Sauf indication contraire, toute référence à la sûreté inclut également la sécurité de l’information.

La gestion des risques liés aux voyages dans un pays où l’organisme n’a pas de bureau local nécessite

des moyens de maîtrise du risque plus complets que pour les lieux dont les profils de risque sont bien

connus et où des mesures de traitement ont déjà été prises. L’actualisation permanente et l’exactitude

des renseignements, des analyses et des conseils, y compris les avertissements aux voyageurs, jouent

un rôle de plus en plus important dans les décisions de voyage.

La gestion des risques liés aux voyages exige que les organismes anticipent et évaluent les probabilités

que des événements se produisent, élaborent des mesures de traitement et communiquent à leurs

voyageurs leur exposition anticipée aux risques. Le fait de conseiller les voyageurs et de leur fournir

des recommandations adéquates en matière de soins médicaux, d’intervention d’urgence ainsi que des

consignes en matière de sûreté et de sécurité de l’information, y compris les défis liés à la logistique des

voyages, peut avoir une incidence importante sur l’impact potentiel d’événements perturbateurs.

Le présent document fournit aux organismes un moyen de démontrer que les décisions de voyage sont

fondées sur la capacité de l’organisme à traiter le risque en utilisant des ressources internes ou avec

une aide externe. Tous les voyages ne justifient pas le même degré de rigueur dans l’appréciation et

le management du risque. Bien que le présent document fournisse un ensemble complet d’options de

traitement du risque pouvant être envisagées par un organisme, il convient que son application soit

raisonnée et proportionnée à l’exposition au risque. Cela a vocation à aider l’organisme et chaque

voyageur à saisir les opportunités et les avantages pour lesquels le voyage est requis.

Le présent document dispose qu’il convient que l’appétence générale de l’organisme au risque et son

acceptation du risque ne priment pas, ou ne soient pas utilisées exclusivement, pour décider si un

voyage est approprié pour des raisons de sûreté, de sécurité ou de santé.

Le présent document est basé sur les principes, le cadre organisationnel et le processus de l’ISO 31000,

comme illustré à la Figure 1. Le risque lié aux voyages présente un contexte spécifique et il peut être

nécessaire d’adapter le processus de management du risque existant d’un organisme pour en tenir

compte. Il est également aligné sur le système central de management de la santé et de la sécurité au

travail défini dans l’ISO 45001. À ce titre, certains éléments du présent document peuvent aider ou

éclairer les organismes qui élaborent de tels systèmes de management, mais il ne s’agit pas d’une norme

de système de management.

Le présent document peut être utilisé de manière autonome ou intégré dans d’autres programmes de

gestion des risques.
vi © ISO 2021 – Tous droits réservés
---------------------- Page: 6 ----------------------
ISO 31030:2021(F)
Figure 1 — Principes, cadre organisationnel et processus

L’un des objectifs du présent document est de promouvoir une culture où le risque lié aux voyages est

pris au sérieux, mobilise suffisamment de ressources et est géré de manière efficace, et où les avantages

pour l’organisme et les parties prenantes concernées sont reconnus. Ces avantages comprennent:

— protéger le personnel, les données, la propriété intellectuelle et les biens;
— réduire les impacts financiers et juridiques de l’exposition au risque;
— permettre de traiter des affaires dans des lieux à haut risque;

— améliorer la réputation et la crédibilité d’un organisme, ce qui peut avoir un effet positif sur la

compétitivité, la rotation du personnel et l’acquisition de talents;

— améliorer la confiance des travailleurs dans les dispositions en matière de santé, de sécurité et de

sûreté relatives aux voyages;

— contribuer à la capacité de continuité d’activité et à la résilience de l’organisme;

— démontrer la capacité de l’organisme à maîtriser ses risques liés aux voyages de manière efficace et

efficiente, ce qui peut également contribuer à réduire ses primes d’assurance;

— rassurer ses partenaires commerciaux, de sorte que les banques et les investisseurs soient plus

disposés à financer ses activités;

— permettre à l’organisme de répondre aux attentes de ses clients en termes de sûreté et de stabilité

de leur chaîne d’approvisionnement;
— augmenter la productivité générale;
© ISO 2021 – Tous droits réservés vii
---------------------- Page: 7 ----------------------
ISO 31030:2021(F)

— contribuer à l’atteinte des objectifs de développement durable en renforçant la dimension sociale du

développement durable.
Dans le présent document, les formes verbales suivantes sont utilisées:
a) «il convient de/que» indique une recommandation;
b) «peut/il est admis/permis» (« may » en anglais) indique une permission;

c) «peut/il est possible» (« can » en anglais) indique une possibilité ou une capacité.

Les informations sous forme de «NOTE» sont destinées à faciliter la compréhension ou l’utilisation du

document.

Les «Notes à l’article» utilisées à l’Article 3 fournissent des informations supplémentaires qui viennent

compléter les données terminologiques et peuvent contenir des précisions concernant l’usage d’un

terme.
viii © ISO 2021 – Tous droits réservés
---------------------- Page: 8 ----------------------
NORME INTERNATIONALE ISO 31030:2021(F)
Gestion des risques liés aux voyages — Recommandations
pour les organismes
1 Domaine d’application

Le présent document fournit des recommandations aux organismes sur la manière de gérer le ou les

risques, pour l’organisme et ses voyageurs, lorsqu’ils effectuent un voyage.

Le présent document fournit une approche structurée pour l’élaboration, la mise en œuvre, l’évaluation

et le contrôle des éléments suivants:
— la politique;
— l’élaboration de programmes;
— l’identification des menaces et des dangers;
— les opportunités et les points forts;
— l’appréciation du risque;
— les stratégies de prévention et d’atténuation.

Le présent document s’applique à tout type d’organisme, quel que soit son secteur d’activité ou sa taille,

y compris, sans s’y limiter:
— les organismes commerciaux;
— les organismes caritatifs et à but non lucratif;
— les organismes publics;
— les organisations non gouvernementales;
— les organismes éducatifs.

Le présent document ne s’applique pas aux voyages à but touristique et de loisirs, sauf en ce qui concerne

les voyageurs qui voyagent pour le compte de leur organisme.
2 Références normatives

Les documents suivants sont cités dans le texte de sorte qu’ils constituent, pour tout ou partie de leur

contenu, des exigences du présent document. Pour les références datées, seule l’édition citée s’applique.

Pour les références non datées, la dernière édition du document de référence s'applique (y compris les

éventuels amendements).
ISO 31000, Management du risque — Lignes directrices
3 Termes et définitions

Pour les besoins du présent document, les termes et les définitions de l’ISO 31000 ainsi que les suivants

s’appliquent.
© ISO 2021 – Tous droits réservés 1
---------------------- Page: 9 ----------------------
ISO 31030:2021(F)

L’ISO et l’IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en

normalisation, consultables aux adresses suivantes:

— ISO Online browsing platform: disponible à l’adresse https:// www .iso .org/ obp

— IEC Electropedia: disponible à l’adresse http:// www .electropedia .org/
3.1
compétence

aptitude à mettre en pratique des connaissances et des savoir-faire pour obtenir les résultats escomptés

Note 1 à l'article: Il s’agit de l’un des termes communs et définitions de base de la structure harmonisée des

normes de systèmes de management de l’ISO.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crise

événement ou situation anormale ou extraordinaire qui menace un organisme (3.9) et nécessite une

réponse stratégique, adaptative et rapide afin de préserver sa viabilité et son intégrité

Note 1 à l'article: L’événement peut comporter un degré élevé d’incertitude.

Note 2 à l'article: L’événement peut dépasser la capacité de réponse ou les capacités générales de l’organisme.

Note 3 à l'article: Étant donné la nature d’une crise, il est possible qu’il n’existe pas de plan adéquat ou approprié

permettant de faire face à l’événement, de sorte qu’une approche souple et dynamique est nécessaire.

3.3
équipe de gestion de crise

groupe de personnes responsables de par leurs fonctions de l’orientation et de la mise en œuvre des

capacités de gestion de crise (3.2) de l’organisme (3.9)
3.4
devoir de protection

responsabilité morale ou exigence légale d’un organisme (3.9) de protéger le voyageur (3.21) contre les

dangers (3.5) et les menaces (3.17)

Note 1 à l'article: L’aspect juridique du devoir de protection peut découler, entre autres, d’une négligence, d’un

contrat et d’une loi.

Note 2 à l'article: Les exigences légales et la manière dont elles se présentent, y compris la couverture d’assurance,

peuvent varier d’une juridiction à l’autre.

Note 3 à l'article: Les exigences légales peuvent être assorties de réserves quant à leur portée (par exemple, elles

peuvent ne pas être absolues).

Note 4 à l'article: Il convient que les organismes demandent l’avis d’un conseiller juridique compétent pour

déterminer la portée et la nature de leur devoir de protection dans le contexte du présent document.

3.5
danger
source de dommage potentiel
[SOURCE: ISO 31073:— , 3.7.5, modifié — La Note 1 à l’article a été supprimée.]
1) En préparation. Stade au moment de la publication : ISO/DIS 31073:2021.
2 © ISO 2021 – Tous droits réservés
---------------------- Page: 10 ----------------------
ISO 31030:2021(F)
3.6
incident

événement indésirable qui peut constituer ou conduire à une perturbation, une perte, une urgence ou

une crise (3.2)

Note 1 à l'article: Un incident peut avoir un impact négatif sur la santé, la sécurité et la sûreté d’un voyageur

(3.21).

Note 2 à l'article: Un incident peut avoir un impact négatif sur l’organisme (3.9), par exemple une perte de

réputation ou une perte financière.

Note 3 à l'article: Un incident peut avoir un impact négatif sur la résilience de l’organisme.

3.7
équipe de gestion des incidents

groupe de personnes responsables de par leurs fonctions de planifier la vraisemblance et la gestion

d’un incident (3.6)

Note 1 à l'article: Les responsabilités de l’équipe de gestion des incidents peuvent inclure la liaison avec les

organismes (3.9) externes, les parties prenantes (3.15) et les familles.
3.8
temps libre

temps pendant lequel les voyageurs (3.21) n’exercent pas d’activités professionnelles mais restent sous

la responsabilité générale de l’organisme (3.9)
Note 1 à l'article: Cela peut inclure un week-end selon la durée du voyage.
3.9
organisme

personne ou groupe de personnes ayant des fonctions définies avec les responsabilités, l’autorité et les

relations lui permettant d’atteindre ses objectifs

Note 1 à l'article: Le concept d’organisme englobe sans s’y limiter, les travailleurs indépendants, les compagnies,

les sociétés, les firmes, les entreprises, les administrations, les partenariats, les associations, les organisations

caritatives ou les institutions, ou bien une partie ou une association des entités précédentes, ayant soit un statut

de société commerciale soit un autre statut, de droit public ou privé.
[SOURCE: ISO 31022:2020, 3.4, modifié — La Note 1 à l’article a été modifiée.]
3.10
temps de congé personnel

période survenant avant, après ou pendant la durée prévue de l’activité professionnelle ou du projet, ne

relevant pas de la responsabilité de l’organisme (3.
...

FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 31030
ISO/TC 262
Travel risk management — Guidance
Secretariat: BSI
for organizations
Voting begins on:
2021­06­22
Gestion des risques liés aux voyages — Recommandations pour les
organismes
Voting terminates on:
2021­08­17
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/FDIS 31030:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN­
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. ISO 2021
---------------------- Page: 1 ----------------------
ISO/FDIS 31030:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH­1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/FDIS 31030:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Understanding the organization and its context................................................................................................................. 5

4.1 Operating context ................................................................................................................................................................................. 5

4.1.1 General...................................................................................................................................................................................... 5

4.1.2 Industry/sector specific ............................................................................................................................................ 6

4.1.3 Risk profile ............................................................................................................................................................................ 6

4.2 Stakeholders .............................................................................................................................................................................................. 6

4.3 Travelling population ........................................................................................................................................................................ 7

4.4 Business objectives, risk appetite and criteria ............................................................................................................ 8

4.5 Travel risk management and delivery ................................................................................................................................ 8

5 Managing travel risk ......................................................................................................................................................................................... 8

5.1 Leadership and commitment ..................................................................................................................................................... 8

5.2 Policy ............................................................................................................................................................................................................... 9

5.3 Roles, responsibilities and accountability ....................................................................................................................10

5.4 Objectives..................................................................................................................................................................................................10

5.5 Planning/establishing the programme ...........................................................................................................................10

5.6 Implementation ...................................................................................................................................................................................11

6 Travel risk assessment ................................................................................................................................................................................12

6.1 General ........................................................................................................................................................................................................12

6.2 Risk identification .............................................................................................................................................................................14

6.3 Risk analysis ...........................................................................................................................................................................................14

6.4 Risk evaluation .....................................................................................................................................................................................15

7 Travel risk treatment ....................................................................................................................................................................................16

7.1 General ........................................................................................................................................................................................................16

7.2 Risk avoidance ......................................................................................................................................................................................16

7.2.1 Pre­travel authorizations.......................................................................................................................................16

7.2.2 Restrictions ........................................................................................................................................................................17

7.3 Risk sharing ............................................................................................................................................................................................17

7.3.1 General...................................................................................................................................................................................17

7.3.2 General insurance ........................................................................................................................................................18

7.3.3 Specialist insurance ....................................................................................................................................................18

7.4 Risk reduction .......................................................................................................................................................................................18

7.4.1 Selecting treatment options ................................................................................................................................18

7.4.2 Competence .......................................................................................................................................................................19

7.4.3 Information, advice and updates ....................................................................................................................19

7.4.4 Communication protocols/platforms .........................................................................................................20

7.4.5 Accommodation selection .................. ...................................................................................................................20

7.4.6 Information security and privacy protection .......................................................................................21

7.4.7 Transportation ................................................................................................................................................................22

7.4.8 Journey management ................................................................................................................................................22

7.4.9 Medical and health risk reduction .................................................................................................................22

7.4.10 Medical and security support services ......................................................................................................24

7.4.11 Incident management planning .......................................................................................................................24

7.4.12 Incident and emergency contact points ....................................................................................................25

7.4.13 Traveller tracking .........................................................................................................................................................26

7.4.14 Kidnap and ransom planning .............................................................................................................................27

7.4.15 Evacuation planning ..................................................................................................................................................27

© ISO 2021 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/FDIS 31030:2021(E)

8 Communication and consultation ...................................................................................................................................................28

8.1 Programme/strategic communications .........................................................................................................................28

8.2 Operational/technical communications ........................................................................................................................29

9 Programme monitoring and review ..............................................................................................................................................29

9.1 General ........................................................................................................................................................................................................29

9.2 Surveys ........................................................................................................................................................................................................30

9.3 Benchmarking.......................................................................................................................................................................................30

9.4 Metrics .........................................................................................................................................................................................................30

10 Programme recording and reporting ..........................................................................................................................................31

10.1 General ........................................................................................................................................................................................................31

10.2 Documentation ....................................................................................................................................................................................31

10.3 Recording and reporting .............................................................................................................................................................32

Annex A (informative) Development and implementation of a TRM programme .............................................34

Annex B (informative) Minors travelling without legal guardians ....................................................................................37

Annex C (informative) Travel considerations during global disruption ......................................................................40

Annex D (informative) Risk treatment restrictions ...........................................................................................................................42

Annex E (informative) Training ..............................................................................................................................................................................43

Annex F (informative) Considerations for accommodation in higher-risk locations .....................................45

Bibliography .............................................................................................................................................................................................................................48

iv © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/FDIS 31030:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non­governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 262, Risk management.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/FDIS 31030:2021(E)
Introduction

This document is intended to assist those managing and participating in organizational travel. The

management of travel risk is a component of any organization’s travel-related activities and should

include interaction with stakeholders.

There are many reasons why people travel for their organization. Travelling has increasingly become

a common feature of people’s jobs or functions. Consequently, organizations need to meet their duty of

care across multiple jurisdictions in different parts of the world.

Travellers, whether international or domestic, can be faced with unfamiliar situations and environments

that have different risk profiles to those of their normal location. Road accidents, disease outbreaks,

epidemics and natural disasters, as well as conflict, crime (including cyber and information), cyber

threats, terrorism and political and socially motivated instability, can threaten the safety, security

(including information security) and health (including mental health) of travellers, and can adversely

affect the outcome of their travel objectives.

NOTE Unless otherwise indicated, any reference to security also includes information security.

Managing risks for travel to a country where the organization has no local base requires more

comprehensive controls than for locations where risk profiles are well known and treatments have

already been established. Timeliness and accuracy of intelligence, analysis and advice, including travel

warnings, are increasingly important in influencing travel decisions.

Travel risk management (TRM) requires that organizations anticipate and assess the potential for

events, develop treatments and communicate anticipated risk exposures to their travellers. Advising

and providing travellers with adequate medical, emergency response guidance, security and

information security precautions, including challenges to travel logistics, can significantly impact the

outcome of disruptive events.

This document provides a means for organizations to demonstrate that travel decisions are based on

the organization’s capacity to treat risk using internal resources or with external assistance. Not all

travel warrants the same level of rigour for risk assessment and management. Although this document

provides a comprehensive set of risk treatment options that an organization can consider, application

should be reasoned and proportionate to the risk exposure. This will help the organization and

individual travellers realize the opportunities and benefits for which travel is required.

This document proposes that the organization’s overall appetite and acceptance of risk should not take

precedence, or be used exclusively, in deciding whether travel is appropriate for security, safety or

health reasons.

This document is based on the principles, framework and process of ISO 31000, as illustrated in

Figure 1. Travel-related risk presents a specific context and an organization’s existing risk management

process may need to be adapted to reflect this. It is also aligned with the core occupational health and

safety management system set out in ISO 45001. As such, elements of this document can assist or inform

organizations developing such management systems, but it is not a management system standard.

This document can be used on a standalone basis or integrated within other risk management

programmes.
vi © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/FDIS 31030:2021(E)
Figure 1 — Principles, framework and process

One of the aims of this document is to promote a culture where travel-related risk is taken seriously,

resourced adequately, and managed effectively. And where the benefits to the organization and relevant

stakeholders are recognized. Such benefits include:
— protecting personnel, data, intellectual property and assets;
— reducing legal and financial exposure;
— enabling business in high-risk locations;

— enhancing an organization’s reputation and credibility, which in turn can have a positive effect on

competitiveness, staff turnover and talent acquisition;

— improving worker confidence in health, safety and security arrangements with regard to travel;

— contributing to business continuity capability and organizational resilience;

— demonstrating the organization’s ability to control its travel-related risks effectively and efficiently,

which can also help in lowering its insurance premiums;

— providing assurance to business partners, thus banks and investors will be more willing to finance

its business;

— enabling the organization to meet customers’ expectations in terms of the security and stability of

their supply chain;
— increasing general productivity;

— contributing to meeting the sustainable development goals by strengthening the social dimension

of sustainability.
© ISO 2021 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO/FDIS 31030:2021(E)
In this document, the following verbal forms are used:
a) “should” indicates a recommendation;
b) “may” indicates a permission;
c) “can” indicates a possibility or a capability.

Information marked as “NOTE” is intended to assist the understanding or use of the document.

“Notes to entry” used in Clause 3 provide additional information that supplements the terminological

data and can contain provisions relating to the use of a term.
viii © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
FINAL DRAFT INTERNATIONAL STANDARD ISO/FDIS 31030:2021(E)
Travel risk management — Guidance for organizations
1 Scope

This document gives guidance to organizations on how to manage the risk(s), to the organization and

its travellers, as a result of undertaking travel.

This document provides a structured approach to the development, implementation, evaluation and

review of:
— policy;
— programme development;
— threat and hazard identification;
— opportunities and strengths;
— risk assessment;
— prevention and mitigation strategies.

This document is applicable to any type of organization, irrespective of sector or size, including but not

limited to:
— commercial organizations;
— charitable and not-for-profit organizations;
— governmental organizations;
— non-governmental organizations;
— educational organizations.

This document does not apply to tourism and leisure-related travel, except in relation to travellers

travelling on behalf of the organization.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 31000, Risk management — Guidelines
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 31000 and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
© ISO 2021 – All rights reserved 1
---------------------- Page: 9 ----------------------
ISO/FDIS 31030:2021(E)
3.1
competence
ability to apply knowledge and skills to achieve intended results

Note 1 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for

ISO management system standards.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crisis

abnormal or extraordinary event or situation that threatens an organization (3.9) and requires a

strategic, adaptive and timely response in order to preserve its viability and integrity

Note 1 to entry: The event can include a high degree of uncertainty.

Note 2 to entry: The event can exceed the response capacity or capability of the organization.

Note 3 to entry: Given the nature of a crisis, it is possible that there will not be an adequate or appropriate plan to

deal with the event, such that a flexible and dynamic approach is needed.
3.3
crisis management team

group of individuals functionally responsible for the direction and implementation of the organization’s

(3.9) crisis (3.2) management capabilities
3.4
duty of care

moral responsibility or legal requirement of an organization (3.9) to protect the traveller (3.21) from

hazards (3.5) and threats (3.17)

Note 1 to entry: The legal aspect of duty of care can arise from, among others, negligence, contract and statute.

Note 2 to entry: Legal requirements and how they arise, including insurance coverage, can differ between

jurisdictions.

Note 3 to entry: Legal requirements can be qualified in scope (e.g. it is possible they will not be absolute).

Note 4 to entry: Organizations should seek advice from a competent legal adviser to ascertain the scope and

nature of their duty of care relating to the context of this document.
3.5
hazard
source of potential harm
[SOURCE: ISO 31073:— , 3.7.5, modified — Note 1 to entry has been deleted.]
3.6
incident

adverse event that can be, or can lead to, a disruption, loss, emergency or crisis (3.2)

Note 1 to entry: An incident can negatively impact a traveller’s (3.21) health, safety and security.

Note 2 to entry: An incident can negatively impact the organization (3.9), e.g. by reputational damage, financial

loss.
Note 3 to entry: An incident can negatively impact organizational resilience.
1) Under preparation. Stage at the time of publication: ISO/DIS 31073:2021.
2 © ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/FDIS 31030:2021(E)
3.7
incident management team

group of individuals functionally responsible for planning for the likelihood and management of an

incident (3.6)

Note 1 to entry: Responsibilities of the incident management team can include liaison with external organizations

(3.9), stakeholders (3.15) and families.
3.8
off-duty time

time when travellers (3.21) are not engaged in work activities but remain under the general supervisory

responsibility of the organization (3.9)
Note 1 to entry: This can include a weekend depending on the trip duration.
3.9
organization

person or group of people that has its own functions with responsibilities, authorities and relationships

to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation,

firm, enterprise, authority, partnership, association, charity or institution, or part or combination thereof,

whether incorporated or not, public or private.
[SOURCE: ISO 31022:2020, 3.4, modified — Note 1 to entry has been modified.]
3.10
personal leave time

period of time, occurring before, after or within the scheduled duration of the work activity or project,

that falls outside the supervisory responsibility of the organization (3.9)
3.11
provider

organization (3.9) providing services or products, or both, to the organization in accordance with

agreed specifications, terms and conditions
3.12
risk
effect of uncertainty on objectives

Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address,

create or result in opportunities and threats (3.17).

Note 2 to entry: Objectives can have different aspects and categories and can be applied at different levels.

Note 3 to entry: Risk is usually expressed in terms of risk sources, potential events, their consequences and their

likelihood.
[SOURCE: ISO 31000:2018, 3.1]
3.13
risk assessment
overall process of risk identification, risk analysis and risk evaluation
[SOURCE: ISO 31073:—, 3.6.1]
3.14
risk treatment
process to modify risk (3.12)
Note 1 to entry: Risk treatment can involve:

— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;

© ISO 2021 – All rights reserved 3
---------------------- Page: 11 ----------------------
ISO/FDIS 31030:2021(E)
— taking or increasing risk in order to pursue an opportunity;
— removing the risk source;
— changing the likelihood;
— changing the consequences;

— sharing the risk with another party or parties (including contracts and risk financing);

— retaining the risk by informed decision.

Note 2 to entry: Risk treatments that deal with negative consequences are sometimes referred to as “risk

mitigation”, “risk elimination”, “risk prevention” and “risk reduction”.
Note 3 to entry: Risk treatment can create new risks or modify existing risks.
[SOURCE: ISO 31073:—, 3.10.1]
3.15
stakeholder
person or organization (3.9) that can affect, be affected by, or perceive the
...

SLOVENSKI STANDARD
kSIST ISO/FDIS 31030:2021
01-september-2021
Obvladovanje tveganja na potovanjih - Napotki za organizacije
Travel risk management - Guidance for organizations
Gestion des risques liés aux voyages - Recommandations pour les organismes
Ta slovenski standard je istoveten z: ISO/FDIS 31030
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
03.200.01 Prosti čas in turizem na Leisure and tourism in
splošno general
kSIST ISO/FDIS 31030:2021 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
kSIST ISO/FDIS 31030:2021
---------------------- Page: 2 ----------------------
kSIST ISO/FDIS 31030:2021
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 31030
ISO/TC 262
Travel risk management — Guidance
Secretariat: BSI
for organizations
Voting begins on:
2021­06­22
Gestion des risques liés aux voyages — Recommandations pour les
organismes
Voting terminates on:
2021­08­17
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/FDIS 31030:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN­
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. ISO 2021
---------------------- Page: 3 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH­1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Understanding the organization and its context................................................................................................................. 5

4.1 Operating context ................................................................................................................................................................................. 5

4.1.1 General...................................................................................................................................................................................... 5

4.1.2 Industry/sector specific ............................................................................................................................................ 6

4.1.3 Risk profile ............................................................................................................................................................................ 6

4.2 Stakeholders .............................................................................................................................................................................................. 6

4.3 Travelling population ........................................................................................................................................................................ 7

4.4 Business objectives, risk appetite and criteria ............................................................................................................ 8

4.5 Travel risk management and delivery ................................................................................................................................ 8

5 Managing travel risk ......................................................................................................................................................................................... 8

5.1 Leadership and commitment ..................................................................................................................................................... 8

5.2 Policy ............................................................................................................................................................................................................... 9

5.3 Roles, responsibilities and accountability ....................................................................................................................10

5.4 Objectives..................................................................................................................................................................................................10

5.5 Planning/establishing the programme ...........................................................................................................................10

5.6 Implementation ...................................................................................................................................................................................11

6 Travel risk assessment ................................................................................................................................................................................12

6.1 General ........................................................................................................................................................................................................12

6.2 Risk identification .............................................................................................................................................................................14

6.3 Risk analysis ...........................................................................................................................................................................................14

6.4 Risk evaluation .....................................................................................................................................................................................15

7 Travel risk treatment ....................................................................................................................................................................................16

7.1 General ........................................................................................................................................................................................................16

7.2 Risk avoidance ......................................................................................................................................................................................16

7.2.1 Pre­travel authorizations.......................................................................................................................................16

7.2.2 Restrictions ........................................................................................................................................................................17

7.3 Risk sharing ............................................................................................................................................................................................17

7.3.1 General...................................................................................................................................................................................17

7.3.2 General insurance ........................................................................................................................................................18

7.3.3 Specialist insurance ....................................................................................................................................................18

7.4 Risk reduction .......................................................................................................................................................................................18

7.4.1 Selecting treatment options ................................................................................................................................18

7.4.2 Competence .......................................................................................................................................................................19

7.4.3 Information, advice and updates ....................................................................................................................19

7.4.4 Communication protocols/platforms .........................................................................................................20

7.4.5 Accommodation selection .................. ...................................................................................................................20

7.4.6 Information security and privacy protection .......................................................................................21

7.4.7 Transportation ................................................................................................................................................................22

7.4.8 Journey management ................................................................................................................................................22

7.4.9 Medical and health risk reduction .................................................................................................................22

7.4.10 Medical and security support services ......................................................................................................24

7.4.11 Incident management planning .......................................................................................................................24

7.4.12 Incident and emergency contact points ....................................................................................................25

7.4.13 Traveller tracking .........................................................................................................................................................26

7.4.14 Kidnap and ransom planning .............................................................................................................................27

7.4.15 Evacuation planning ..................................................................................................................................................27

© ISO 2021 – All rights reserved iii
---------------------- Page: 5 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)

8 Communication and consultation ...................................................................................................................................................28

8.1 Programme/strategic communications .........................................................................................................................28

8.2 Operational/technical communications ........................................................................................................................29

9 Programme monitoring and review ..............................................................................................................................................29

9.1 General ........................................................................................................................................................................................................29

9.2 Surveys ........................................................................................................................................................................................................30

9.3 Benchmarking.......................................................................................................................................................................................30

9.4 Metrics .........................................................................................................................................................................................................30

10 Programme recording and reporting ..........................................................................................................................................31

10.1 General ........................................................................................................................................................................................................31

10.2 Documentation ....................................................................................................................................................................................31

10.3 Recording and reporting .............................................................................................................................................................32

Annex A (informative) Development and implementation of a TRM programme .............................................34

Annex B (informative) Minors travelling without legal guardians ....................................................................................37

Annex C (informative) Travel considerations during global disruption ......................................................................40

Annex D (informative) Risk treatment restrictions ...........................................................................................................................42

Annex E (informative) Training ..............................................................................................................................................................................43

Annex F (informative) Considerations for accommodation in higher-risk locations .....................................45

Bibliography .............................................................................................................................................................................................................................48

iv © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non­governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 262, Risk management.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 7 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
Introduction

This document is intended to assist those managing and participating in organizational travel. The

management of travel risk is a component of any organization’s travel-related activities and should

include interaction with stakeholders.

There are many reasons why people travel for their organization. Travelling has increasingly become

a common feature of people’s jobs or functions. Consequently, organizations need to meet their duty of

care across multiple jurisdictions in different parts of the world.

Travellers, whether international or domestic, can be faced with unfamiliar situations and environments

that have different risk profiles to those of their normal location. Road accidents, disease outbreaks,

epidemics and natural disasters, as well as conflict, crime (including cyber and information), cyber

threats, terrorism and political and socially motivated instability, can threaten the safety, security

(including information security) and health (including mental health) of travellers, and can adversely

affect the outcome of their travel objectives.

NOTE Unless otherwise indicated, any reference to security also includes information security.

Managing risks for travel to a country where the organization has no local base requires more

comprehensive controls than for locations where risk profiles are well known and treatments have

already been established. Timeliness and accuracy of intelligence, analysis and advice, including travel

warnings, are increasingly important in influencing travel decisions.

Travel risk management (TRM) requires that organizations anticipate and assess the potential for

events, develop treatments and communicate anticipated risk exposures to their travellers. Advising

and providing travellers with adequate medical, emergency response guidance, security and

information security precautions, including challenges to travel logistics, can significantly impact the

outcome of disruptive events.

This document provides a means for organizations to demonstrate that travel decisions are based on

the organization’s capacity to treat risk using internal resources or with external assistance. Not all

travel warrants the same level of rigour for risk assessment and management. Although this document

provides a comprehensive set of risk treatment options that an organization can consider, application

should be reasoned and proportionate to the risk exposure. This will help the organization and

individual travellers realize the opportunities and benefits for which travel is required.

This document proposes that the organization’s overall appetite and acceptance of risk should not take

precedence, or be used exclusively, in deciding whether travel is appropriate for security, safety or

health reasons.

This document is based on the principles, framework and process of ISO 31000, as illustrated in

Figure 1. Travel-related risk presents a specific context and an organization’s existing risk management

process may need to be adapted to reflect this. It is also aligned with the core occupational health and

safety management system set out in ISO 45001. As such, elements of this document can assist or inform

organizations developing such management systems, but it is not a management system standard.

This document can be used on a standalone basis or integrated within other risk management

programmes.
vi © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
Figure 1 — Principles, framework and process

One of the aims of this document is to promote a culture where travel-related risk is taken seriously,

resourced adequately, and managed effectively. And where the benefits to the organization and relevant

stakeholders are recognized. Such benefits include:
— protecting personnel, data, intellectual property and assets;
— reducing legal and financial exposure;
— enabling business in high-risk locations;

— enhancing an organization’s reputation and credibility, which in turn can have a positive effect on

competitiveness, staff turnover and talent acquisition;

— improving worker confidence in health, safety and security arrangements with regard to travel;

— contributing to business continuity capability and organizational resilience;

— demonstrating the organization’s ability to control its travel-related risks effectively and efficiently,

which can also help in lowering its insurance premiums;

— providing assurance to business partners, thus banks and investors will be more willing to finance

its business;

— enabling the organization to meet customers’ expectations in terms of the security and stability of

their supply chain;
— increasing general productivity;

— contributing to meeting the sustainable development goals by strengthening the social dimension

of sustainability.
© ISO 2021 – All rights reserved vii
---------------------- Page: 9 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
In this document, the following verbal forms are used:
a) “should” indicates a recommendation;
b) “may” indicates a permission;
c) “can” indicates a possibility or a capability.

Information marked as “NOTE” is intended to assist the understanding or use of the document.

“Notes to entry” used in Clause 3 provide additional information that supplements the terminological

data and can contain provisions relating to the use of a term.
viii © ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
kSIST ISO/FDIS 31030:2021
FINAL DRAFT INTERNATIONAL STANDARD ISO/FDIS 31030:2021(E)
Travel risk management — Guidance for organizations
1 Scope

This document gives guidance to organizations on how to manage the risk(s), to the organization and

its travellers, as a result of undertaking travel.

This document provides a structured approach to the development, implementation, evaluation and

review of:
— policy;
— programme development;
— threat and hazard identification;
— opportunities and strengths;
— risk assessment;
— prevention and mitigation strategies.

This document is applicable to any type of organization, irrespective of sector or size, including but not

limited to:
— commercial organizations;
— charitable and not-for-profit organizations;
— governmental organizations;
— non-governmental organizations;
— educational organizations.

This document does not apply to tourism and leisure-related travel, except in relation to travellers

travelling on behalf of the organization.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 31000, Risk management — Guidelines
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 31000 and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
© ISO 2021 – All rights reserved 1
---------------------- Page: 11 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
3.1
competence
ability to apply knowledge and skills to achieve intended results

Note 1 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for

ISO management system standards.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crisis

abnormal or extraordinary event or situation that threatens an organization (3.9) and requires a

strategic, adaptive and timely response in order to preserve its viability and integrity

Note 1 to entry: The event can include a high degree of uncertainty.

Note 2 to entry: The event can exceed the response capacity or capability of the organization.

Note 3 to entry: Given the nature of a crisis, it is possible that there will not be an adequate or appropriate plan to

deal with the event, such that a flexible and dynamic approach is needed.
3.3
crisis management team

group of individuals functionally responsible for the direction and implementation of the organization’s

(3.9) crisis (3.2) management capabilities
3.4
duty of care

moral responsibility or legal requirement of an organization (3.9) to protect the traveller (3.21) from

hazards (3.5) and threats (3.17)

Note 1 to entry: The legal aspect of duty of care can arise from, among others, negligence, contract and statute.

Note 2 to entry: Legal requirements and how they arise, including insurance coverage, can differ between

jurisdictions.

Note 3 to entry: Legal requirements can be qualified in scope (e.g. it is possible they will not be absolute).

Note 4 to entry: Organizations should seek advice from a competent legal adviser to ascertain the scope and

nature of their duty of care relating to the context of this document.
3.5
hazard
source of potential harm
[SOURCE: ISO 31073:— , 3.7.5, modified — Note 1 to entry has been deleted.]
3.6
incident

adverse event that can be, or can lead to, a disruption, loss, emergency or crisis (3.2)

Note 1 to entry: An incident can negatively impact a traveller’s (3.21) health, safety and security.

Note 2 to entry: An incident can negatively impact the organization (3.9), e.g. by reputational damage, financial

loss.
Note 3 to entry: An incident can negatively impact organizational resilience.
1) Under preparation. Stage at the time of publication: ISO/DIS 31073:2021.
2 © ISO 2021 – All rights reserved
---------------------- Page: 12 ----------------------
kSIST ISO/FDIS 31030:2021
ISO/FDIS 31030:2021(E)
3.7
incident management team

group of individuals functionally responsible for planning for the likelihood and management of an

incident (3.6)

Note 1 to entry: Responsibilities of the incident management team can include liaison with external organizations

(3.9), stakeholders (3.15) and families.
3.8
off-duty time

time when travellers (3.21) are not engaged in work activities but remain under the general supervisory

responsibility of the organization (3.9)
Note 1 to entry: This can include a weekend depending on the trip duration.
3.9
organization

person or group of people that has its own functions with responsibilities, authorities and relationships

to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation,

firm, enterprise, authority, partnership, association, charity or institution, or part or combination thereof,

whether incorporated or not, public or private.
[SOURCE: ISO 31022:2020, 3.4, modified — Note 1 to entry has been modified.]
3.10
personal leave time

period of time, occurring before, after or within the scheduled duration of the work activity or project,

that falls outside the supervisory responsibility of the organization (3.9)
3.11
provider

organization (3.9) providing services or products, or both, to the organization in accordance with

agreed specifications, terms and conditions
3.12
risk
effect of uncertainty on objectives

Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address,

create or result in opportunities and threats (3.17).

Note 2 to entry: Objectives can have different aspects and categories and can be applied at different levels.

Note 3 to entry: Risk is usually expressed in terms of risk sources, potential events, their consequences and their

likelihood.
[SOURCE: ISO 31000:2018, 3.1]
3.13
risk assessment
overall process of risk
...

PROJET
NORME ISO/FDIS
FINAL
INTERNATIONALE 31030
ISO/TC 262
Gestion des risques liés aux
Secrétariat: BSI
voyages — Recommandations pour les
Début de vote:
2021-06-22 organismes
Vote clos le:
Travel risk management — Guidance for organizations
2021-08-17
LES DESTINATAIRES DU PRÉSENT PROJET SONT
INVITÉS À PRÉSENTER, AVEC LEURS OBSER-
VATIONS, NOTIFICATION DES DROITS DE PRO-
PRIÉTÉ DONT ILS AURAIENT ÉVENTUELLEMENT
CONNAISSANCE ET À FOURNIR UNE DOCUMEN-
TATION EXPLICATIVE.
OUTRE LE FAIT D’ÊTRE EXAMINÉS POUR
ÉTABLIR S’ILS SONT ACCEPTABLES À DES FINS
INDUSTRIELLES, TECHNOLOGIQUES ET COM-
Numéro de référence
MERCIALES, AINSI QUE DU POINT DE VUE
ISO/FDIS 31030:2021(F)
DES UTILISATEURS, LES PROJETS DE NORMES
INTERNATIONALES DOIVENT PARFOIS ÊTRE
CONSIDÉRÉS DU POINT DE VUE DE LEUR POSSI-
BILITÉ DE DEVENIR DES NORMES POUVANT
SERVIR DE RÉFÉRENCE DANS LA RÉGLEMENTA-
TION NATIONALE. ISO 2021
---------------------- Page: 1 ----------------------
ISO/FDIS 31030:2021(F)
DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2021

Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette

publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,

y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut

être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.

ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii © ISO 2021 – Tous droits réservés
---------------------- Page: 2 ----------------------
ISO/FDIS 31030:2021(F)
Sommaire Page

Avant-propos ................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Domaine d’application ................................................................................................................................................................................... 1

2 Références normatives ................................................................................................................................................................................... 1

3 Termes et définitions ....................................................................................................................................................................................... 1

4 Compréhension de l’organisme et de son contexte .......................................................................................................... 5

4.1 Contexte opérationnel ...................................................................................................................................................................... 5

4.1.1 Généralités ............................................................................................................................................................................ 5

4.1.2 Contexte spécifique à une industrie/un secteur d’activité .......................................................... 6

4.1.3 Profil de risque .................................................................................................................................................................. 6

4.2 Parties prenantes .................................................................................................................................................................................. 7

4.3 Population de voyageurs ................................................................................................................................................................ 7

4.4 Objectifs commerciaux, appétence au risque et critères de risques......................................................... 8

4.5 Gestion des risques liés aux voyages et mise en œuvre ....................................................................................... 8

5 Gestion des risques liés aux voyages ............................................................................................................................................... 8

5.1 Leadership et engagement............................................................................................................................................................ 8

5.2 Politique ........................................................................................................................................................................................................ 9

5.3 Rôles et responsabilités ......... .......................................................................................................................................................10

5.4 Objectifs .....................................................................................................................................................................................................11

5.5 Planification/élaboration du programme ....................................................................................................................11

5.6 Mise en œuvre.......................................................................................................................................................................................12

6 Appréciation des risques liés aux voyages .............................................................................................................................13

6.1 Généralités ...............................................................................................................................................................................................13

6.2 Identification des risques ...........................................................................................................................................................15

6.3 Analyse du risque ..............................................................................................................................................................................16

6.4 Évaluation du risque .......................................................................................................................................................................16

7 Traitement des risques liés aux voyages ..................................................................................................................................17

7.1 Généralités ...............................................................................................................................................................................................17

7.2 Évitement des risques....................................................................................................................................................................18

7.2.1 Autorisations préalables aux voyages ........................................................................................................18

7.2.2 Restrictions ........................................................................................................................................................................18

7.3 Partage du risque ...............................................................................................................................................................................19

7.3.1 Généralités .........................................................................................................................................................................19

7.3.2 Assurance générale .....................................................................................................................................................19

7.3.3 Assurance spécialisée ...............................................................................................................................................19

7.4 Réduction du risque ........................................................................................................................................................................20

7.4.1 Choix des options de traitement .....................................................................................................................20

7.4.2 Compétence .......................................................................................................................................................................20

7.4.3 Informations, conseils et mises à jour ........................................................................................................21

7.4.4 Protocoles/plates-formes de communication .....................................................................................21

7.4.5 Choix de l’hébergement ..........................................................................................................................................21

7.4.6 Sécurité de l’information et protection de la vie privée ..............................................................22

7.4.7 Transport .............................................................................................................................................................................23

7.4.8 Gestion du déplacement .........................................................................................................................................24

7.4.9 Réduction des risques médicaux et sanitaires ....................................................................................24

7.4.10 Services d’assistance médicale et à la sûreté .......................................................................................26

7.4.11 Planification de la gestion des incidents ..................................................................................................26

7.4.12 Points de contact pour les incidents et les urgences .....................................................................28

7.4.13 Suivi des voyageurs ....................................................................................................................................................28

7.4.14 Préparation à la gestion des enlèvements et des rançons ........................................................29

7.4.15 Planification de l’évacuation ...............................................................................................................................29

© ISO 2021 – Tous droits réservés iii
---------------------- Page: 3 ----------------------
ISO/FDIS 31030:2021(F)

8 Communication et consultation ........................................................................................................................................................30

8.1 Communication du programme et de la stratégie .................................................................................................30

8.2 Communications opérationnelles/techniques .........................................................................................................31

9 Surveillance et revue du programme ...........................................................................................................................................32

9.1 Généralités ...............................................................................................................................................................................................32

9.2 Sondages ....................................................................................................................................................................................................33

9.3 Analyse comparative .......................................................................................................................................................................33

9.4 Mesures ......................................................................................................................................................................................................33

10 Enregistrement du programme et élaboration de rapports ................................................................................34

10.1 Généralités ...............................................................................................................................................................................................34

10.2 Documentation ....................................................................................................................................................................................34

10.3 Enregistrement et élaboration de rapports ................................................................................................................35

Annexe A (informative) Élaboration et mise en œuvre d’un programme de gestion des

risques liés aux voyages .............................................................................................................................................................................37

Annexe B (informative) Mineurs voyageant sans tuteur légal ................................................................................................41

Annexe C (informative) Considérations relatives aux voyages en cas de perturbation mondiale ....44

Annexe D (informative) Restrictions en matière de traitement du risque ................................................................46

Annexe E (informative) Formation ......................................................................................................................................................................47

Annexe F (informative) Considérations relatives aux hébergements situés dans des lieux à

haut risque ...............................................................................................................................................................................................................49

Bibliographie ...........................................................................................................................................................................................................................52

iv © ISO 2021 – Tous droits réservés
---------------------- Page: 4 ----------------------
ISO/FDIS 31030:2021(F)
Avant-propos

L’ISO (Organisation internationale de normalisation) est une fédération mondiale d’organismes

nationaux de normalisation (comités membres de l’ISO). L’élaboration des Normes internationales est

en général confiée aux comités techniques de l’ISO. Chaque comité membre intéressé par une étude

a le droit de faire partie du comité technique créé à cet effet. Les organisations internationales,

gouvernementales et non gouvernementales, en liaison avec l’ISO participent également aux travaux.

L’ISO collabore étroitement avec la Commission électrotechnique internationale (IEC) en ce qui

concerne la normalisation électrotechnique.

Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont

décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier de prendre note des différents

critères d’approbation requis pour les différents types de documents ISO. Le présent document a été

rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www

.iso .org/ directives).

L’attention est appelée sur le fait que certains des éléments du présent document peuvent faire l’objet de

droits de propriété intellectuelle ou de droits analogues. L’ISO ne saurait être tenue pour responsable

de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails concernant

les références aux droits de propriété intellectuelle ou autres droits analogues identifiés lors de

l’élaboration du document sont indiqués dans l’Introduction et/ou dans la liste des déclarations de

brevets reçues par l’ISO (voir www .iso .org/ brevets).

Les appellations commerciales éventuellement mentionnées dans le présent document sont données

pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un

engagement.

Pour une explication de la nature volontaire des normes, la signification des termes et expressions

spécifiques de l’ISO liés à l’évaluation de la conformité, ou pour toute information au sujet de l’adhésion

de l’ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles

techniques au commerce (OTC), voir le lien suivant: www .iso .org/ iso/ fr/ avant -propos.

Le présent document a été élaboré par le Comité technique ISO/TC 262, Management du risque.

Il convient que l’utilisateur adresse tout retour d’information ou toute question concernant le présent

document à l’organisme national de normalisation de son pays. Une liste exhaustive desdits organismes

se trouve à l’adresse www .iso .org/ fr/ members .html.
© ISO 2021 – Tous droits réservés v
---------------------- Page: 5 ----------------------
ISO/FDIS 31030:2021(F)
Introduction

Le présent document est destiné à aider les personnes qui gèrent et participent à des voyages d’affaires.

La gestion des risques liés aux voyages est une composante des activités de voyage de tout organisme et

il convient d’y inclure l’interaction avec les parties prenantes.

Les raisons de voyager pour le compte d’un organisme sont nombreuses. Les voyages sont de plus en plus

fréquents dans le cadre de l’exercice d’un emploi ou d’une fonction. Par conséquent, il est nécessaire que

les organismes s’acquittent de leur devoir de protection sous de multiples juridictions dans différentes

parties du monde.

Les voyageurs, qu’ils soient internationaux ou nationaux, peuvent être confrontés à des situations et

à des environnements qu’ils ne connaissent pas et qui présentent des profils de risque différents de

ceux de leur lieu de résidence habituel. Les accidents de la route, les épidémies et les catastrophes

naturelles, ainsi que les conflits, la criminalité (y compris la cybercriminalité et le vol d’information), les

cybermenaces, le terrorisme et l’instabilité politique et sociale peuvent menacer la sécurité, la sûreté (y

compris la sécurité de l’information) et la santé (y compris la santé mentale) des voyageurs, et peuvent

avoir des conséquences négatives sur les objectifs de leurs missions.

NOTE Sauf indication contraire, toute référence à la sûreté inclut également la sécurité de l’information.

La gestion des risques liés aux voyages dans un pays où l’organisme n’a pas de bureau local nécessite

des moyens de maîtrise du risque plus complets que pour les lieux dont les profils de risque sont bien

connus et où des mesures de traitement ont déjà été prises. L’actualisation permanente et l’exactitude

des renseignements, des analyses et des conseils, y compris les avertissements aux voyageurs, jouent

un rôle de plus en plus important dans les décisions de voyage.

La gestion des risques liés aux voyages exige que les organismes anticipent et évaluent les probabilités

que des événements se produisent, élaborent des mesures de traitement et communiquent à leurs

voyageurs leur exposition anticipée aux risques. Le fait de conseiller les voyageurs et de leur fournir

des recommandations adéquates en matière de soins médicaux, d’intervention d’urgence ainsi que des

consignes en matière de sûreté et de sécurité de l’information, y compris les défis liés à la logistique des

voyages, peut avoir une incidence importante sur l’impact potentiel d’événements perturbateurs.

Le présent document fournit aux organismes un moyen de démontrer que les décisions de voyage sont

fondées sur la capacité de l’organisme à traiter le risque en utilisant des ressources internes ou avec

une aide externe. Tous les voyages ne justifient pas le même degré de rigueur dans l’appréciation et

le management du risque. Bien que le présent document fournisse un ensemble complet d’options de

traitement du risque pouvant être envisagées par un organisme, il convient que son application soit

raisonnée et proportionnée à l’exposition au risque. Cela a vocation à aider l’organisme et chaque

voyageur à saisir les opportunités et les avantages pour lesquels le voyage est requis.

Le présent document dispose qu’il convient que l’appétence générale de l’organisme au risque et son

acceptation du risque ne priment pas, ou ne soient pas utilisées exclusivement, pour décider si un

voyage est approprié pour des raisons de sûreté, de sécurité ou de santé.

Le présent document est basé sur les principes, le cadre organisationnel et le processus de l’ISO 31000,

comme illustré à la Figure 1. Le risque lié aux voyages présente un contexte spécifique et il peut être

nécessaire d’adapter le processus de management du risque existant d’un organisme pour en tenir

compte. Il est également aligné sur le système central de management de la santé et de la sécurité au

travail défini dans l’ISO 45001. À ce titre, certains éléments du présent document peuvent aider ou

éclairer les organismes qui élaborent de tels systèmes de management, mais il ne s’agit pas d’une norme

de système de management.

Le présent document peut être utilisé de manière autonome ou intégré dans d’autres programmes de

gestion des risques.
vi © ISO 2021 – Tous droits réservés
---------------------- Page: 6 ----------------------
ISO/FDIS 31030:2021(F)
Figure 1 — Principes, cadre organisationnel et processus

L’un des objectifs du présent document est de promouvoir une culture où le risque lié aux voyages est

pris au sérieux, mobilise suffisamment de ressources et est géré de manière efficace, et où les avantages

pour l’organisme et les parties prenantes concernées sont reconnus. Ces avantages comprennent:

— protéger le personnel, les données, la propriété intellectuelle et les biens;
— réduire les impacts financiers et juridiques de l’exposition au risque;
— permettre de traiter des affaires dans des lieux à haut risque;

— améliorer la réputation et la crédibilité d’un organisme, ce qui peut avoir un effet positif sur la

compétitivité, la rotation du personnel et l’acquisition de talents;

— améliorer la confiance des travailleurs dans les dispositions en matière de santé, de sécurité et de

sûreté relatives aux voyages;

— contribuer à la capacité de continuité d’activité et à la résilience de l’organisme;

— démontrer la capacité de l’organisme à maîtriser ses risques liés aux voyages de manière efficace et

efficiente, ce qui peut également contribuer à réduire ses primes d’assurance;

— rassurer ses partenaires commerciaux, de sorte que les banques et les investisseurs soient plus

disposés à financer ses activités;

— permettre à l’organisme de répondre aux attentes de ses clients en termes de sûreté et de stabilité

de leur chaîne d’approvisionnement;
— augmenter la productivité générale;
© ISO 2021 – Tous droits réservés vii
---------------------- Page: 7 ----------------------
ISO/FDIS 31030:2021(F)

— contribuer à l’atteinte des objectifs de développement durable en renforçant la dimension sociale du

développement durable.
Dans le présent document, les formes verbales suivantes sont utilisées:
a) «il convient de/que» indique une recommandation;
b) «peut/il est admis/permis» (« may » en anglais) indique une permission;

c) «peut/il est possible» (« can » en anglais) indique une possibilité ou une capacité.

Les informations sous forme de «NOTE» sont destinées à faciliter la compréhension ou l’utilisation du

document.

Les «Notes à l’article» utilisées à l’Article 3 fournissent des informations supplémentaires qui viennent

compléter les données terminologiques et peuvent contenir des précisions concernant l’usage d’un

terme.
viii © ISO 2021 – Tous droits réservés
---------------------- Page: 8 ----------------------
PROJET FINAL DE NORME INTERNATIONALE ISO/FDIS 31030:2021(F)
Gestion des risques liés aux voyages — Recommandations
pour les organismes
1 Domaine d’application

Le présent document fournit des recommandations aux organismes sur la manière de gérer le ou les

risques, pour l’organisme et ses voyageurs, lorsqu’ils effectuent un voyage.

Le présent document fournit une approche structurée pour l’élaboration, la mise en œuvre, l’évaluation

et le contrôle des éléments suivants:
— la politique;
— l’élaboration de programmes;
— l’identification des menaces et des dangers;
— les opportunités et les points forts;
— l’appréciation du risque;
— les stratégies de prévention et d’atténuation.

Le présent document s’applique à tout type d’organisme, quel que soit son secteur d’activité ou sa taille,

y compris, sans s’y limiter:
— les organismes commerciaux;
— les organismes caritatifs et à but non lucratif;
— les organismes publics;
— les organisations non gouvernementales;
— les organismes éducatifs.

Le présent document ne s’applique pas aux voyages à but touristique et de loisirs, sauf en ce qui concerne

les voyageurs qui voyagent pour le compte de leur organisme.
2 Références normatives

Les documents suivants sont cités dans le texte de sorte qu’ils constituent, pour tout ou partie de leur

contenu, des exigences du présent document. Pour les références datées, seule l’édition citée s’applique.

Pour les références non datées, la dernière édition du document de référence s’applique (y compris les

éventuels amendements).
ISO 31000, Management du risque — Lignes directrices
3 Termes et définitions

Pour les besoins du présent document, les termes et définitions de l’ISO 31000 ainsi que les suivants,

s’appliquent.
© ISO 2021 – Tous droits réservés 1
---------------------- Page: 9 ----------------------
ISO/FDIS 31030:2021(F)

L’ISO et l’IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en

normalisation, consultables aux adresses suivantes:

— ISO Online browsing platform: disponible à l’adresse https:// www .iso .org/ obp;

— IEC Electropedia: disponible à l’adresse http:// www .electropedia .org/ .
3.1
compétence

aptitude à mettre en pratique des connaissances et des savoir-faire pour obtenir les résultats escomptés

Note 1 à l'article: Il s’agit de l’un des termes communs et définitions de base de la structure harmonisée des

normes de systèmes de management de l’ISO.
[SOURCE: ISO 22300:2021, 3.1.42]
3.2
crise

événement ou situation anormale ou extraordinaire qui menace un organisme (3.9) et nécessite une

réponse stratégique, adaptative et rapide afin de préserver sa viabilité et son intégrité

Note 1 à l'article: L’événement peut comporter un degré élevé d’incertitude.

Note 2 à l'article: L’événement peut dépasser la capacité de réponse ou les capacités générales de l’organisme.

Note 3 à l'article: Étant donné la nature d’une crise, il est possible qu’il n’existe pas de plan adéquat ou approprié

permettant de faire face à l’événement, de sorte qu’une approche souple et dynamique est nécessaire.

3.3
équipe de gestion de crise

groupe de personnes responsables de par leurs fonctions de l’orientation et de la mise en œuvre des

capacités de gestion de crise (3.2) de l’organisme (3.9)
3.4
devoir de protection

responsabilité morale ou exigence légale d’un organisme (3.9) de protéger le voyageur (3.21) contre les

dangers (3.5) et les menaces (3.17)

Note 1 à l'article: L’aspect juridique du devoir de protection peut découler, entre autres, d’une négligence, d’un

contrat et d’une loi.

Note 2 à l'article: Les exigences légales et la manière dont elles se présentent, y compris la couverture d’assurance,

peuvent varier d’une juridiction à l’autre.

Note 3 à l'article: Les exigences légales peuvent être assorties de réserves quant à leur portée (par exemple, elles

peuvent ne pas être absolues).

Note 4 à l'article: Il convient que les organismes demandent l’avis d’un conseiller juridique compétent pour

déterminer la portée et la nature de leur devoir de protection dans le contexte du présent document.

3.5
danger
source de dommage potentiel
[SOURCE: ISO 31073:— , 3.7.5, modifié — La Note 1 à l’article a été supprimée.]
1) En préparation. Stade au moment de la publication : ISO/DIS 31073:2021.
2 © ISO 2021 – Tous droits réservés
---------------------- Page: 10 ----------------------
ISO/FDIS 31030:2021(F)
3.6
incident

événement indésirable qui peut constituer ou conduire à une perturbation, une perte, une urgence ou

une crise (3.2)

Note 1 à l'article: Un incident peut avoir un impact négatif sur la santé, la sécurité et la sûreté d’un voyageur

(3.21).

Note 2 à l'article: Un incident peut avoir un impact négatif sur l’organisme (3.9), par exemple une perte de

réputation ou une perte financière.

Note 3 à l'article: Un incident peut avoir un impact négatif sur la résilience de l’organisme.

3.7
équipe de gestion des incidents

groupe de personnes responsables de par leurs fonctions de planifier la vraisemblance et la gestion

d’un incident (3.6)

Note 1 à l'article: Les responsabilités de l’équipe de gestion des incidents peuvent inclure la liaison avec les

organismes (3.9) externes, les parties prenantes (3.15) et les familles.
3.8
temps libre

temps pendant lequel les voyageurs (3.21) n’exercent pas d’activités professionnelles mais restent sous

la responsabilité générale de l’organisme (3.9)
Note 1 à l'article: Cela peut inclure un week-end selon la durée du voyage.
3.9
organisme

personne ou groupe de personnes ayant des fonctions définies avec les responsabilités,

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.