skip to main content

‘The ISO highlights the need for organisations to take a more forensic approach to capturing and accounting for the risks posed by business travel in their risk management frameworks.’

Leon Burton, Head of A&H Corporate and Affinity, UK

Leon Burton, Head of A&H Corporate and Affinity, UK, explores how companies can craft an effective business travel risk management framework; with comments from Julia Graham, CEO of UK risk management and insurance association, Airmic, who helped to shape the International Organisation for Standardisation (ISO) 31030: 2021 business travel risk management standard.

A new age of globe-trotting is dawning for business travel. International flight bookings have risen sharply through the year, with numbers for April 2022 even surpassing the pre-pandemic levels of April 2019*. During the difficult days of COVID-19, it did seem possible that video conferencing and remote working could diminish appetites for business travel or even render it redundant entirely. But now businesses and borders have opened up again, those fears are receding with companies and individuals continuing to value the importance of meeting face to face. Yet while the acute phase of the pandemic might appear to be over, other significant risks remain for the business traveller and their employers who are ultimately responsible for their health, safety and well-being. From cyber crime and natural disasters to civil unrest, terrorism and mental health, there are many evolving risks which should be factored in before, during and after any business trip.

So, with this in mind, how can organisations now ensure they have the right risk management protocols in place to fulfil their duty of care obligations to business travellers, and how can business travel insurance help? 

A standard to follow

In autumn 2021, a new standard for business travel risk management was published by the International Organisation for Standardisation (ISO): ISO 31030: 2021. The standard provides organisations with a benchmark for assessing, building and implementing an effective travel risk management framework, as well as delving into areas such as risk assessments and threat mitigation strategies.

By providing an internationally recognised standard for developing sound, comprehensive travel risk management protocols, ISO 31030: 2021 aims to support the conducting of business within and travel to high-risk locations, improve worker health and safety, and contribute to business continuity.

The standard also aims to help companies reduce their financial and legal exposure, as well as that of their directors and officers. As London law firm Peters & Peters put it in their whitepaper on ISO 31030: 2021**, “the ISO and the law of England and Wales are clear: top management should be responsible and accountable for the overall implementation of policies to reduce the risks to employees associated with travel overseas. If they do not take such responsibilities seriously, this may lead to corporate as well as personal liability...”

Furthermore, having a strong framework in place provides a good demonstration of an organisation’s ability to control risk, which can contribute to lower insurance premiums, enhance their reputation and provide assurance to business partners and investors.

Building an effective framework: beyond the basics

Clear legal obligations and the growing complexity of global risks means the basics are no longer enough, and the ISO highlights the need for organisations to take a more forensic approach to capturing and accounting for the risks posed by business travel in their risk management frameworks.

Pre-travel considerations might include assessing the value of the business trip, ensuring traveller awareness of risks and procedures (for example, through pre-travel risk training), and reviewing the risks and restrictions of the destination in detail. For example, what if the employee is part of a religious group that may face persecution at the destination? Does the framework encompass this level of nuance in the pre-travel stage and have a plan in place for preparing and keeping an employee safe in situations like this?

Protocols should be put in place to reduce risk during the period of travel itself: monitoring the safety of employees and the risk landscape of the destination in real time, as well as having contingencies and plans in place to deal with unforeseen circumstances or emergency situations. 

A scrupulous framework will also recognise that the risks don’t necessarily end when the trip does, so might include some form of post-travel after care or debrief to assess employees’ physical and mental wellbeing.

Julia Graham, CEO of Airmic, was part of the committee responsible for shaping and setting the ISO 31030: 2021 standard. She said:

“The aims of ISO 31030: 2021 include the promotion of a culture where business travel risk is taken seriously, resourced adequately, managed effectively, and where the benefits to the organisation and relevant stakeholders are recognised.

“Travel risk management cannot have a ‘one size fits all’ approach. For example, the same organisation sending people to the same location but to undertake different tasks may present different risk profiles.

“It’s too late to educate travellers after something has gone wrong when travelling. Effective preparation before business travel takes place is essential, so that travellers know who to contact - and how - should an emergency arise. It also makes sense for the families of business travellers to be made aware of the procedures for business travel emergencies too, thereby avoiding the potential for unnecessary concern and confusion.”

Implementation and the role of insurance

Outlining a business travel risk management framework that aligns with the ISO standards is one thing, but how can businesses put in place the tools and systems to implement that framework effectively?

This is an area where a well-designed insurance policy can add value: providing businesses with access to the systems and assistance they need to properly implement their risk management protocols, protect their employees, and shield themselves from excess costs. For example, a business travel insurance policy like this might provide:

  • pre-travel risk training for employees to help businesses meet the “competence” (7.4.2) standards;
  • detailed route and location assessments and real-time risk/traveller tracking to meet “journey management” (7.4.8) and ”traveller tracking” (7.4.13) expectations;
  • 24/7 access to professional medical and security advice to help align with medical treatment ( and medical and security support service (7.4.10) requirements;
  • location-specific information and live alerts before and during trips to fulfil standards relating to “information, advice and updates” (7.4.3).

Or all these things rolled into one application, such as Chubb Travel Smart.

Whatever the situation, a well-designed, specific programme of business travel insurance – in tandem with a forensic, comprehensive risk management framework – has always been important for organisations conducting business travel. The introduction of ISO 31030: 2021 standards has amplified this. Risk and benefit managers can work with an agent or broker to construct business travel insurance policies that help to protect employees in the context of today’s evolving travel risk scenarios and shield the employer from excess costs, as well as providing them with the right assistance, tools and systems to implement effective business risk management protocols in line with the ISO standards.

To find out more about the return to business travel, managing business travel risk, or business travel insurance policies, please visit:

Leon Burton, Head of A&H Corporate and Affinity, UK

*‘Travel 2022: Trends & Transitions’ 2022, Mastercard Economics Institute
** Peters & Peters LLP (London) – White Paper: ISO 31030: Travel Risk Management Standard – Legal Implications and Risks for Organisations (October 2021)