Get support from A&P

ISO 31030 and travel risk management

Recognized by Italy and other 70 countries, ISO 31030 guidelines can constitute a shared procedure to correctly comply with international norms when planning international assignments.

Table of Contents

The new guidelines of ISO 31030 have been set by UNI ISO (International Organization for Standardization), an independent, non-governmental international organization, that brings together experts to share knowledge and develop voluntary International Standards. The document provides, for the first time, the guidelines that employers should follow for correctly managing the risks of corporate travels.

A brief introduction on UNI ISO 31030

UNI ISO 31030, published in September 2021, provides guidelines for a clear and unambiguous definition of all criteria to respect in order to ensure a safe corporate travel abroad. It explains how and what steps must be taken before, during and after the business travel, such as internal and external risk factors up to the drafting of the company’s policy and subsequent implementation plan.

Italian and European legislative context

When sending employees abroad, the Italian legislation places specific responsibilities on companies, in the regulatory framework, in the practice and in the law, to ensure worker safety, both in the long and in the short run.

More information on the obligations provided by Italian law in our guide on Italian health and safety laws for assignments abroad.

In this respect, one can quote the imperative principles of safety and security in the workplace:

  • Legislative Decree n. 81/2008, which transposes Directive n. 89/391;
  • Legislative Decree of September 15th 2011, Article 18, amending Law n. 398/87, which regulates working conditions of Italian workers employed or transferred abroad.

In the practice, one can refer to the ruling of the Ministry of Labour n. 11/2016, concerning the assessment of environmental risks and safety in the workplace of staff abroad.

In the penal code, concerning the entities’ criminal responsibility, one can refer to Legislative Decree n. 231/2001, concerning crimes committed abroad in the matter of safety in the workplace, found in Articles 4 and 25 septies.

Italian law also consistently condemns employers who do not comply with safety measures for their workers abroad. One of the most recent rulings is the Cassazione Penale, fourth section, n. 35 510 of 2001.

In this very strict regulatory framework, the sending company is directly responsible for employees’ well-being during international assignments, both when transferring or posting. For this reason, for the first time, the UNI ISO 31030 guidelines (recognized by 70 countries, including Italy) can constitute a procedure shared by our legislation, to correctly comply with norms.

Find more on the obligations that companies have regarding health and safety of employees abroad in our guide on employer duty of care.

Defining Risk Assessment

Travel Risk Assessment can be defined as the process by which a company identifies, manages and controls risks that may affect employees during business trips.

These risks can stem from internal factors, such as:

  • Undefined responsibilities;
  • Overlooked contingencies;
  • Poorly managed international relations;

or external factors, like:

  • Crime rates;
  • Likelihood of terrorist attacks;
  • Environmental disasters;
  • Inadequate healthcare facilities;
  • Customs restrictions;
  • Invalid documents;
  • Communication networks for tracking and alerting in case of danger or emergencies.

An often-overlooked aspect is the local culture and the behaviors to adopt on-site. For instance, in some countries, touching a newly-acquainted person can be considered offensive, and even during business meetings, handshakes may be discouraged to avoid potential legal issues or detentions.

On the contrary, a proper Travel Risk Assessment includes:

  1. Selecting the right policy type to address risks;
  2. Identifying key personnel for the assignment;
  3. Analyzing the destination country through reliable government sources to classify and address identified risks, and finally;
  4. Creating a record of all decisions made for future review and accountability.

Regardless of a company’s specific criteria for meeting business travel regulations, it must always be capable of demonstrating the correctness of its actions, even after the fact. ISO 31030 aims to bridge this gap by providing a standardized criterion for not only conducting safe business trips but also proving the comprehensibility of the decisions taken.

What Does ISO 31030 Define for Travel Risk Management?

ISO 31030 outlines four distinct phases:

First phase

In the first phase, the organization studies the context and defines its objectives. This includes analyzing the traveling population, i.e., individuals who will undertake the trip. Depending on their specific cultural backgrounds, some individuals may be more suitable for one assignment over another due to potential nationality restrictions or specific cultural norms. The result of this phase is the initial Risk Management Policy of the company.

Second phase

The second phase builds upon the first by delineating the implementation plan, which consists of concrete activities for corporate travel risk management. During this stage, risks associated with the destination country are identified, evaluated, and treated as necessary. The individuals responsible for implementing these measures are determined, including those who will handle emergency situations. At this point, the plan is communicated to all relevant parties.

Third phase

The third phase provides the traveler and the organization with the necessary operational resources and support for the actual trip. This includes preparing the traveler for local behaviors and precautions, identifying communication networks between the traveler and the company, even in emergency situations, and continuous monitoring of travel conditions.

Fourth phase

The final phase serves as a control mechanism for the entire process. It provides the organization with information and feedback on the effectiveness of the plan. In case of negative findings, the company’s risk management plan is adjusted and improved. Concurrently, detailed records of all decisions related to the trip are produced for legal purposes.

A Travel Risk Management program that follows these four phases, as briefly outlined here, represents a correct Travel Risk Assessment. ISO 31030 is a powerful tool that companies can employ to enhance their internal and external organization, aligning themselves with internationally approved criteria.

A&P’s Risk Assessment service

With this in mind, A&P’s Risk Assessment service aims to align companies with existing regulations by offering a targeted assessment to evaluate the organization’s internal structure. From there, we guide our clients through all subsequent phases, helping them obtain the most relevant information specific to their chosen destination. This includes localized information, such as city-specific guidelines, mandatory vaccinations, cultural recommendations, and precautions to be taken.

Additionally, A&P’s proprietary software ensures constant monitoring of employees and immediate notifications of updates within 1 working day. The software also facilitates documentation storage for further client protection.


Why Are Standardized Risk Management Practices Important?

Given the above, it’s evident why clear risk management standards are essential. With a well-defined policy and implementation plan, a company can best ensure the health of its travelers, protect itself from potential liabilities arising from trips and take a significant step toward safely becoming more international.

Contact Studio A&P

Regulatory Framework

INTERNATIONAL STANDARD ISO 31030, Travel risk management — Guidance for organizations, First edition 2021-09.


Don't miss out on the latest updates

Get free updates from our Experts on Immigration, Posting Workers, International Taxation and more.