PwC US Implements ISO 31030 Travel Risk Management Audit with GSA 

Client Overview 

PwC US is part of the global PwC network and is one of its largest and most complex member firms. Brad Lynn, who serves as Director of Executive Protection, Travel Risk Management & Event Support for the US and Mexico regions, oversees a travel security program that supports over 50,000 travellers annually across a range of global hubs, including India, Argentina, the Philippines, China, and Mexico. 

Background 

As international travel resumed following the COVID-19 pandemic, PwC US recognised an urgent need to enhance and formalise its travel risk management (TRM) processes. Compliance, internal audit requirements, and client expectations around ISO standards had all intensified, prompting the firm to explore external validation. 

Upon joining the firm, Brad noted that while some processes were in place, they were handled in an ad hoc manner. With travel volumes increasing again, he identified a gap in structured, documented practices. Recognising ISO 31030 as the global benchmark for travel risk management, Brad initiated the effort to bring PwC US into alignment, led by example across the PwC global network and ultimately pursue a third-party audit. 

“We already had strong practices in place, but we needed to document them and align them to a formal standard. We chose ISO 31030 to help us build confidence internally and externally”, stated Brad.

The Solution 

PwC US appointed GSA Global to conduct a formal ISO 31030 audit and provide an independent assessment of its TRM programme. GSA’s knowledge of PwC culture, having previously audited PwC UK and its independence from any service delivery or travel risk vendor relationships, gave PwC confidence in the objectivity of the audit. It was beneficial to have a third-party review that was unbiased and focused purely on alignment with the ISO standard. 

PwC US prepared for the audit by aligning its existing documentation and processes with the ISO 31030 standard. GSA provided early guidance, a digital submission portal, and structured materials to support evidence gathering. The audit covered areas such as governance, policy, traveller vetting, incident response, communication protocols, and stakeholder roles. 

Brad mentioned “The process was transparent and collaborative. It wasn’t just theoretical; it felt grounded in the real challenges of running a travel risk programme in a large organisation.” 

Key Outcomes 

The audit confirmed PwC US’s strong alignment with ISO 31030 and as a result, the firm is now able to streamline parts of its internal audit and compliance processes, particularly in responding to internal network-standard certifications. 

The ISO 31030 recognition adds credibility when consulting other firms on travel risk strategies. The certification is also set to be published on the firm’s internal security site for broader awareness. The audit gave the organisation confidence that they are doing the right things and helped identify where they can go even further. It was well-structured, professional, and added real value to their programme. 

The audit helped PwC US formalise its approach, improve internal visibility, and reduce compliance friction. Perhaps most importantly, it provided an external lens that reinforced what the team was already doing well, while also offering a roadmap for continuous improvement. 

PwC US received several recommendations from GSA following the audit, which Brad saw as valuable and actionable, noting the challenges of implementing some recommendations at scale, they offered a path for continuous improvement. “The feedback we received wasn’t just about checking boxes, it was thoughtful, specific, and practical. We’ve already used it to improve how we engage our internal travellers.” 

Evaluation of the Process 

The audit was seen as transparent, structured, and professionally executed and of particular, value was the early communication, the clear breakdown of ISO elements, and the fast turnaround of the final report. 

Brad emphasised that the audit was not merely theoretical, it provided practical feedback grounded in real-world travel risk operations and helped establish a baseline and a clear sense of what the firm does well and where it can improve. 

Feedback from interviewed stakeholders was also positive. Participants appreciated being included in the process and did not view the interviews as burdensome or irrelevant. 

For other organisations considering ISO 31030 alignment, Brad’s advice is clear: ensure documentation is thorough, define a clear duty of care policy, and be ready to engage fully in a structured and meaningful process. 

Value for Money 

Brad commented “the audit was definitely a valuable process that helped ensure PwC’s systems are built to protect its people. While nothing can guarantee safety, the audit process significantly improves confidence that the right procedures are in place. Safety is the top priority at PwC, and this type of structured review plays a vital role in delivering on that responsibility”. 

Conclusion 

PwC US‘s pursuit of ISO 31030 alignment reflects a forward-looking approach to travel risk management. With GSA’s support, the firm not only validated its internal systems but also positioned itself as a leader within the PwC network. The audit process was well-organised, insightful, and ultimately a strong value-add for both internal operations and external credibility. 

“It was absolutely worth it. This isn’t about checking a box, it’s about knowing that when someone’s travelling for work, we’re doing everything we can to keep them safe. We feel more confident now, not just in our processes, but in our ability to demonstrate that we’re taking care of our people.”  Brad Lynn.