ISO 21101:2014(en) - Adventure tourism — Safety management systems — Certification
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations,
The introduction to ISO 21101 claims adventure tourism is a global industry of growing importance, and that adventure tourism involves an inherent element of risk. There must be a balance between risk and reward; adventure and danger. ISO 21101 and it’s sister standards 21102 (“Adventure tourism – Leaders – Personnel competence”) and 21103 ( “Adventure tourism – Information for participants”) provide a basis for adventure tourism activities providers to plan, communicate about, and deliver adventure tourism activities as safely as practicable.
We’re talking about ziplining, mountaineering, rock climbing and other “I paid money for this kind of abuse?” type of non-work activities. Apparently, in contrast to work, pretty much anything else serves as relaxation.
I’m not sure how the release of the standard will impact the industry, but I’m hopeful. I was able to find an article in an industry journal from last year, “Trailblazerguide.com”; specializing in white water kayaking and rock climbing in South Africa. Quite an enjoyably informative site, by the way. They posted an article in June of 2013, “Wake up call for adventure companies” describing the standard’s impending release and I believe, based on the comments, that the response was generally supportive.
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISO's adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is Technical Committee ISO/TC 228, Tourism and related services.
0.1 Adventure tourism
Adventure tourism is a global industry growing in importance. Whether provided on a commercial, not-for-profit or charitable basis, adventure tourism activities involve an accepted, inherent element of risk and challenge. Taking risks brings rewards but also brings dangers. In order to maximize the rewards, adventure tourism activity providers need to operate as safely as practicable.
This International Standard, ISO/TR 21102 and ISO 21103 provide a basis for adventure tourism activity providers to plan, communicate about, and deliver adventure tourism activities as safely as practicable.
Effective implementation of this International Standard, ISO/TR 21102 and ISO 21103 will help consumers make informed choices about activities and providers.
0.2 Adventure tourism standards
The purpose of adventure tourism standards is to set out the minimum requirements for safety management systems and communication to participants. They are independent entities since they apply to different aspects of adventure tourism.
— this International Standard specifies how the adventure tourism organization manages its operations in terms of safety;
— ISO/TR 21102 provides data on the minimum competence of adventure tourism activity leaders;
— ISO 21103 specifies the minimum information to be communicated to participants and potential participants before, during and after the activity to ensure safety.
0.3 Purpose of this International Standard
The purpose of this International Standard is to set out the minimum requirements for a safety management system for adventure tourism activity providers.
A risk management process is an integral part of a safety management system. A safety management system provides the framework for continual improvement and contributes to the delivery of safe adventure tourism activities.
The safety management system approach encourages providers to analyse their adventure tourism activities, understand participants' requirements, define the processes that ensure safety, and keep these processes under control.
This International Standard outlines the requirements of a safety management system for adventure tourism activity providers.
A provider can use this International Standard for the following:
a) to enhance safety performance;
b) to meet expectations for participant and staff safety;
c) to demonstrate safe practice;
d) to support compliance with applicable legal requirements.
This International Standard can be used by all types and sizes of providers, operating in different geographic, cultural and social environments.
2 Normative references
There are no normative references.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives (3.9)
Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation, firm, enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated or not, public or private.
person or organization (3.1) that can affect, be affected by, or perceive itself to be affected by a decision or activity
need or expectation that is stated, generally implied or obligatory
Note 1 to entry: “Generally implied” means that it is custom or common practice for the organization and interested parties that the need or expectation under consideration is implied.
Note 2 to entry: A specified requirement is one that is stated, for example, in documented information.
set of interrelated or interacting elements of an organization (3.1) to establish policies (3.7) and objectives (3.9) and processes (3.13) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The system elements include the organization’s structure, roles and responsibilities, planning, operation, etc.
Note 3 to entry: The scope of a management system may include the whole of the organization, specific and identified functions of the organization, specific and identified sections of the organization, or one or more functions across a group of organizations.
person or group of people who directs and controls an organization (3.1) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the organization.
Note 2 to entry: If the scope of the management system (3.4) covers only part of an organization, then top management refers to those who direct and control that part of the organization.
extent to which planned activities are realized and planned results achieved
intentions and direction of an organization (3.1), as formally expressed by its top management (3.5)
policy of an organization (3.1) in regard to its safety performance
Note 1 to entry: The safety policy provides a structure for action and definition of its safety objectives.
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to different disciplines (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process (3.13)).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended outcome, a purpose, an operational criterion, as an adventure tourism safety objective, or by the use of other words with similar meaning (e.g. aim, goal, or target).
Note 4 to entry: In the context of adventure tourism safety management systems, adventure tourism safety objectives are set by the organization, consistent with the adventure tourism safety policy, to achieve specific results.
effect of uncertainty
Note 1 to entry: An effect is a deviation from the expected — positive or negative.
Note 2 to entry: Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of, an event, its consequence, or likelihood.
Note 3 to entry: Risk is often characterized by reference to potential events (3.38) and consequences (3.39), or a combination of these.
Note 4 to entry: Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood (3.41) of occurrence.
ability to apply knowledge and skills to achieve intended results
information required to be controlled and maintained by an organization (3.1) and the medium on which it is contained
Note 1 to entry: Documented information can be in any format and media and from any source.
Note 2 to entry: Documented information can refer to:
— the management system (3.4), including related processes (3.13);
— information created in order for the organization to operate (documentation);
— evidence of results achieved (records).
set of interrelated or interacting activities which transforms inputs into outputs
Note 1 to entry: Performance can relate either to quantitative or qualitative findings.
Note 2 to entry: Performance can relate to the management of activities, processes (3.13), products (including services), systems or organizations (3.1).
make an arrangement where an external organization (3.1) performs part of an organization’s function or process (3.13)
Note 1 to entry: An external organization is outside the scope of the management system (3.4), although the outsourced function or process is within the scope.
determining the status of a system, a process (3.13) or an activity
Note 1 to entry: To determine the status, there may be a need to check, supervise or critically observe.
process (3.13) to determine a value
systematic, independent and documented process (3.13) for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled
Note 1 to entry: An audit can be an internal audit (first party) or an external audit (second party or third party), and it can be a combined audit (combining two or more disciplines).
Note 2 to entry: “Audit evidence” and “audit criteria” are defined in ISO 19011.
fulfilment of a requirement (3.3)
non-fulfilment of a requirement (3.3)
action to eliminate a detected nonconformity (3.20)
action to eliminate the cause of a nonconformity (3.20) and to prevent recurrence
recurring activity to enhance performance (3.14)
event (3.38) leading to an accident or having the potential to lead to an accident (3.25)
Note 1 to entry: The term “incident” includes “almost accident” and “accident (3.25)”.
Note 2 to entry: An incident in which no disease, injury, damage or any other loss takes place is also called “almost accident”.
incident (3.24) resulting in death, disease, injury or other damage
source of potential harm
Note 1 to entry: Hazard can be a risk source.
[SOURCE: ISO Guide 73:2009, 22.214.171.124]
process of recognizing the existence of a hazard (3.26) and defining its characteristics
process of finding, recognizing and describing risks (3.10)
Note 1 to entry: Risk identification involves the identification of risk sources, events (3.38), their causes and their potential consequences (3.39).
Note 2 to entry: Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and the needs of interested parties (3.2).
overall process of risk identification (3.28), risk analysis (3.30) and risk evaluation (3.32)
[SOURCE: ISO Guide 73:2009, 3.4.1]
process to comprehend the nature of risk (3.10) and to determine the level of risk (3.31)
Note 1 to entry: Risk analysis provides the basis for risk evaluation (3.32) and decisions about risk treatment (3.33).
Note 2 to entry: Risk analysis includes risk estimation
[SOURCE: ISO Guide 73:2009, 3.6.1]
level of risk
magnitude of a risk (3.10) or combination of risks, expressed in terms of the combination of consequences (3.39) and their likelihood (3.41)
[SOURCE: ISO Guide 73:2009, 126.96.36.199]
process of comparing the results of risk analysis (3.30) with risk criteria to determine whether the risk (3.10) and/or its magnitude is acceptable or tolerable
Note 1 to entry: Risk evaluation assists in the decision about risk treatment (3.33).
[SOURCE: ISO Guide 73:2009, 3.7.1]
process to modify risk (3.10)
Note 1 to entry: Risk treatment can involve:
— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;
— taking or increasing risk in order to pursue an opportunity;
— removing the risk source;
— changing the likelihood (3.41);
— changing the consequences (3.39);
— sharing the risk with another party or parties including contracts and risk financing; and
— retaining the risk by informed decision.
Note 2 to entry: Risk treatments that deal with negative consequences are sometimes referred to as “risk mitigation”, “risk elimination”, “risk prevention” and “risk reduction”.
Note 3 to entry: Risk treatment can create new risks or modify existing risks.
[SOURCE: ISO Guide 73:2009, 3.8.1]
state in which the risk (3.10) of harm (to persons) or damage is limited to an acceptable level
adventure tourism activity
adventure activity for tourism purposes that involves a degree of instruction or leadership and a deliberate accepted element of risk (3.10)
Note 1 to entry: An accepted element of risk means that the participant has a minimum understanding about the risk involved.
adventure tourism activity provider
individual or organization (3.1) having overall responsibility for all aspects of the provision of adventure tourism activities (3.35)
Note 1 to entry: Adventure tourism activities can be provided free of charge or in return for payment
person taking part in an adventure tourism activity (3.35) but not a member of the leadership team
Note 1 to entry: A participant might also be referred to as “client”, “customer” or similar.
Note 2 to entry: A leadership team comprises several leaders.
occurrence or change of a particular set of circumstances
Note 1 to entry: An event can be one or more occurrences, and can have several causes.
Note 2 to entry: An event can consist of something not happening.
Note 3 to entry: An event can sometimes be referred to as an “incident (3.24)” or “accident (3.25)”.
Note 4 to entry: An event without consequences (3.39) can also be referred to as a “near miss”, “incident (3.24)”, “near hit” or “close call”.
[SOURCE: ISO Guide 73:2009, 188.8.131.52]
outcome of an event (3.38) affecting objectives (3.9)
Note 1 to entry: An event can lead to a range of consequences.
Note 2 to entry: A consequence can be certain or uncertain and can have positive or negative effects on objectives.
Note 3 to entry: Consequences can be expressed qualitatively or quantitatively.
Note 4 to entry: Initial consequences can escalate through knock-on effects.
[SOURCE: ISO Guide 73:2009, 184.108.40.206]
measure of the chance of occurrence expressed as a number between 0 and 1, where 0 is impossibility and 1 is absolute certainty
Note 1 to entry: See definition 3.41, Note 2.
[SOURCE: ISO Guide 73:2009, 220.127.116.11]
chance of something happening
Note 1 to entry: In risk (3.10) management terminology, the word “likelihood” is used to refer to the chance of something happening, whether defined, measured or determined objectively or subjectively, qualitatively or quantitatively, and described using general terms or mathematically [such as a probability (3.40) or a frequency over a given time period].
Note 2 to entry: The English term “likelihood” does not have a direct equivalent in some languages; instead, the equivalent of the term “probability” is often used. However, in English, “probability” is often narrowly interpreted as a mathematical term. Therefore, in risk management terminology, “likelihood” is used with the intent that it should have the same broad interpretation as the term “probability” has in many languages other than English.
[SOURCE: ISO Guide 73:2009, 18.104.22.168]
specified way to carry out an activity or a process (3.13)
Note 1 to entry: Procedures can be documented or not.
Note 2 to entry: When a procedure is documented, the term “written procedure” or “documented procedure” is frequently used. The document that contains a procedure can be called a “procedure document”.
[SOURCE: ISO 9000:2005, 3.4.5]
serious situation requiring immediate action
third party provider
external organization (3.1) or individual that provides services to the adventure tourism activity provider (3.36)
Only informative sections of standards are publicly available. To view the full content, you will need to purchase the standard by clicking on the "Buy" button.
 ISO 9000:2005, Quality management systems — Fundamentals and vocabulary
 ISO 19011, Guidelines for auditing management systems
 ISO/TR 21102, Adventure tourism — Leaders — Personnel competence
 ISO 21103, Adventure tourism — Information for participants
 ISO 31000, Risk management — Principles and guidelines
 ISO Guide 73:2009, Risk management — Vocabulary
 IEC 31010, Risk management — Risk assessment techniques