TRAINING IN SAFETY MANAGEMENT SYSTEMS

TRAINING IN SAFETY

MANAGEMENT SYSTEMS

ARAB CIVIL AVIATION CONFERENCE

Welcome to Safety

Management

Speakers:

•

CHRISTER PRAHL

•

ATM Safety Expert

•

Electronic Engineer

•

Degree in Communication

•

Degree in Networking

Speakers:

•

MICHAEL NIELS THORSEN

•

ATM Safety Expert

•

Master of Science in Engineering

•

Expert International Cooperation

•

Expert Safety Management Implementation

Round the table

Agenda for today:

Wrap - Up 16.30 – 17.00

The Safety Management System 15.30 – 16.30

Break 15.00 – 15.30

The Safety System 14.00 – 15.00

Lunch 12.30 – 14.00

ICAO presentation on Safety Management System SES Regulations

11.00 – 12.30

Break 10.30 – 11.00

Registration and Welcome 09.00 – 10.30

General “House-Rules”

•

Hand-outs will be given in connection with the lesson;

•

CD will come at the end of the course;

•

Questions during the lessons;

•

Active participation is anticipated;

•

Flexible approach, programme can be changed – also

on request;

•

Turn off cell phone;

•

Please stop the instructors if you don’t understand

them;

Objectives of the workshop

Provide participants the knowledge

of Safety

Management Concept

and ICAO Standards and

Recommended Practices (SARPs) on safety management in

Annexes 6, 11 and 14

and related guidance material

AND TO…

Develop participants knowledge

to certify and oversee

the implementation of key components of an SMS, in

compliance with relevant ICAO SARPs.

ICAO - Safety Management System

•

What is Safety?

•

Zero Accidents?

•

Freedom from danger or risks?

•

Error avoidance?

ICAO - Safety Management System

According to ICAO

Doc 9859:

Safety is the state in which the risk to harm the

persons or property damages is reduced, and

maintained at or below, an acceptable level

through a continuing process of

hazard

ICAO - Safety Management System

A

safety management system (SMS)

is an organised approach to

managing safety, including the necessary organisational structures,

accountabilities, policies and procedures.

(ICAO Doc 9859 - Safety Management Manual)

The objective

of a Safety Management System is to provide a

structured management approach to control safety risks in operations.

Effective

safety management

must take into account the organisation’s

specific structures and processes related to safety of operations.

Safety Management System

Structure and Contents

1: SMS course introduction 2: Basic safety concepts 3: Introduction to safety management 4: Hazards 5: Risks 6: SMS regulation 7: Introduction to _SMS

8: SMS planning 9: SMS operation 10: Phased approach

to SMS Implementation

Safety Management Manual

Objectives

Objectives of the Safety Management Manual are to provide States:

• Knowledge of safety management concepts, the ICAO Standards and

Recommended Practices (SARPs) on safety management contained in Annexes 1, 6, 8, 11, 13 and 14, and related guidance material;

• Guidance on how to accept and oversee the implementation of the key components of an SMS in compliance with the relevant ICAO SARPs;

• Guidance on how to develop and implement an SSP in compliance with the relevant ICAO SARPs.

Safety Management Manual

Concept

SMS/SSP Implementation

Generic SMS Requirements

ICAO requirements for implementation of SMS are currently applicable to:

• Air Traffic Service Providers (Annex 11)

• Aerodrome Operators (Annex 14, Volume 1)

• Amendment to Annex 1, 6, 11, 13 and 14 are proposed in order to harmonise and extend provisions relating to safety management.

SES Regulation - Objectives

The second SES package has been put forward by the European

Commission in order to make the European sky safer and more

sustainable by:

•

Introducing a performance framework for European ATM

with quantified

target setting;

•

Creating a

single safety framework to enable

harmonised development of

safety regulations and their effective implementation;

•

Opening the door to

new technologies

enabling the implementation of

new operational concept and increasing safety levels by a factor of ten;

The 1st SES legislative package

The legislative package adopted in 2004 comprises four base regulations, which reinforce safety and foster the restructuring of European airspace and air navigation services. The regulations provide the framework for the creation of additional capacity and for improved efficiency and

interoperability of ATM system in Europe.

• The Framework regulation (EC No 549/2004) - laying down the framework for the creation of the single European sky;

• The Service provision regulation (EC No 550/2004) - laying down common requirements for the provision of air navigation services;

• The Airspace regulation (EC No 551/2004) - on the organisation and use of airspace in the Single European sky;

• The Interoperability regulation (EC No 552/2004) - on the

(EC) No 549/2004 - Framework

The objective of the Framework regulation is to enhance current safety standards and overall efficiency of the general air traffic in Europe, to optimise ATM system capacity and minimise air traffic delays by establishing a harmonised regulatory framework for air traffic

management in Europe.

The Framework regulation establishes harmonised institutional, regulatory and consultation arrangements to enable the creation of the Single European Sky.

In brief these are:

• National Supervisory Authorities (NSA)

• Single Sky Committee

• Military Issues

• Industry Consultation Body

• Implementing Rules

• Performance Review

(EC) No 550/2004 – Provision of Air

Navigation Services in SES

The Service provision regulation establishes common requirements to ensure that air navigation services are provided safely and efficiently, on a continuous and interoperable basis, throughout the European Community. It introduces a

harmonised system of certification and lays down rules for designating service providers.

The stipulations of this regulation apply to the provision of air navigation services to General Air Traffic (GAT) and can be summarised as follows:

• National Supervisory Authorities (NSA)

• Licensing of Controllers

• Common Requirements

• Certification of Air Navigation Service Providers (ANSPs)

• Designation of Air Traffic Service Providers

• Relations between Service Providers

• Transparency of Accounts

(EC) No 551/2004 – Organisation

and use of Airspace in SES

The objective of the Airspace regulation is to put an end to the fragmentation of European Union (EU) airspace and to create an efficient and safe airspace without frontiers. The organisation and management of airspace should be improved by merging all the national flight information regions (FIRs) into a single portion of airspace within which ATS will be provided according to the same rules and procedures.

The Airspace regulation forms part of the first package of legislation on air traffic management designed to create a SES. This objective will make for improved safety, optimum use of

European

airspace, reduced air traffic delays and sustainable air transport growth.

The following is summarising this regulation:

• Establishment of European Upper Flight Information Region (EUIR)

• Reconfiguration of Upper Airspace

• Optimised Route and Sector Design in the Upper Airspace

(EC) No 552/2004 – Interoperability

of the European ATM Network

The aim of the Interoperability regulation is two-fold:

• To achieve interoperability between the different systems, constituents and associated procedures in the European ATM network by establishing a

harmonised system for certification of components and systems;

• To ensure the introduction of new agreed and validated concepts of operations and technology in air traffic management.

The following topics summarise the Interoperability regulation:

• Essential Requirements

• Implementing Rules for Interoperability

• Community Specifications

• EC Declaration of Conformity of Suitability for Use of Components

• Safeguards

The SES Implementation

Implementing the provision of the SES regulations would bring a number of

significant benefits:

• Improved level of safety of air navigation services;

• A more effective and integrated air traffic management architecture;

• Demand driven air navigation service provision;

• Enhanced cross-boarder co-ordination;

Regulations, Directive and

Implementing Rules

•

Regulations

: Mandatory to the letter

•

Directives

: Mandatory with National exemptions

The 1st SES legislative package

The First Report

on the implementation of the Single Sky Legislation

was published in

December 2007

.

It presents:

•

the achievements,

•

identifies new challenges

•

proposes the way forward.

Based on the report findings, the Commission came forward with

proposals for a

2nd Single Sky package

, including extension of EASA

competencies to ATM and adoption of the European ATM Master Plan.

The 2nd SES legislative package

To tackle issues such as traffic increase, financial burden and

environmental awareness, the Commission has come up with 2

nd

_SES

legislative package aimed to:

•

Create a single safety framework to enable harmonised development

of safety regulations and their effective implementation;

•

Improve the performance

of the ATM system through setting of

targets;

•

Open the door to

new technologies

enabling the implementation of

new operational concept and increasing safety levels by a factor of

ten;

(EC) No 2096/2005 – Common Requirements

for the Provision of Air Navigation Services

The objective of this Regulation is to establish common requirements for the safe and

efficient provision of air navigation services in the European Community and to set uniform and high safety standards for ANSPs.

The common requirements cover the following areas:

• Technical and operational competence and capability • Organisational structure and management

• Safety and quality management • Security

• Human resources • Financial strength

• Liability and insurance cover • Quality of services

• Reporting requirements

(EC) No 2096/2005 – Common Requirements

for the Provision of Air Navigation Services

The Regulation identifies and adopts the mandatory provisions of the following

EUROCONTROL Safety Regulatory Requirements (ESARRs) which are relevant for the certification of air navigation service providers:

• ESARR3 - on the use of safety management systems by air traffic management (ATM) service providers;

• ESARR4 - on risk assessment and mitigation in ATM;

• ESARR5 - on ATM services' personnel, in particular the requirements for engineering and technical personnel undertaking operational safety related tasks.

• The detailed requirements relating to safety of services are contained in Annex II to the Regulation.

(EC) No 2096/2005 – Common Requirements

for the Provision of Air Navigation Services

Subjects summarising (EC) No 2096/2005 are as follows:

• Certification of ANSPs

• Derogations

• Demonstration of Compliance

• Compliance Monitoring

Similarities and Differences between

ICAO and SES

EUROCONTROL Methodology (ESARR) ICAO Methodology St ep 0: Pl anning St ep 1: S ys tem Descript ion St ep 2: Haz ar d I d en tifi cati on St ep 3: Severity Asses sment St ep 4: Likelihood Asses smen t St ep 5: S ys tem Descript ion St ep 6: Ri sk Mitigati on St ep 7: Documenta tion Functional Hazard Assessment (FHA) Preliminary System Safety Assessment (PSSA) System Safety Assessment (SSA) What can go wrong? _What can we do about it?

ICAO Safety Regulation

•

ICAO Annex 11 – Paragraph- 2.26 – ATS Safety Management

includes relevant requirements related to ATS

•

Para 2.26.1 requires the States to implements systematic and

appropriate Safety Management Programmes, further detailed in

Para 2.26.4

•

Para 2.26.2, requires States to establish the

acceptable level of

safety and safety objectives

applicable to the provision of ATS

within their airspace and at their aerodromes with acceptable level

of safety further detailed in 2.26.3

ICAO Provisions

•

Para 2.26.5 requires that any significant safety-related change to

the ATC system shall only be implemented after a safety

assessment has demonstrated that an acceptable level of safety will

be maintained.

•

Para 2.26.5 also requires that the responsible authorities shall

provide for post-implementation monitoring to verify that the

defined levels of safety continues to be met

ICAO Provisions

• PANS-ATM doc.4444 includes in Chapter 2 requirements for:

• ATS maintaining acceptable level of safety (section 2.1)

• Implementation of systematic Safety Management Programmes (section 2.1)

• ATS Safety Management Activities (section 2.3)

• Monitoring of Safety Levels (section 2.4)

• Safety Reviews (section 2.5)

• Safety Assessments (section 2.6)

ICAO Provisions

• PANS-ATM Doc 4444 clarifies a significant safety-related change as

(examples):

• A new operating procedure, including departure and arrival procedures, to be applied within an airspace or at an aerodrome;

• A reorganization of the ATS route structure;

• A resectorisation of an airspace;

• Physical changes to the layout of runways and /or taxiways at an aerodrome; and

• Implementation of new communications, surveillance or other safety-significant systems and equipment, including those providing new functionality and or capabilities.

Safety Management Manual

The new Manual on Safety Management for Aerodromes and Air Traffic Services (Doc 9859)

Provides detailed guidance on implementation of the provisions of Annexes 6, 11, 14 and the PANS-ATM

• First Draft was endorsed by 11th Air Navigation Conference (Montreal, Sep/Oct 2003) • Current version in ICAO NET web

• Based on the same approach to safety as recommended by the ATM Operational Concept (Doc 9854)

The Concept of Safety Management

Safety Monitoring Safety Assessment Safety Auditing Safety Promotion Supporting Organisational Requirement Safety Management Safety Culture Safety Policy Philosophy Of Safety Management Maintenance of Improvement of Safety Performance

Legal and Regulatory Foundation

for Safety Management

Implementation of safety management programs refers to the day

to day keep safety oversight management by the service providers

• States shall establish systemic and suitable ATS safety management programs with defined levels and objectives (PANS-ATM, in force since November 2003)

• The acceptable level of safety shall be established by the States. As

appropriate, the target levels of safety (TLS) will be established through regional air navigation agreements.

• Prior to any significant change to the safety-related ATC system, a safety assessment will be carried out, proving that an acceptable safety level may be obtained

The Safety System

• Global Safety System

• Organizational structure - Staffing, documentation, resources and leadership commitment must be sufficient to support the desired process.

• Planning - Strategic planning and development of appropriate activities must be based on systematic and comprehensive assessment of risks.

• Management personnel standards - Safety must be integrated into line and operating

management responsibilities, and their roles must be clearly defined in written standards of performance.

• Training for operations and emergencies

• Procedures - The organization must develop written procedures for design, operations and maintenance activities to control routine work and probable emergencies.

• Management of change

• Mechanical integrity - The organization must establish systematic and comprehensive means to assess the integrity of process equipment.

• Management of contractors - Safety must be a prominent consideration in the selection of contractors, and appropriate means to monitor the work of contractors must be in place and working.

• Involvement of the work force

• Accident/incident reporting, investigation and follow-up - Monitoring and auditing methods must be in place to monitor the on-going, day-to-day performance of the safety system, as well as to audit thoroughly compliance to all requirements on a periodic basis.

Global Safety System

Documentation:

ICAO EASA EUROCONTROL EC States Ministries CAA Guidelines Regulations Requirements, EU OPS Recommendations Legislation National Legislation NSA Service Providers Manuals Working Procedures Documentation • AD – Technical • Implementing Rules • Guidance Material

• Acceptance Means of Compliance • Notices of proposal amendments

•Aviation Law •Airport Law •Regulations •Standards

Global Safety System

Organisation:

•

The world global Safety System consist of all

the existing safety management systems on

all levels in all the areas of aviation like the

service providers, the airspace users, the

maintenance organisations etc.

Global Safety System

Supporting Issues:

•

Auditing

Global Safety System

Security:

•

Improved security of ATM systems and

information

•

Provides assistance and information

•

In Flight Emergency Response

Global Safety System

Security:

Until the events of 11 September 2001, the ICAO model was regarded as adequate and sufficient to ensure the safety of passengers, aircraft and goods. However, in December 2001 the ICAO adopted an Amendment 10 to Annex 17, which set out a number of additional safety and security requirements. These include the following:

1. Aircraft security check

2. Background check

3. Screening

4. Application of Security

5. Security Restricted Areas

6. Objectives

7. International cooperation

8. National Organization and appropriate authority

9. Airport Operations

10. Quality Control Programme

Global Safety System

Security:

Contingency Plan Airport Emergency Plan

National Civil Aviation Security Program

Airport Security Program Operator Security Programs National Training Program Quality Control Program Airport Security Committee Authority

National Aviation Security Committee

Global Safety System

Quality Definitions:

Quality – the totality of features and characteristics of a product or service that bear on its ability to satisfy a given need.

Quality Policy – the overall quality intentions and direction of an organisation as regards quality, as formally expressed by top management.

Quality Management – that aspect of the overall management function that determines and implements the quality policy.

Quality System – the organisational structure, responsibilities, procedures, processes and resources for implementing quality management.

Total Quality Management – a management approach of an organisation centred on quality, based on the participation of all its members and aimed at long term success through customer satisfaction and benefits to the members of the organisation and society.

Quality Assurance – the activities an organisation carries out to provide to external and internal parties confidence that the organisation will consistently meet the requirements for quality.

Global Safety System

Quality:

Airport Quality Process:

•

Evaluation

of user needs and expectations

•

Design and implementation

of service

•

Operation and achievement

of service

•

Measurement

of quality of service

Global Safety System

Quality Definitions:

Airport Quality Elements:

Safety

Security

Efficiency

Service

Capacity

Environment

Health

Global Safety System

Quality:

The implementation of QMS, completed in March 2002, included data and product quality assurance and control processes. These processes drew on the following existing resources:

• day-to-day consistency checking systems for both data and products,

• forecast verification system developed in 2000 which gave for each forecast a score relative to the ICAO desirable accuracy for each of the weather elements.

• The QMS also included on-going review processes for continual

improvement and for the provision of adequate resources to sustain the QMS.

Further, as important components of the QMS, customer needs

assessment and satisfaction survey became an institutionalized part of the system.

Global Safety System

Safety:

•

The world global Safety System consist of all

the existing safety management systems on

all levels in all the areas of aviation like the

service providers, the airspace users, the

maintenance organisations etc.

Global Safety System

Safety Versus Quality and Security:

It is accurate to say that SMS and QMS share many commonalities. They both:

a) have to be planned and managed;

b) depend upon measurement and monitoring;

c) involve every function, process and person in the organization; and d) strive for continuous improvement.

SMS differs from QMS in the following way:

a) SMS focuses on the safety, human and organizational aspects of an organization (i.e. safety satisfaction);

while

b) QMS focuses on the products and services of an organization (i.e. customer satisfaction).

Safety Management System

•

Safety

– The state in which the risk of harm to persons

or property damage is reduced to, and maintained at or

below, an acceptable level through a continuing process

of hazard identification and risk management.

•

Management

– Allocation of resources.

•

System

– Organized set of processes and procedures.

SMS – An organised set of processes and procedures,

based upon a principled allocation of resources, that allows

The Safety Management System

•

What is SMS?

• A system for managing safety as part of the overall

management objective and policy;

•

Why SMS?

• To regulate airport operations and improve safety levels,

especially in areas not covered by applicable ICAO or

applicable national standards and regulations;

•

How?

• Existence of comprehensive technical

Standards/specifications, a safety management policy, their

implementation and maintenance at all times.

The Safety Management System

SMS Tool-box:

•

The scope of SMS encompasses most of the activities

of the organization.

•

SMS must start from senior management, and safety

must be considered at all levels of the organization.

•

SMS aims to make continuous improvement to the

overall level of safety.

The Safety Management System

The components of SMS:

1)

Safety policy and objectives

2)

Safety risk management

3)

Safety assurance

The Safety Management System

SMS at glance:

Safety Effectiveness Efficiency Management Commitment Safety Risk Management Safety Promotion Safety Policy and

Objectives

Safety Assurance

The Safety Management System

The Elements of SMS:

Safety policy and objectives

•

Management commitment and responsibility

•

Safety accountabilities of managers

•

Appointment of key safety personnel

•

SMS implementation plan

•

Coordination of emergency response planning

The Safety Management System

The Elements of SMS:

Safety risk management

•

Hazard identification processes

•

Risk assessment and mitigation processes

Safety assurance

•

Safety performance monitoring and measurement

•

The management of change

•

Continuous improvement of the SMS

Safety Promotion:

Safety Risk Management

What is Risk Management?

•

The

identification, analysis

and

elimination

, and/or

mitigation

to an acceptable level of risks that threaten the

capabilities of an organization.

What is the objective of Risk Management?

•

Aims at a balanced allocation of resources to address

all

risks and viable

risk

control and mitigation.

Why is Risk Management important?

•

A key component of safety management systems.

•

Data-driven approach to safety resources allocation, thus

defensible and easier to explain.

Safety Risk Management

Four steps for hazard identification process:

1.

Reporting hazards, events or safety concerns.

2.

Collecting and storing the data.

3.

Analyzing reports.

Safety Risk Management

Risk Assessment and Mitigation Process

Risk Assessment:

Regularly

Commitments

Documentation

Mitigation:

Measures to address the potential hazard or to

reduce the risk probability or severity.

Risk Management System

Risk Management at glance:

Hazard Identification Risk Analysis

Probability Risk Analysis

Severity

Risk Assessment and Tolerability

Risk

Control/Mitigation

Equipment, Procedures, Organisation, etc Analyse the likelihood of the consequence

occurring

Evaluate the seriousness of the consequence if it occurred

Is the risk assessed acceptable and within the organisational safety performance criteria

Yes, Accept the risk

No, take action in order to reduce the risk to an acceptable level

Risk Management System

Risk Mitigation at glance:

Hazard identification and Risk Assessment

Assessment of the defences within the

safety system

Control and

Mitigation of the risks Accepting the mitigationsof the risk(s)

H

H

H

H

Each Consequence

R

R

R

R

Each Risk Technology Training Regulations Intolerable Region Tolerable Region Acceptable Region • Does it address the risk(s)? •Is it effective? •Is it appropriate? •Is additional mitigation

warranted?

•Do the mitigations

Strategies generate additional risks?

•Etc…

Risk Management Assessment

• There is no such thing as absolute safety – In aviation it is not possible to eliminate all risks.

• Risks can be managed to a level “as low as reasonably practicable” (ALARP)

• Risk mitigation must be balanced against:

• Time

• Cost

• Difficulty of taking measures to reduce or eliminate the risk (i.e. managed).

• Effective risk management seeks to maximize the benefits of accepting a risk

(a reduction in time and cost) while minimizing the risk itself.

• Communicate the rationale for risk decisions to gain acceptance by stakeholders affected by them.

Safety Assurance

Safety Assurance is built upon the following:

•

Safety performance monitoring and measurement

•

The management of change

Safety Assurance

Safety performance monitoring and measurement

The process by which the safety performance of the

organization is verified in comparison to the approved safety

policies and objectives.

•

Safety reporting

•

Safety studies

•

Safety reviews

•

Audits

•

Surveys

•

Internal safety investigations

Safety Assurance

Safety Audits are used to ensure that the structure of the SMS is sound in terms of:

• Levels of staff;

• Compliance with approved procedures and instructions;

• Level of competency and training to:

• Operate equipment and facilities; and • Maintain their levels of performance.

Safety surveys examine particular elements or processes of a specific operation.

• Problem areas or bottlenecks in daily operations.

• Perceptions and opinions of operational personnel.

• Areas of dissent or confusion.

• Check list •Questionnaires

Safety Assurance

Internal safety investigations

include occurrences or events

that are not required to be investigated or reported to State.

•

In-flight turbulence (flight operations)

•

Frequency congestion (ATC)

•

Material failure (maintenance)

Safety Information Sources

• The protection of safety information from inappropriate use is essential to ensure its continued availability in future, since the use of safety information for other than safety-related purposes may reduce the availability of such information, with an undesirable effect on safety.

• During the 35th Assembly of ICAO, it was noted that existing national laws and regulations in many States may not address adequately the protection of safety information from inappropriate use.

• Following the Assembly, ICAO has produced a legal guidance for the protection of information from SDCPS and it is included in Attachment E to Annex 13.

Annex 13

General Principles

• The sole purpose of protecting safety information from inappropriate use is to ensure its continued availability so that proper and timely preventive actions can be taken and aviation safety improved.

• It is not the purpose of protecting safety information to interfere with the proper administration of justice in States.

• National laws and regulations protecting safety information should ensure that a balance is struck between the need for the protection of safety information in order to improve aviation safety, and the need for the proper administration of justice.

• National laws and regulations protecting safety information should prevent its inappropriate use.

• Providing protection to qualified safety information under specified conditions is part of a State’s safety responsibilities.

Principles of Protection

• Safety information should qualify for protection from inappropriate use according to specified conditions that should include, but not necessarily be limited to: the collection of information was for explicit safety purposes and the disclosure of the information would inhibit its continued availability.

• The protection should be specific for each SDCPS, based upon the nature of the safety information it contains.

• A formal procedure should be established to provide protection to qualified safety information, in accordance with specified conditions.

• Safety information should not be used in a way different from the purposes for which it was collected.

• The use of safety information in disciplinary, civil, administrative and criminal proceedings should be carried out only under suitable safeguards provided by national law.

Annex 13

Principles of Exception

• Exceptions to the protection of safety information should only be granted by national laws and regulations when:

• There is evidence that the occurrence was caused by an act considered, in accordance with the law, to be conduct with intent to cause damage, or conduct with knowledge that damage would probably result, equivalent to reckless conduct, gross negligence or wilful misconduct;

• An appropriate authority considers that circumstances reasonably indicate that the occurrence may have been caused by conduct with intent to cause damage, or conduct with knowledge that damage would probably result, equivalent to reckless conduct, gross negligence or wilful

misconduct;

• A review by an appropriate authority determines that the release of the safety information is necessary for the proper administration of justice, and that its release outweighs the adverse domestic and international impact such release may have on the future availability of safety information.

Public Disclosure

• Subject to the principles of protection and exception outlined above, any person seeking disclosure of safety information should justify its release.

• Formal criteria for disclosure of safety information should be established and should include, but not necessarily be limited to, the following:

• Disclosure of the safety information is necessary to correct conditions that compromise safety and/or to change policies and regulations;

• Disclosure of the safety information does not inhibit its future availability in order to improve safety;

• Disclosure of relevant personal information included in the safety information complies with applicable privacy laws;

Annex 13

Responsibility of the Custodian of Safety Information

• Each SDCPS should have a designated custodian. It is the responsibility of the custodian of safety information to apply all possible protection regarding the disclosure of the information, unless:

• The custodian of the safety information has the consent of the originator of the information for disclosure; or

• The custodian of the safety information is satisfied that the release of the safety information is in accordance with the principles of exception.

Protection of Recorded Information

• Considering that ambient workplace recordings required by legislation, such as cockpit voice recorders (CVRs), may be perceived as constituting an invasion of privacy for operational personnel that other professions are not exposed to:

• Subject to the principles of protection and exception above, national laws and regulations should consider ambient workplace recordings required by legislation as privileged protected information, i.e. information deserving enhanced protection; and

• National laws and regulations should provide specific measures of protection to such recordings as to their confidentiality and access by the public. Such specific measures of protection of workplace recordings required by legislation may include the issuance of orders of non-public disclosure.

Change Management Process

Aviation organizations experience permanent change due

to expansion, introduction of new equipment or procedures.

Changes can have the following output

:

•

Introduce new hazards.

•

Impact the appropriateness of risk mitigation.

Change Management Process

Mentioned Changes can be:

External changes

•

Change of regulatory requirements.

•

Security.

•

Reorganization of air traffic control…

Internal changes

•

Management changes

•

New equipment.

Change Management Process

A formal management of change process should:

•

identify changes within the organization which may

affect established processes and services.

•

prior to implementing changes describe the

arrangements to

ensure safety performance

.

Improvement Process

Continuing improvement aims at:

•

Determining the

immediate causes

of below standard

performance and their implications in the operation of

the SMS.

•

Rectifying situations involving below standard

performance identified through safety assurance

activities

Improvement Process

The mentioned improvements are achieved through:

•

Proactive

evaluation of facilities, equipment,

documentation and procedures through audits and

surveys.

•

Proactive

evaluation of the individuals’ performance, to

verify the fulfilment of their safety responsibilities.

•

Reactive

evaluations in order to verify the effectiveness

of the system for control and mitigation of risks, for

example: accidents, incidents and major events

investigations

Safety Promotion

Training and Education

Who?

•

Operational personnel

•

Managers and supervisors

•

Senior managers

•

Accountable executive

Why?

•

To ensure that personnel are trained and competent

to perform the SMS duties.

How much?

•

Appropriate to the individual’s involvement in the

SMS.

Safety Promotion

Training and Education

A building block approach:

•

Operational personnel

• Organization safety policy

• SMS fundamentals and overview

•

Managers and supervisors

• The safety process

• Hazard identification and risk management

• The management of change

•

Senior managers

• Organizational safety standards and national regulations

Safety Promotion

Safety Communication

Safety communication aims to:

•

Ensure that all staff are fully aware of the SMS.

•

Convey safety critical information.

•

Explain why particular actions are taken.

•

Explain why safety procedures are introduced or changed.

Safety Promotion

Safety Communication

The means to communicate may include:

•

Safety policies and procedures

•

News letters

•

Bulletins

•

Website

Safety communication is an essential foundation for the

development and maintenance of a positive culture.

Maintenance

Internal Evaluation Process

•

Management commitment

•

Just culture

Maintenance

Internal Audit Process

An annual audit program should include:

•

Definition of the audits, in terms of;

•

criteria,

•

scope,

•

frequency, and

•

methods;

•

Description of the processes used to select the auditors;

•

The requirement that individuals shall not audit their own work;

•

Documented procedures for assignment of responsibilities, planning

and conduct of audits, reporting results and maintaining records;

Maintenance

External Audit Process

Surveillance and compliance

the authority needs to ensure that international, national and local

standards are complied with prior to issuing any licence or approval and continue to be complied with afterwards;

Areas and degree of risk

the audit should assess how risks are identified and how any necessary changes are made to ensure that all safety standards are met;

Competence

the audited organisation should have adequately trained staff for all safety related positions

Safety management

ensure that the organisation’s SMS is based on sound principles and procedures, and that the organisation is meeting its safety performance targets.

Maintenance

Proactive and Reactive Evaluations

Proactive – before something has happened

•

Taking actions

•

Mitigate

•

Training

Reactive – after something has happened

•

Investigate why it is as it is

Organisation

Cultural Levels of the organisation

The characteristics of a good company safety culture include:

•

Informed

- Managers know what is really going on and workforce is

willing to report their own errors and near misses

•

Wary

- ready for the unexpected

•

Just

- a ‘no blame’ culture, with a clear line between the acceptable

and unacceptable

•

Flexible

- operates according to need

Organisation

The values of an Organisation:

•

The safety management organisation is defining

responsibilities, competence, commitment and communication

of

the involved organisations or persons.

•

The culture is expressed by all parts of the organisation

•

Flight deck

•

Cabin crew

•

Maintenance

•

Ground staff

•

The cabin staff and check-in personnel provide the main indication

of the culture to the paying public

Organisation

Top-down

Managers Flight Crew Engineers (Maintenance) Ground Staff (Luggage Personnel)

Managers influencing and motivating all actors to take responsibility for their work and taking into account the safety.

Procedures

Safety Programme

Safety Programme is an integrated set of regulations and activities

aimed at improving safety.

States are responsible for establishing a safety programme,

encompassing the following responsibilities:

•

Safety regulation

•

Safety oversight

•

Accident/incident investigation

•

Mandatory/voluntary reporting systems

•

Safety data analysis and

exchange

•

Safety assurance

State Safety Programme - SSP

State

•States shall establish a State safety programme (SSP), in order to achieve an acceptable level of safety (ALoS) in civil aviation.

•Acceptable level of safety (ALoS) to be achieved shall be established by the State.

Service Providers

• States shall require as part of their State Safety Programme (SSP) that a Service Providers implement Safety Management System acceptable to the State that as minimum:

•identifies safety hazards; •ensures the implementation of remedial action necessary to maintain agreed safety

performance.

•provides for continuing monitoring and regular assessment of

the safety performance; and

•aims at a continuous improvement of the overall performance of the SMS.

Procedures

State’s safety programme

Develop the State’s safety programme around the

following four components:

1.

State’s safety policy and objectives

2.

State’s safety risk management

3.

State’s safety assurance

Procedures

Differences between State and Service Providers

Legal considerations – States

• Establishing acceptable level(s) of safety does not replace legal, regulatory, or other already established requirements, but it must support compliance with them.

• Establishing acceptable level(s) of safety for their safety programme leaves unaffected the obligations of States, and does not relieve States from compliance with SARPs

Operators and service providers

• Establishing acceptable level(s) of safety for their safety management system leaves unaffected the

obligations of operators or services providers and other related parties, and it does not relieve the operator, services providers and other related parties from compliance with SARPs and/or national regulations, as

Procedures

State’s safety programme + Service providers SMS =

Integrated safety system

State Safety Programme Organisation’s Safety Management System (SMS) Organisation’s Production Processes Ove rsigh_t Acceptance Oversight Risk Management Safety Assurance Objective: Public Safety Objective: Manage and control safety risks Objective: Achieve commercial goals and customer saftisfaction

Safety Policy

A typical safety policy document would consist of a policy statement that is further expanded by a number of basic safety management principles to be followed:

• commitment to safety,

• safety priority,

• safety responsibility,

• planning for safety,

• safety management,

• safety standards,

• safety achievement,

Safety Policy - A statement of the organisation’s fundamental approach to achieve acceptable or tolerable safety.

A written document that describes the generic principles upon which the SMS is build and operated upon.

Risk Management

Risk management -

The identification, analysis and

elimination (and/or mitigation to an acceptable or tolerable level) of those hazards, as well as the subsequent risks, that threaten the viability of an organisation.

Risk Management consists of the following three elements:

• Hazard identification

• Risk assessment

Risk Management System

Risk Management at glance:

Hazard Identification Risk Analysis

Probability Risk Analysis

Severity

Risk Assessment and Tolerability

Risk

Control/Mitigation

Equipment, Procedures, Organisation, etc Analyse the likelihood of the consequence

occurring

Evaluate the seriousness of the consequence if it occurred

Is the risk assessed acceptable and within the organisational safety performance criteria

Yes, Accept the risk

No, take action in order to reduce the risk to an acceptable level

Safety Assurance

Safety assurance

-

all planned and systematic actions necessary to afford adequate confidence that a product, a service, an organisation or a functional system achieves acceptable or tolerable safety

The objectives of Safety Assurance is to implement dedicated surveillance and documenting procedures and processes in order to ensure that risk are being properly managed.

According to ICAO State Letter SA include the following activities:

• Safety performance monitoring and measurement

• Management of change

Safety Assurance

Safety Assurance components:

•

Safety Surveys

•

Safety Monitoring

•

Safety Records

Regulators should continuously evaluate the implemented safety

management arrangements and processes by aviation service

providers by means of external regulatory safety auditing and other

safety oversight methodologies.

Safety Promotion

•

Just culture

•

Key Performance Indicators

Thank You for you

attention today

Any Questions?

Agenda for today:

Wrap up Evaluation

Hand over of Diploma 16.30 – 17.00

Joint session/discussions 15.30 – 16.30

Break 15.00 – 15.30

The Safety Components 14.00 – 15.00 Lunch 12.30 – 14.00 WS on Safety Culture 11.00 – 12.30 Break 10.30 – 11.00 Managing Safety 09.00 – 10.30

Managing Safety

Safety Responsibility and accountability

Safety responsibility:

the obligation to carry forward an assigned

safety related task to its successful conclusion. With responsibility

goes authority to direct and take the necessary action to ensure

success.

Safety accountability:

the obligation to demonstrate the task

achievement and take responsibility for the safety performance in

accordance with agreed expectations. Accountability is the

obligation to answer for an action.

Clear and correctly allocated safety accountabilities and responsibilities

are prerequisite for achieving the organisation’s safety objectives

and for implementing an effective safety management and safety

improvement process

Safety Manager (SM)

An individual, responsible for the

development, operation and

continuous improvement of the safety management system

deployed

by an operator/service provider.

He acts as a focal point for safety management issues in the

organisation.

The approach to the assignment of Safety manager’s responsibilities

may differ depending on

the type, size of the organisation

, its

Safety Manager’s

Responsibilities

The appointment of the Safety manager (SM) is an essential step in the establishment of the SMS organisational structure and a prerequisite for an efficient safety planning

process. Irrespectively of any other duties that may be allocated to them, safety managers have the responsibility to:

• Promote safety awareness within the organisation;

• Ensure that safety management has the same or higher priority level throughout organisation as any other management and operational processes;

• Manage all aspects of the organisation’s SMS, including:

• Monitoring the effectiveness of SMS;

• Initiating corrective actions when necessary;

• Providing safety reports on SMS performance on periodic basis;

• Providing safety advice to top management and proposing corrective actions on safety related-issues as needed;

• Ensuring that safety-related documentation and records are available and up-to-date.

Safety Levels and Targets

The term "acceptable risk" describes an event with a probability of occurrence and consequences acceptable to the society, i.e. the society is willing to take or be subjected to the risk that the event might bring.

It is the role of the safety regulatory authorities to translate the society

expectations and perceptions into a qualitative or quantitative target level of safety.

Definition:

The acceptable level of safety expresses the safety goals of an oversight authority, an operator, or a services provider.

From the perspective of the relationship between oversight authorities and operators/services providers, it provides the minimum safety objective(s)

acceptable to the oversight authority to be achieved by the operators/services providers while conducting their core business functions.

Safety Performance Targets

Safety performance targets define the required level of safety performance of a system. A safety performance target comprises one or more safety

performance indicators, together with desired outcomes expressed in terms of those indicators.

Safety Targets can be presented in either:

• Absolute (i.e. less than 1 fatal accident per 1 000 000 operating hours)

Safety Indicators

• Definition on Safety Performance Indicators: A measure (or metric) used to express the level of safety performance achieved in a system.

• Enable the organisation to measure and demonstrate the achievement of the set target levels.

• Safety indicators differ among the various sectors of the aviation industry such as;

• air navigation services provision,

• airline operations and

Safety Levels

The relationship between

acceptable level of safety, safety

performance targets and safety performance indicators, and

safety requirements

is as follows:

•

acceptable level of safety is the overarching concept;

•

safety performance targets are the quantified objectives

pertinent to the acceptable level of safety;

•

safety performance indicators are the measures/metrics used to

determine if the acceptable level of safety has been achieved

Key Performance Indicators

•

Easy judgments

•

Confirmed values

Promotion and Awareness

•

Newsletters – internal

•

Posters

•

Videos

•

Intranet

•

Presentations???

Safety Culture

•

A construct

•

An outcome,

not

a process

•

The introduction of safety management concepts lays the

foundation upon which to build a safety culture

•

•

Safety culture cannot be

Safety culture cannot be

“

“

mandated

mandated

”

”

or

or

“

“

designed

designed

”

”

, it

, it

evolves.

evolves.

•

Safety Culture

How to create a Safety Culture?

•

Depends on where you are starting from - you don’t get to the

end in one step, unfortunately, all the steps have to be traversed

•

Becoming a Safety Culture involves acquiring and then

maintaining a set of skills

•

The two major factors are

information and trust

, so these have

to be developed

•

Be systematic (SMS are a start) and then learn to operate with

the unknown as well

•

Have the program run right from the top

•

Appoint a

senior champion

who is dedicated and willing to stick it

out, even when it gets hard

•

The champion reports direct to the board

•

Recognise that it will be uncomfortable, safety cultures are

different, not just an add-on

Safety Culture

A Way Forward – developing a Safety Culture:

• Agree on ways to analyse incidents to reveal individual and system issues

• Develop reporting systems that are easy to use (compact, open-ended, impersonal)

• Encourage the workforce (air and ground) to realise that all incidents are worth reporting

• Experiment with changes when new information comes in, don’t be afraid to admit failure first time round

• Practice management in wanting to know from near misses before they become accidents

Positive culture

Positive

culture

Flexible culture

People can adapt

organizational processes when facing high temporary operations or certain kinds of

danger, shifting from the conventional hierarchical mode to a flatter mode.

Learning culture

People have the willingness and the competence to draw

conclusions from safety information systems and the

will to implement major reforms.

Informed culture

People are knowledgeable about the human, technical, organizational and environmental factors that determine the safety of the system as a whole.

Reporting culture

People are prepared to report their errors and

experiences

Just culture

People are encouraged (even rewarded) for providing essential safety-related information. However, there is a clear

line that differentiates between acceptable and unacceptable behaviour.

Just Culture

• Get rid of the idea that blame is a useful concept (this is hard to do)

• Define clear lines between the acceptable and the unacceptable

• Have those involved draw up the guidelines, do not impose from above if you want them to be accepted

• Have clear procedures about what to do with other forms of non-compliance

Just Culture

Confidentiality

• People are reluctant to draw attention to errors made by themselves or their colleagues, due to personal embarrassment. They must be confident that their identity, or the identity of any person implicated in the report will not be

disclosed without their permission or unless this is required by law. An

assurance should also be given that any subsequent safety action taken will, as far as possible, ensure the anonymity of the persons involved.

Punitive Action

• A person who breaks the law or breaches a regulation or company procedure through a deliberate act or gross negligence cannot expect immunity from

prosecution. However, if the offence was unpremeditated and unintentional, and would not have come to light except for the report, he/she should be protected from punishment or prosecution.

Loss of Licence

• The circumstances of a report may indicate that the performance of an

individual is below the acceptable level. This may indicate the need for further training, or even cancellation of an individual's licence. Such action must never

Workshop

Safety Culture

Just Culture

Promotion

The Safety Components

Organizational cultural transformation is not for the faint of heart. In fact, many attempts at transforming an organization fail, for a variety of reasons:

• "Playing at it" or "dabbling" with it until it's no longer fun

• Not applying the kind of leadership that would best meet the needs of the situation

• Intervening in the wrong places or at the wrong time

• Not taking this work seriously enough

• Not giving it enough time or attention

• Senior leaders "delegating" this work (rather than committing and investing their own time and energies)

• Knowing what needs to be done but being unwilling to do it...to go all the way

• Not having the people and tools available internally to get the job done

• Inability to engage all the right people in the process

Monitoring

•

Continuous

•

Documented

Awareness

•

Training

•

Pamphlets

•

News letters