nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
lianc
yond
g bey
moving
liance m
yond comp
moving be
nce movin
ompliance
a
e
yond comp
li
c
c
e
p
n
d
b
a
n
m
li
g
o
o
p
y
c
in
e
v
m
d
ce
b
o
o
n
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
mov
yond
plianc
comp
oving
moving be
eyond com
compliance
ing beyond
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
e
b
n
c
m
o
g
n
y
plia
ing beyond
nce movin
ompliance
moving be
v
c
a
li
o
d
e
p
eyond com
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
a
beyon
ompli
nd com
anc
moving
g beyond c
ce moving
oving beyo
ond compli
n
in
ompliance
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
yond
mplia
nce m
d com
movin
moving be
beyond co
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
pli
moving b
liance mo
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
li
c
b
p
d
n
n
a
m
g
li
o
o
in
mov
comp
lian
yond c
ing bey
ing beyond
ance mov
moving be
yond comp
compliance
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
beyo
movin
compli
ance m
yond co
e moving
ompliance
ond compli
ing beyond
c
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
m
e moving
pliance m
moving be
c
nd complia
m
n
beyond co
o
o
e
a
y
c
li
c
e
p
n
b
d
a
n
m
li
g
o
o
p
in
y
c
v
mo
yond
ing be
nd com
mplia
moving be
compliance
liance mov
oving beyo
beyond co
p
e
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
p
d
a
m
n
li
m
o
p
o
bey
compliance ond compliance mov
eyond com
g beyond c
b
d
in
n
v
g
ce moving
o
o
in
y
v
m
e
o
b
e
m
g
c
yo
g bey
movin
liance
mplian
moving be
nce movin
beyond co
ompliance
yond comp
a
e
c
e
li
c
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
ce m
oving
beyon
mplia
yond c
d complian
beyond co
moving be
ce moving
mpliance m
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
gb
complian
pliance m
beyond co
ing beyond
d
v
m
n
g
o
nce movin
o
o
in
c
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
movin
bey
omplia
ving be
mpliance
ce moving
g beyond c
compliance ond compliance mo
n
beyond co
d
a
li
n
g
p
o
in
y
m
v
e
o
o
b
c
m
g
ce
ompli
g bey
movin
beyond
d complian
g beyond c
nce movin
e moving
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
e
c
o
d
b
n
mo
c
g
ving beyon
g beyond
mpliance
nd complia
o
o
o
in
nce movin
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
comp
g be
mplian
ce mo
oving
ng beyond
beyond co
pliance m
nce movin
d complian
a
n
m
g
li
o
o
in
p
y
c
v
e
m
o
d
b
o
n
m
c
g
o
y
d
in
e
nc
moving be
ance mov
yond comp
ving beyon
li
e
o
p
e
b
nd complia
c
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
m
comp
ance
yond co
ing beyo
ompliance
ond compli
ing beyond
c
ance mov
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
com
nce m
omplia
ving b
moving
ing beyond
liance mo
nd complia
mpliance
g beyond c
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
d
y
in
n
e
e
v
o
c
b
mp
y
an
beyond co
pliance mo
moving be
ce moving
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
yond
ing be
plianc
nd com
moving be
compliance
iance mov
eyond com
oving beyo
d
e
b
n
m
c
g
o
n
y
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
dc
movin
liance
oving b
d comp
ving beyon
pliance m
yond comp
compliance
ving beyon
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
li
beyond co
moving be
ce movin
mpliance
g
n
o
yond comp
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
ving b
nce
mplian
beyond
yond co
pliance mo
beyond co
nd complia
moving be
ce moving
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
g
e
c
m
d
complianc
pliance mo
nce movin
beyond co
d
a
m
ving beyon
li
n
g
o
p
o
c
in
y
m
v
e
d
o
o
b
n
c
o
m
g
d
y
movin
com
beyon
ing be
liance
e moving
ance mov
ompliance
ing beyond
yond comp
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
oving
yond
omplia
g beyo
liance
moving be
mpliance m
g beyond c
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
e
v
g
m
c
o
d
o
n
yon
beyond c
pliance m
nce movin
d complia
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ovin
comp
plianc
beyond
ing bey
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
yo
ompli
yond
liance
ce mo
moving be
g beyond c
moving be
yond comp
d complian
in
e
n
e
v
b
c
o
o
y
n
g
m
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
oving beyo
beyond co
ance mov
nd complia
mpliance
m
li
o
o
p
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
Safety Management
System Principles
Moving beyond compliance
g bey
mplia
lian
yond c
moving
beyond co
nce movin
moving be
yond comp
a
g
mpliance
e
li
e
b
in
p
c
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
beyon
nd co
nce m
movin
mplianc
e moving
oving beyo
nd complia
ompliance
o
beyond co
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
a
in
e
li
m
v
b
p
d
o
om
ompliance
ving beyon
ce moving
pliance m
c
o
n
m
a
d
g beyond c
m
o
li
n
c
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
ompli
yond
ing be
mplia
moving
moving be
g beyond c
liance mov
mpliance
beyond co
e
in
p
c
v
g
n
o
m
in
a
o
m
li
v
c
p
o
e
d
m
m
c
n
o
n
o
i
bey
ompliance
g beyond c
ance mov
nd complia
c
li
o
in
p
d
y
v
n
e
o
m
ce moving
o
b
o
m
y
c
g
e
e
d
b
in
c
n
v
mo
d
g beyo
moving
complian
compliance
ving beyon
mpliance
nce movin
o
d
o
a
n
m
c
li
ng beyond
o
p
d
y
e
n
m
e
c
o
o
b
n
y
c
a
g
e
li
d
movin
comp
beyon
mplia
oving b
ompliance
beyond co
ing beyond
pliance m
ce moving
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
n
m
c
o
o
n
c
y
e
a
be
liance mov
nd compli
complianc
ing beyond
p
o
v
d
y
m
o
n
e
ce moving
o
o
b
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
movin
ce m
ing be
yon
complia
ance mov
ompliance
d complian
moving be
li
c
n
ng beyond
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
li
e
g
d
p
b
n
in
m
o
mov
nd co
comp
moving
ing bey
ompliance
oving beyo
ance mov
ing beyond
ompliance
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
g
pliance mo
ving beyo
eyond com
nd complia
o
m
b
o
o
m
nce movin
y
c
g
e
e
d
in
b
c
v
n
n
g
o
o
a
y
in
li
m
e
v
mo
ing b
yon
liance
d comp
moving be
compliance ond compliance mov
ving beyon
yond comp
d
e
e
n
c
b
o
n
y
a
g
e
li
in
b
p
v
g
m
o
y
o
m
comp
movin
ing be
yond c
compliance
ompliance
ance mov
ing beyond
moving be
li
c
v
p
o
d
e
m
n
m
c
o
o
n
e
c
y
a
c
e
li
d
n
b
p
n
m
a
o
li
m
ing
oving bey
ond comp
ompliance
beyond co
y
m
c
e
ance mov
g
d
b
e
in
n
c
v
g
o
n
o
y
in
a
e
v
li
m
b
o
p
oving
bey
d com
pliance
ance m
ving beyon
ce moving
mpliance m
eyond com oving beyond compli
n
o
b
a
c
li
g
d
p
n
in
m
o
v
o
y
o
c
e
m
ce
moving b
eyond com
liance m
ing beyond
e
b
p
v
c
g
o
n
m
d complian
a
in
o
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
m
liance
yond c
omplia
ing bey
moving be
yond comp
compliance
g beyond c
e
iance mov
e
d
in
b
c
v
n
g
n
o
o
a
y
in
m
li
e
v
p
b
o
e
m
g
c
m
nd co
movin
g bey
mplian
liance
oving beyo
beyond co
nce movin
ompliance
yond comp
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
m
c
e
v
b
o
o
d
e
nc
pliance m
ce moving
ving beyon
g beyond c
m
n
o
in
o
a
v
nd complia
m
li
c
o
p
d
e
m
m
n
c
o
o
n
e
c
y
a
c
ompli
ce
ving be
mplian
beyond
g beyond c
d complian
liance mo
beyond co
n
in
ce moving
v
g
o
n
y
o
in
a
e
v
li
m
b
o
p
e
g
m
m
c
in
o
n
v
c
e
nd
omplia
plianc
ving be
ce mo
oving beyo
liance mo
g beyond c
eyond com
d complian
p
b
in
n
v
m
o
g
o
o
y
in
c
e
m
v
b
d
o
e
n
g
co
m
c
o
in
n
oving bey
ance mov
ing beyond
ompliance
m
li
nd complia
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
oving
omplia
g beyo
nd com
ance
pliance m
nce movin
g beyond c
oving beyo
ond compli
a
y
in
li
m
e
v
p
b
o
e
m
g
c
m
o
n
in
c
a
e
v
li
d
c
o
yon
moving be
pliance m
yond comp
d complian
e
e
n
m
c
b
o
o
n
moving be
y
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
mov
dc
ing be
yond c
ance m
ving beyon
moving be
liance mov
compliance
o
ond compli
p
e
d
m
c
m
n
n
o
o
e
a
c
y
li
c
e
d
p
n
b
n
a
m
o
li
g
comp
movin
pliance
ing bey
yond co
mpliance
ing beyond
ance mov
eyond com
moving be
v
li
b
o
p
e
g
m
m
c
in
o
n
v
c
e
a
o
li
c
b
d
p
n
m
n
a
m
yo
mpliance
nd compli
ce moving
o
o
n
beyond co
c
y
moving be
a
g
li
e
d
p
b
in
n
v
o
m
g
o
y
o
in
e
c
m
v
b
oving
nd c
liance
ce mo
beyond
oving beyo
d complian
yond comp
mpliance m compliance moving
n
m
o
o
c
y
e
e
d
c
b
n
n
o
a
g
y
li
in
e
p
mov
plianc
yond
ving b
d com
mpliance
moving be
eyond com
ving beyon
pliance mo
b
o
e
m
g
c
m
o
n
in
c
a
v
e
d
li
o
c
n
p
n
m
o
g
a
m
y
li
be
beyond co
ompliance
ond comp
ance movin
c
y
li
g
e moving
e
p
d
in
b
n
v
m
o
g
o
o
y
c
in
m
e
v
d
b
o
n
e
lianc
yond
nce m
moving
g beyo
yond comp
moving be
nd complia
nce movin
ompliance
o
e
a
c
y
li
c
d
e
p
n
n
b
a
m
o
li
g
o
y
p
c
e
in
m
n
v
b
d
mo
beyond co
nd complia
ce moving
ving beyon
g
o
n
o
y
a
mpliance
in
li
e
m
v
p
b
o
e
g
m
m
c
o
in
n
c
v
e
a
ce mo
ving
compli
beyond
mplianc
liance mo
d complian
e moving
p
beyond co
ing beyond
n
v
o
m
g
o
y
o
in
e
c
m
v
b
d
o
e
g
n
m
c
o
in
n
ov
ce
bey
plia
eyond
lianSafety
ing finalised
omdocument
mpthe
ance Itmwas
iseendorsed
Policy
Group
steered,
bynce moving b
eyond cThis
nce movand
compli(SPG).
yond coby
adeveloped
li
d
p
b
n
a
o
m
g
li
y
o
p
in
e
c
v
b
m
d
o
o
g
an
n
c
ce m industry p
g beyo of:
nominated
representatives
group
comprising
nce movinon a steering
g beyond
ond compli
ovin
a
y
in
li
m
e
v
complian
b
o
e
m
g
m
c
o
n
in
c
e
a
v
d
li
c
o
nce m
movin
complian
ing beyon
yond comp
beyondDes
ce movColin
nd complia
ving be
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
Clifton,
Southeastern
Lowe,
Merseyrail
y
in
n
v
n
e
e
a
mpli
nce mo
moving b
complianc
plia(formerly
oving beyo
e
d
m
m
c
n
o
n
o
beyond co
c
e
a
y
li
c
d
e
p
n
n
b
a
o
m
li
g
y
of
Transpennine
Express)
o
comp
lia
movin
ing be
yond c
nceFerguson,
yond comp
ing beyond
liance mov
moving be
e
v
compliaIain
p
b
o
ORR
e
m
g
m
c
o
n
in
c
e
v
a
li
c
d
o
p
n
n
m
a
o
mpli Abellio d compliance
g bey
movi
d coO’Neill,
yond com
nce movin
yon
ompliance
ing beyonMark
c
e
moving be
v
b
d
o
e
n
g
m
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
com Gaiger, RSSByo
nce m of NationalliaExpress)
plia(formerly
oving beyo
d complia
e moving
m
c
n
m
o
n
beyondShamit
c
e
e
d
c
p
b
n
n
o
a
m
g
li
y
o
in
p
e
c
yond
ving b
d com
mpli
ance mov
moving be
ving beyon
pliance mo
beyond co
o
d compliChris
e
m
g
c
m
o
n
in
c
a
v
e
li
d
o
c
p
n
n
m
o
a
m
y
li
e
Hext,
Network
Rail
(formerly
of
Volker
Rail)
o
p
Stuart
Parsons,
RSSB
g be
mov
yond c
d com
mplianc
nce movin
compliance
moving be
beyond co
ving beyon
d
o
n
g
e
c
o
m
in
y
n
v
e
a
e
o
li
b
c
y
p
m
n
g
a
m
ance
d co Hopper, RSSB
moving be
nd compli
ompliRod
nce movin
c
o
e
a
y
li
c
g beyonDarryl
d
e
p
n
n
b
a
o
m
li
y
g
o
Reid,
Network
Rail
p
e
c
in
b
m
v
d
o
ce mo
beyon
omp
moving
yond c
d complian
g beyond c
moving be
ce moving
ompliance
n
in
c
e
v
a
li
c
d
o
p
n
n
m
a
o
m
li
y
o
e
p
e
c
c
v
b
com DB Schenker
yond
oving How, Railway
nd Tordoff,
Industry
liance mo
d complian
beyoAlan
ing beAssociation
p
n
v
o
g
m
o
y
ance mFrancis
o
in
e
m
c
v
b
o
d
e
g
n
m
c
o
in
n
mov
bey
ing bey
complia
mpliance
compliance
e moving
ance mov
d
li
c
ng beyond
beyond co
n
p
n
o
a
g
m
li
y
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
nce
movin
com
yond
g beyo
nd complia
moving be
ing beyond
compliance
nce movin
v
e
a
o
d
li
c
n
m
p
n
o
a
m
y
li
e
o
e
c
p
c
b
n
m
a
d
g
m
ovin
beyond co
mpliance
ond compli
ving beyon
g
o
y
o
c
e
liance m
in
© RSSB 2011
m
b
v
d
o
n
g
e
o
m
c
in
y
v
n
e
e
o
a
c
pli
g be
comreserved.
nce m
oving b
mplian
ndrights
pliance m
nce movin
beyond co
nd complia
ng beyoAll
a
o
m
li
g
y
o
p
in
e
c
v
b
m
d
o
o
g
n
c
m
o
in
d
y
v
o of charge for research,
be study or for ointernal
nce
d com
beyon
pliapublication
vingprivate
may
pliance mfree
omreproduced
ond comThis
ving beyon
liance mo
ce m ving circulation
d cbe
o
p
n
n
m
a
o
m
li
y
o
e
p
e
c
c
b
m
n
d
o
g
a
n
c
li
in
o
ondreferenced accurately
bey to it being reproduced
mov an organisation.
com
notp being used d compliance m
ovinisgsubject
yondand
ing beyand
e
mThis
v
pliance within
b
o
e
g
m
c
in
n
yon
v
e
a
o
li
c
p
n
m
lia be acknowledged
ingofbethe
cecopyright of RSSB
ovtitle
d com
ing b
context.eThe
the
the
lian
d compmust
e m
mpas
nmaterial
cand
o
o
n
c
y
a
d
li
b
n
p
ving beyinoan misleading
o
ance mov
g
m
li
y
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
in
o
v
d
y
e
m
o
n
e
c
publication
use of the
yo contact
an specified accordingly.
oving bor any additional
ving beplease
beyond co
oqueries,
mplianceFormanycother
e mmaterial
g
m
c
o
in
ond compli
c
n
e
v
a
c
d
o
li
n
n
p
m
a
o
li
m
y
e
p
o
e
omRSSB website:nwww.rssb.co.uk.
gb
RSSB:
enquirydesk@
rssb.co.uk.eThis
d cthe
yondpublication isvaccessible
nvia
mplianc
ovin
compliance
beyo d co
d
o ing beyo
n
mpliance m ompliance moving b
g
m
o
in
y
v
e
e
o
c
b
n
m
g
a
li
dc
movin
comp
pliance
oving
ving beyon
ompliance
pliance m
ing beyond
eyond com
c
v
b
m
d
o
o
g
n
c
m
o
in
y
d
v
e
e
n
o
c
b
o
o
n
m
y
e
lia
oving bbeyond
g beyond c
ce movingSMS Principles:
mMoving
ompliance
n
in
c
a
yond comp
e
v
li
compliance
d
c
o
p
n
n
m
o
a
m
li
y
o
e
p
e
c
c
b
m
oving
ce
mplian
beyond
yond co
beyond co
d complian
mpliance m compliance moving
g
n
moving be
o
in
y
v
e
e
o
c
b
n
m
a
g
li
e
in
p
g
m
nc
ov
nd
beyond co
pliance m
nd complia
ance movin
oving beyo
eyond com
oving beyo
ce moving
ond compli
nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
lianc
yond
g bey
moving
liance m
yond comp
moving be
nce movin
ompliance
a
e
yond comp
li
c
c
e
p
n
d
b
a
n
m
li
g
o
o
p
y
c
in
e
v
m
d
ce
b
o
o
n
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
mov
omp
plianc
oving
beyond
movingThe
g beyondtochaveminoplace
eyond com
compliance
in
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
e
b
requirement
for
businesses
n
c
o
g
n
y
ovin guidancee is
omplia
ving be
mpliance
ing beyond
nce mThe
osafety
mostructured
v
c
a
li
o
d
p
eyond carrangements
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
to
manage
within
their
a
com sections:
eyon
ompli
anc
yond four
ce moving
moving itbhas
g beyond c
ce concept;
oving beinto
ond compli
n
in
omplianorganisations
y
m
a
v
e
li
o
b
is
not
a
new
been
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
mplia
movin
ance m
nd com for many b
g beyondin various
yolegislation
movinenshrined
g beof
eyond coSection
d compliof
forms
years.
n
vin
mpliance
g
o
o
o
y
c
in
m
e
1:
The
evolution
safety
arrangements
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
o
pli
moving b haveaevolved
liance -m
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
explains
how
safety
arrangements
li
c
b
p
d
n
n
m
g
li
o
o
in
eypast 20
movbeen written on
comp
Much
SMSs over
lian
yond c
ing bthe
nce has
eyondlearned
g blessons
inby
ance mov
moving be
yond comp
compliayears
over time
influenced
from
major
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
ranging
from
well
established
documents
such
as
ce mstandards leading
ompli
movin
g beyo
lianquality
yond co
key
legislation
ing beManagement
e movin
vSafety
nd compand
g beyond c accidents,
ompliance
o
in1997a)
c
y
mo
v
e
d
o
b
e
n
c
Successful
Health
&
(HSE,
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
lia
com
oving
ofeanmSMS.
compthrough
pliance tomthe development
moving be
c
nd 2007)
m
n
beyondand
o
o
e
a
y
c
li
c
e
p
n
b
d
a
OHSAS
18001
(BSI,
to
lesser
known
n
m
li
g
o
o
p
in
y
c
v
om
ing be
eyond
mplia
nce mo
movacademic
g beyond c
moving bSection
compliaindustry
liance and
ovinthe
beyond co
p
e
specific
documents
papers.
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
2:
Shaping
system
highlights
p
d
a
m
n
li
m
o
p
o
v
bey
com
pliance
ingspite
eyond c there is vstill
com
eyond the
liance mo
gofbinformation
b
p
d
in
n
v
of such
a
wealth
g
m
ce movIn
o
o
o
in
y
c
m
e
o
d
importance
of
having
a
clear
purpose
for
the
b
n
e
m
g
c
o
an
ce
yo
e movin
ving bey
compliof
mpliaofnwhat
codetail
ndthe
moving be
uncertainty
an
SMS
ce misobespoke
nwhich
beyonda degree
ompliancorganisation’s
yoin
a
e
c
e
li
c
SMS
to
its
individual
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
c
g basic structures ving beyon
lia
ond Lack
liance ismand its purpose.
e movinthe
yond comp
ving beyrisk.
circumstances
and
of
clarity
d compactually
beand
mooperating
ce mo
mpliancAlthough
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
b are clear, theinorganisational
co in this area typically
plianto uncertaintycand
ang SMS
g beyond environment
com
leads
pliance m
beyonddrive
d
v
m
n
g
o
nce moofvin
o
o
in
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
in
e
ancpractice
bey
omplia
that affect
its use
can be
ving be been a root
e movwithin
mpliand
d crelationships
theporganisation
ce moving
g beyonand
compliancapathy
liance mo and has
n
beyond co
d
a
li
n
m
g
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
li
nd
complex.
ce
bey of many majorovaccidents,
gcause
movin
examples
beyovarious
yond comp
d complian
g beof
nce movin
e m ing
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
o
e
c
o
d
b
n
m
c
n
are presented. d
lia on the otherohand
d
ving
beyocomplicated
compclarity
vin
g beyonwhich
mpliance
n Greater
SMSs
can
begoverly
and
o
o
in
nce moFurthermore,
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
g
mo a consciouscfocus
can
for
improvement
at all
omp
g be
mplian
ce create
ovin
nd ceffectiveness
compromised
of
ng beyotheir
beyond co by highglevels
plian e m
nce movin
d complianlevelsyofonthe
a
n
m
g
li
o
o
in
p
y
c
v
e
m
o
d
b
o
m
c
organisation.
d
in
e
plianc
a ‘compliance-centred’
or
aclack
moving be
ance movapproach,
yond comp
ving beyon
li
e
o
p
e
b
nd combureaucracy,
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
d co industriesbeyonSection
m
ing beyo
d comp3: The system
eyondifferent
accidents
mplianc-ediscusses
the
ompliance
ond cinopractice
ing
c
ance mofovpurpose.pliMajor
y
movinginbmany
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
v
c
b
o
n
m world have occurred
cothe
around
oving the advantages
ce mto improve the
mpliaSMSs existedcompliandrivers
owhere
ving b
nce inmpractice,
ing beyond
liance mo
nd
mpliaSMS
g beyond c
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
d
y
in
n
e
e
v
but
were
ineffective.
o
c
b
mp
an
bey
style
that encourages
vingapproach
beyond co
pliance mo
moand
ce movinofga management
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
com
g be
and
continuous
improvement
and
plianc at all levels
nd empowers
eyond is to provoke
ovin
The
purpose liof
this
guidance
moving btherefore
compliance
iance m
eyond com
oving beyo
d
e
b
n
m
c
g
o
n
y
e
a
in
e
c
v
b
p
n
o
a
g
m
m
li
o
in
can help
the effective moving b
p
omorganisations
nceusing data correctly
movassure
liahow
yond c and discussion
ond crail
ving bethought
yond comp use of
compliance
ving beywithin
e
mpliance
o
d
b
o
n
m
c
g
o
the
SMS.
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
e
li
b
in
p
e
v
c
g
m
o
n
regarding
the
underlying
factors
that
contribute
to
o
in
m
a
c
v
beyond co
mo
ce
mpli
g
n
o
yond
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
d
an
ving b working m
nce
beyinon
of the SMS
practice.
yond co 4: System
moeffective
ond compli and maturity
pliance the
beyperformance
nd complia
moving be Section
ce oving
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
e
c
m
d
nc
moan individual liance moving
on whatothis
liance for
compli-afocuses
pmeans
beyond co
d
m
ving beyon
n
g
o
c
in
y
v
e
d
o
b
n
o
m
g
y
nd comp and yond com
liance
ving be
the difference
between
g beyo‘excellence’
in
nce movin
moorganisation,
v
a
o
li
e
p
m
c
n
m
e
a
o
yond comp
li
c
c
p
n
oving be
d
a
com
e m
mpliand what is involved
eyon
c
d
o
b
n
n
c
a
o
g
li
d
y
in
p
n
e
‘gold
plating’,
in
going
beyond
v
o
b
m
o
y
o
g
e
m
liance
c
moving b simpleecompliance.
mpliance
g beyond
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
v
g
m
c
o
d
o
n
yon
beyond c
pliance m
nce movin
d complia
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ovin
comp
plianc
beyond
ing bey
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
yo
ompli
yond
liance
ce mo
moving be
g beyond c
moving be
yond comp
d complian
in
e
n
e
v
b
c
o
o
y
n
g
m
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
oving beyo
beyond co
ance mov
nd complia
mpliance
m
li
o
o
p
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
I
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
Introduction
SMS Principles - Moving beyond compliance
g bey
mplia
lian
yond c
moving
beyond co
nce movin
moving be
yond comp
a
g
mpliance
e
li
e
b
in
p
c
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
beyon
nd co
nce m
movin
mplianc
e moving
oving beyo
nd complia
ompliance
o
beyond co
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
a
in
e
li
m
v
b
p
d
o
om
ompliance
ving beyon
ce moving
pliance m
c
o
n
m
a
d
g beyond c
m
o
li
n
c
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
ompli
yond
ing be
mplia
moving
moving be
g beyond c
liance mov
mpliance
beyond co
e
in
p
c
v
g
n
o
m
in
a
o
m
li
v
c
p
o
e
d
m
m
c
n
o
n
o
i
bey
ompliance
g beyond c
ance mov
nd complia
c
li
o
in
p
d
y
v
n
e
o
m
ce moving
o
b
o
m
y
c
g
e
e
d
b
in
c
n
v
mo
d
g beyo
moving
complian
compliance
ving beyon
mpliance
nce movin
o
d
o
a
n
m
c
li
ng beyond
o
p
d
y
e
n
m
e
c
o
o
b
n
y
c
a
g
e
li
d
movin
comp
beyon
mplia
oving b
ompliance
beyond co
ing beyond
pliance m
ce moving
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
n
m
c
o
o
n
c
y
e
a
be
liance mov
nd compli
complianc
ing beyond
p
o
v
d
y
m
o
n
e
ce moving
o
o
b
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
movin
ce m
ing be
yon
complia
ance mov
ompliance
d complian
moving be
li
c
n
ng beyond
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
li
e
g
d
p
b
n
in
m
o
mov
nd co
comp
moving
ing bey
ompliance
oving beyo
ance mov
ing beyond
ompliance
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
g
pliance mo
ving beyo
eyond com
nd complia
o
m
b
o
o
m
nce movin
y
c
g
e
e
d
in
b
c
v
n
n
g
o
o
a
y
in
li
m
e
v
mo
ing b
yon
liance
d comp
moving be
compliance ond compliance mov
ving beyon
yond comp
d
e
e
n
c
b
o
n
y
a
g
e
li
in
b
p
v
g
m
o
y
o
m
comp
movin
ing be
yond c
compliance
ompliance
ance mov
ing beyond
moving be
li
c
v
p
o
d
e
m
n
m
c
o
o
n
e
c
y
a
c
e
li
d
n
b
p
n
m
a
o
li
m
ing
oving bey
ond comp
ompliance
beyond co
y
m
c
e
ance mov
g
d
b
e
in
n
c
v
g
o
n
o
y
in
a
e
v
li
m
b
o
p
oving
bey
d com
pliance
ance m
ving beyon
ce moving
mpliance m
eyond com oving beyond compli
n
o
b
a
c
li
g
d
p
n
in
m
o
v
o
y
o
c
e
m
ce
moving b
eyond com
liance m
ing beyond
e
b
p
v
c
g
o
n
m
d complian
a
in
o
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
m
liance
yond c
omplia
ing bey
moving be
yond comp
compliance
g beyond c
e
iance mov
e
d
in
b
c
v
n
g
n
o
o
a
y
in
m
li
e
v
p
b
o
e
m
g
c
m
co this document
bey
suggested that within
system set-ups some
mplian
liaItnisce
yond is
e movin
Who
ancdifferent
e moving
oving be
beyond co for?
nclikely
omplithan
yond comp ideas
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
m
c
e
v
b
will
work
better
others
but
none
are
to
o
o
d
e
lianc
pliance m
ce moving
ving beyon
g beyond c
m
n
o
in
o
a
v
nd compThis
m
li
c
o
p
d
e
m
m
n
c
o
o
n
e
c
document
is
aimed
at:
y
a
c
li option in all circumstances.
be o
the
mpbest
ce
ving be
mplian
beyond
g beyond c
d complian
liance mo
beyond co
n
in
ce moving
v
g
o
n
y
o
in
a
e
v
li
m
b
o
p
e
g
m
m
c
in
o
n
v
c
e
nd managers who
g be
mplia with an
plianc reading thecoguidance,
ce mo well-usedliaSMS
d coclosely
oving b•eyoSenior m
nce movin
g beyonwork
eyond com While
d mplian certain
p
b
in
n
v
m
o
g
o
o
y
in
c
e
v
b
d
o
e
n
g
co
m
c
o
organisation’s
safety
management
system
(SMS)
in
n
y
v
are worthmkeeping
oving binemind:
ance moprinciples
ing beyond
ompliance
li
nd complia
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
yo
d com
oving
ance
vingtobeconsider
nd complia with
mowant
yocommensurate
ways
of g beyon
pliance• m Other cstakeholders
ncewho
g bebe
ovin
ond compli
a
y
in
li
m
•
The
SMS
should
the
e
v
p
b
o
e
m
g
c
m
o
n
in
a
e
v
li
d
c
o
yon their SMSbmore
d comp
moving be
pliance m
yoneffective
d complianorganisation’s
e
e
n
m
c
risks
o
o
n
moving be making
y
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
dc
ing be
yond c
pliance m
ance mov
ance mov
ving beyon
moving be
lithe
comforpliall
o
ond com
p
e
d
m
c
m
n
n
o
o
e
a
c
y
li
c
e
d
p
n
b
This
guidance
is
suitable
organisations
within
n
a
m
o
li
g
•
The
complexity
of
the
SMS
is
likely
to
match
the
p
d co
movin
pliance
oving bey
yond comand
be
ving beyon complexity
mplianceGB rail industry,
ing
ance mof
eyond com
mohave
v
li
b
o
p
e
regardless
whether
or
not
they
of
the
organisation
its
operations
g
m
m
c
in
o
n
v
c
e
a
o
li
c
b
d
p
n
m
n
a
m
eyo
nd coGuided
mpliance
nd compli
ce moving
eyoOther
o
o
n
band
c
y
movingtobcomply
a
g
li
e
d
p
b
in
n
with
Railway
Transport
v
o
m
g
o
y
o
in
e
c
m
v
b
o
e
ond be sought, g beyond c
ing practicable,osimplicity
beyshould
• ovWhere
ance m2006).
mplianc(Safety)
Regulations
d compli(ROGS,
e m ving
yond coSystems
mpliance m
c
n
movisin
o
n
o
c
y
a
li
e
d
ce SMS
p
b
n
o
m
g
y
lianthe
o
in
e
c
picture
how
mp
nc
gb
oof
ndbut a more complete
mov
c
o
in
y
v
d
e
e
o
n
c
b
o
m
n
y
g
a
e
li
e
in
Therefore:
b
c
p
nd complia
v
n
g the organisation
m
mo
eyaobetter
vin
plia
b
o
e
m
g
c
m
o
n
in
c
working
will
allow
to
have
a
v
e
d
li
o
c
n
p
n
m
o
g
a
m
y
li
be
nd co
liance
mpentire
beisyo
othe
ond comp understanding
ance movin
c
y
li
g
e movin•g Transport
e
p
d
in
b
n
v
m
o
g
o
o
of
situation
y
c
in
m
e
v
d
b
Operator
used
in
relation
to
ROGS
o
n
e
ving
lianc
yond
nce m
g beyo
pliance mo
yond comprequirements
moving be
nd comitpislia
nce movin
om
o
e
a
c
because
the definition
used
within
y
li
c
d
e
p
n
n
b
a
m
o
li
g
o
y
p
c
e
in
m
n
v
b
d
g
mo guidance forncTransport
yon
nd co
beyodocument?
nd complia
ving beWhat
g
o
is
not
in
this
o
plus
y
a e movinUndertakings
mpliance ROGSnd
in
li
e
m
v
p
b
o
e
g
m
m
c
o
in
n
c
v
e
a
ce mo
ving
compli
beyo
mplianc
Managers
liance mo
d complian
e moving Infrastructure
p
beyond coAs this
ing beyond
n
v
o
m
g
o
y
o
in
e
c
m
v
b
d
o
e
g
n
m
c
o
in
n
bey beyond oving beyond
plia
mov document isefocused
g moving
liance
inon
nd compused
eyond c•omOrganisation
nc movthat
compliancecompliance,
yisootherwise
aassumed
li
ce m have
e
d
p
b
n
to
mean
any
o
m
g
lianalready
y
o
it
is
readers
in
e
c
v
b
d
o
g
an
n
m
nd compwill
ovin
o
beyo
m
y
g
e
e
b
in
c
v
n
g
ond compli
o
a
y
in
li
m
e
v
complianceorganisation
p
that
works
within
the
GB
rail
industry
b
o
e
m
g
m
c
o
n
in
a
compliant
SMS
in
operation.
Therefore,
this
document
c
e
a
v
d
li
c
o
e m
beyon
mplian
d comp
nce movin
compliancguide
pliaSMS
beyond codoes not
ce moving
n
ving beyon
man
g
o
o
o
provide
a dstep-by-step
tonwriting
y
c
in
m
e
v
d
b
o
e
g
m
c
o
y
in
n
v
n
e
e
a
mo
complito use this
moving b
document
complianc
pliance
oving beyo
e
d
m
m
c
n
o
n
from
scratch.
o
beyondHow
c
e
a
y
li
c
d
e
p
n
n
b
a
o
m
li
g
y
o
comp
lia
yond c
oving be
nce movin
nce mby
yond comp
ing beyond
liainitiated
moving be
e
v
compliaWhile
p
b
o
e
m
g
m
c
o
n
in
c
e
v
a
li
c
d
o
SMSs
have
been
regulation,
this
p
n
n
m
a
o
e that are not nce movi
ncSMS
ompliare importantndaspects
liaan
ond com
ving bey
compof
lia
eyond cThere
nce moguidance
mprisk
oving beythe
yo within
ing bwith
e
v
b
aims
to m
complement
compliance
focus
d coas
o
e
g
m
c
in
n
yonsuch
v
e
a
covered
specifically
this
guidance,
e
o
li
c
b
p
n
m
g
a
m
li
e
in
o
p
c
v
c
n
o
m
d
a
o
pli
oving beyo
dascsystems thinking.
e m
m
c
n
m
o
n
o
beyon additional concepts
c
y
a
e
li
e
d
such
c
p
b
n
n
o
a
m
g
li
y
o
in
p
e
c
management
and
accident
investigation.
RSSB
and
ving b
mpli
ce mov
beyond
ond com
ing beyproduce
moving other
valready
pliance mo
beyond co
o
d complian
e
m
g
c
m
o
n
in
c
a
organisations
comprehensive
v
e
li
d
o
c
p
n
n
m
o
a
m
y
li
e
o
d c thought and
g btoeprovide key principles
It aims
comp
plianc
ance mov
plibe
nd comreferences
beyond guidance
ving beyotonprompt
nce movin
com
on
these
to
which
can
moorganisation
beyosubjects,
ving can
d
o
n
g
e
c
o
m
in
y
n
v
e
a
e
o
li
b
c
p
m
discussion
within
an
so
that
managers
n
g
a
m
ce throughout this
d co
oving bey
e movin(full URL plinks
mthe
nd compli
omplianfound
ncdocument
c
o
e
a
are
at
y
li
c
g beyonmake
d
e
p
n
n
b
a
o
m
li
y
g
o
e
c
in
b
m
v
d
o
o appropriate decisions
themmost
c
ing will improve oving beyon
ovthat
ondpages
liance
g beyweb
anceat m
yond comp
back) and in csupporting
found
the
d compthe
mpliSMS
gonbe
movinSMS
ce m
otheir
n
in
c
e
v
a
li
d
o
p
n
n
effectiveness
of
the
most
appropriate
m
a
o
m
li
y
o
e
p
e
c
c
v
b
d
comwebsite.
oving
g beyoneffective
liance mo
d complian
beyondRSSB
inbecomes
p
n
v
o
g
m
o
y
ance mtimes.
o
in
e
m
c
v
b
o
d
The
SMS
therefore
through
e
g
n
m
c
o
in
n
a
bey
ing bey
pliance
ance mov
nd complieffort
comthan
yondrather
e moving
ance mov
li
c
ng beyoconsidered
betime
over
at gthe
end
ofd acompli
n
p
n
o
a
g
m
li
y
o
in
p
e
c
v
b
m
o
d
o
n
m
c
e
ovin
beyo
com
yond
pliancof
prescribed
mpliance m compliance moving
nd comseries
moving be
ing beyond
costeps.
v
e
o
d
c
n
m
n
o
a
y
li
e
e
c
p
b
n
m
a
d
g
m
in
beyond co
mpliance
ond compli
ving beyon
g
o
y
o
c
e
liance mov
in
m
b
v
d
o
n
g
e
o
m
c
in
y
v
n
e
e
o
a
c
g be
compli
nce m
oving b
mplian
pliance m
nce movin
beyond co
nd complia
ng beyond
a
o
m
li
g
y
o
p
in
e
c
v
b
m
d
o
o
g
n
c
m
o
in
d
y
v
ance
d com
beyon
ce mo
ving be
ond compli
ving beyon
liance mo
ce moving
d complian
o
p
n
n
m
a
o
m
li
y
o
e
p
e
c
c
b
m
n
d
o
g
a
n
m
c
li
in
o
v
y
yond comp
ompliance
ing beyond
e
moving be
c
v
pliance mo
b
o
d
e
g
n
m
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
m
d com
omplia
ing b
liance
moving
ving beyon
ance mov
g beyond c
mpliance
li
yond comp
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
in
o
v
d
y
e
m
o
n
e
c
b
an
beyond co
oving beyo
mpliance m compliance moving
g
m
o
in
ond compli
c
e
v
c
d
o
n
n
m
a
o
li
y
e
p
e
nd com
mplianc
oving b
eyond
compliance
beyond co
d
oving beyo
n
mpliance m ompliance moving b
g
m
o
in
y
v
e
e
o
c
b
n
m
g
a
li
dc
movin
comp
pliance
oving
ving beyon
ompliance
pliance m
ing beyond
eyond com
c
v
b
m
d
o
o
g
n
c
m
o
in
y
d
v
e
e
n
o
c
b
o
o
n
m
y
e
lia
oving bbeyond
g beyond c
ce movingSMS Principles:
mMoving
ompliance
n
in
c
a
yond comIIp
e
v
li
compliance
d
c
o
p
n
n
m
o
a
m
li
y
o
e
p
e
c
c
b
m
oving
ce
mplian
beyond
yond co
beyond co
d complian
mpliance m compliance moving
g
n
moving be
o
in
y
v
e
e
o
c
b
n
m
a
g
li
e
in
p
g
m
nc
ov
nd
beyond co
pliance m
nd complia
ance movin
oving beyo
eyond com
oving beyo
ce moving
ond compli
Using the Guidance
nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
m
lianc
oving
yond
g bey
mpliance
yond comp
moving be
mpliance m d compliance movin
o
e
yond co
c
c
e
n
d
b
a
n
li
g
o
p
y
in
e
v
m
ce
b
o
o
n
BS
British Standard
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
c
mov
omp
yond
oving
d complian Board
beyond cColumbia
moving be
eyonInvestigation
compliance
Accident
ingCAIB
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
e
b
n
c
m
o
g
n
y
plia
ing beyond
nce movin
ompliance
moving be
v
c
a
li
o
d
e
p
eyond com
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
a
beyon Maturityin
ompli
CMMI
Capability
Model Integration
nd com
anc
moving
g beyond c
ce moving
ov g beyo
ond compli
n
in
ompliance
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
om
yond
mplia
nce m
movin
beyond cCompetence
moving be
Management
beyond co System
nd complia
vingCMS
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
pli
moving b
liance mo
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
li
c
b
p
d
n
n
a
m
g
li
o
o
in
CSM
Common
mov
comp
g bey Safety Method
lian
yond c
in
ing beyond
ance mov
moving be
yond comp
compliance
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
pli
co
beyo
movin
ance m
g beyondCommon
Safety
eyond com
e moving
ompliance
ond compli
ing bTargets
c
y
movinCST
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
m
e moving
pliance m
moving be
c
nd complia
m
n
beyond co
o
o
e
a
y
c
li
c
e
p
n
b
d
a
n
m
li
g
o
o
p
in
y
c
v
EFQM
European
for Quality
mo
g be Foundation
yond Management
in
nd com
mplia
moving be
compliance
liance mov
oving beyo
beyond co
p
e
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
p
d
a
m
n
li
m
o
p
o
c
bey
compliance ond compliance mov
eyond com
g beyondEuroNorm
EN
b
d
in
n
v
g
ce moving
o
o
in
y
v
m
e
o
b
e
m
g
c
vin
nce
yo
g bey
mplian
pliance mo
nd complia
moving be
nce movin
beyond co
omAgency
yoERA
a
e
c
e
li
c
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
European
Railway
ce m
oving
beyon
mplia
yond c
d complian
beyond co
moving be
ce moving
mpliance m
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
d
gb
FAA
Aviation
Authority
complian
pliance m
beyond co
ing beyonFederal
d
v
m
n
g
o
nce movin
o
o
in
c
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
nce
movin
bey
omplia
ving be
nd complia
ompliance
ce moving
g beyond c
cOrganisation
liance mo
n
p
beyo
d
a
li
n
m
g
p
o
o
in
y
c
m
v
e
o
d
o
HRO
High
Reliability
b
c
n
m
g
o
ce
ompli
g bey
movin
beyond
d complian
g beyond c
nce movin
e moving
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
e
c
o
d
b
n
mo
c
n
g
and Safety
beyond
ing beyoHealth
vHSE
gExecutive
mpliance
nd complia
o
o
o
in
nce movin
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
plian
comp
g be
pliance mo compliance moving
yond comSuccessful
ng beyond
beHSG65
nce movin
d com
a
n
g
li
o
in
p
y
v
e
m
o
d
b
Health
and
Safety
Management
HSG65
o
n
m
c
g
o
y
d
in
e
nc
moving be
ance mov
yond comp
ving beyon
li
e
o
p
e
b
nd complia
c
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
m
ance
ond co
ing beyo
nd comp
Standards
ving beyInternational
ompliance
ond compli
ing beyoOrganisation
c
ance mov
y
moISO
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
plia
com
oving
ving b
pliance m
eyond comOccupational
pliance m
ing beyond
d comand
liance mo
nHealth
mServices
g bOHSAS
p
o
o
in
y
c
m
v
e
o
d
Safety
Advisory
o
b
c
n
m
g
o
d
y
in
n
e
e
v
o
c
b
mp
y
an
beyond co
pliance mo
moving be
ce moving
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
om
m
yond
ing be
plianc
Operator
termofor
beyond cOperator
moving beThe short
compliance
vinag Transport
iance mov
eyond com
d
e
b
n
m
c
g
o
n
y
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
mp
dc
nce
movin
oving b
eyond coOffice
ving beyon
nd complia
pliance m
yoRegulation
compliance
ving bORR
e
m
o
d
of
Rail
b
o
n
m
c
g
o
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
li
beyond co
moving be
ce movin
mpliance
g
n
o
yond comp
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
yond Safety Case
ving b
nce
mplian
RSCR
beyond co
oving beRailway
pliance mo
beyond co
nd complia
moving Regulations
ce m
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
g
e
c
c
m
d
mplianTransport
liance mo
coGuided
pRegulations
nce movin
beyond coRailways
d
a
m
ving beyon
li
n
g
o
p
o
c
in
y
m
v
e
d
o
ROGS
and
Other
(Safety)
o
b
n
c
o
m
g
d
y
movin
com
beyon
ing be
liance
e moving
ance mov
ompliance
ing beyond
yond comp
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
eyo Policy Group
oving
yond
omplia
g bSafety
SPG
liance
moving be
mpliance m
g beyond c
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
e
v
g
m
c
o
d
o
n
c
yon
omplia
beyond Safety
pliance m
nce movin
d cSystem
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
SMS
Management
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ey Quality Management
ovin
TQM ing b
Total
comp
plianc
beyond
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
pli
yo
comwithin
ce mo
pliancefor
yondused
ing beyond Themcollective
moving be
ORR’s
guidance
nd com
g beterm
movTransport
yoROGS
d complian
in
e
n
e
v
b
c
o
o
y
n
g
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
e InfrastructurepliManagers
complia Railway
Undertaking
oving beyo
beyond co
ance mov
ndOperator
mpliancand
m
o
o
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
III
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
Glossary
Frequently Asked Questions
The FAQ matrix provides a quick reference to pages related to the questions posed. It is not designed to answer all
questions or provide exhaustive answers.
I want to...
Improve employee participation
Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect.
1.1 1.2 1.3 1.4 1.5 1.6 2.1 2.2 2.3 2.4 2.5 3.1 3.2 3.3 3.4 4.1 4.2 4.3 4.4
34 38
41
5
Improve safety leadership
29
30 38
36
Understand why standards and procedures are not followed
34 43
Understand how to integrate my SMS
Gain commitment for safety
Get senior management more involved
5
Our employees not following safety rules
15
7
12
7
12
29
49
52
12
34
42
45
47
66
8
34 43
8
13
What we say as being the same as what we do
Real improvements in safety
IV
65
34 43 49
65
66
44 53
64
66
8
13
31 39
42
66
13 16
29
30 43
66
30 39
65
51
52
53
54
Our goals are met but the system does not seem to
improve
An SMS that works well with the business
64
65
30 39
47
Our best practice ideas struggle within the organisation
Increased activity to improve the organisation
51
52
53
55
1.1 1.2 1.3 1.4 1.5 1.6 2.1 2.2 2.3 2.4 2.5 3.1 3.2 3.3 3.4 4.1 4.2 4.3 4.4
Our organisation not seeming to learn
I want to see…
64
65
Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect.
Always fire fighting
What we say and what we do being disjointed
64
65
11 12
Our request for 2 way communication does not create
improvements
Our standards as they do not reflect what is happening on
the ground
64
30
34
29
30
38
40
7
Be able to create a reliable system
I have a problem with...
43 49
52
12
Gain greater control over my SMS
65
64
Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect. Sect.
1.1 1.2 1.3 1.4 1.5 1.6 2.1 2.2 2.3 2.4 2.5 3.1 3.2 3.3 3.4 4.1 4.2 4.3 4.4
12
18
38
34 40
43
64
11 12
16
29
64
38
29 42
44
65
12
29
40 53
SMS Principles: Moving beyond compliance
Contents
Section 1 – The evolution of safety arrangements. . . . . . . . . . . . . . 1
1.1 SMS Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.2 Evolution timeline for organisational safety arrangements. . . . . . . . . . . . . . .
1.3 The origins of the SMS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.4 The impact of legislation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.5 Where are we now? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.6 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3
4
5
6
7
7
Section 2 – Shaping the system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1 What is a system?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Establishing a purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.3 Implications of an ill-defined purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.4 Preparations for an effective system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.4.1 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.4.2 Scope and structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.4.3 Establishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.5 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Section 3 – The SMS in practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.1 Organisational essentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.1.1 Governance arrangements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.1.2 Organisational approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.1.3 Company standards and procedures . . . . . . . . . . . . . . . . . . . . . . . . .
3.1.4 Competence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2 Management style and approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2.1 Leadership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2.2 Management style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2.3 Employee participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2.4 Cooperation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2.5 Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.3 Monitoring SMS effectiveness. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.3.1 Targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.3.2 Safety performance indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.3.3 The reliability of measurement processes . . . . . . . . . . . . . . . . . . . . . .
3.3.4 Safety assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.4 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
29
29
30
34
34
38
38
39
43
45
47
49
49
51
52
55
57
Section 4 System performance and maturity . . . . . . . . . . . . . . . . . 61
4.1 Organisational excellence. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.2 The ORR approach to safety excellence. . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.3 An approach to excellence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.3.1 Optimisation across the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.3.2 Understanding localised complexity . . . . . . . . . . . . . . . . . . . . . . . . . .
4.3.3 Confidence to build from within . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.4 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
63
63
64
64
65
66
67
Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Further reading details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
www.rssb.co.uk
V
VI
SMS Principles: Moving beyond compliance
nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
lianc
yond
g bey
moving
liance m
yond comp
moving be
nce movin
ompliance
a
e
yond comp
li
c
c
e
p
n
d
b
a
n
m
li
g
o
o
p
y
c
in
e
v
m
d
ce
b
o
o
n
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
mov
yond
plianc
comp
oving
moving be
eyond com
compliance
ing beyond
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
e
b
n
c
m
o
g
n
y
plia
ing beyond
nce movin
ompliance
moving be
v
c
a
li
o
d
e
p
eyond com
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
a
beyon
ompli
nd com
anc
moving
g beyond c
ce moving
oving beyo
ond compli
n
in
ompliance
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
yond
mplia
nce m
d com
movin
moving be
beyond co
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
pli
moving b
liance mo
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
li
c
b
p
d
n
n
a
m
g
li
o
o
in
mov
comp
lian
yond c
ing bey
ing beyond
ance mov
moving be
yond comp
compliance
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
beyo
movin
compli
ance m
yond co
e moving
ompliance
ond compli
ing beyond
c
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
m
e moving
pliance m
moving be
c
nd complia
m
n
beyond co
o
o
e
a
y
c
li
c
e
p
n
b
d
a
n
m
li
g
o
o
p
in
y
c
v
mo
yond
ing be
nd com
mplia
moving be
compliance
liance mov
oving beyo
beyond co
p
e
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
p
d
a
m
n
li
m
o
p
o
bey
compliance ond compliance mov
eyond com
g beyond c
b
d
in
n
v
g
ce moving
o
o
in
y
v
m
e
o
b
e
m
g
c
yo
g bey
movin
liance
mplian
moving be
nce movin
beyond co
ompliance
yond comp
a
e
c
e
li
c
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
ce m
oving
beyon
mplia
yond c
d complian
beyond co
moving be
ce moving
mpliance m
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
gb
complian
pliance m
beyond co
ing beyond
d
v
m
n
g
o
nce movin
o
o
in
c
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
movin
bey
omplia
ving be
mpliance
ce moving
g beyond c
compliance ond compliance mo
n
beyond co
d
a
li
n
g
p
o
in
y
m
v
e
o
o
b
c
m
g
ce
ompli
g bey
movin
beyond
d complian
g beyond c
nce movin
e moving
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
e
c
o
d
b
n
mo
c
g
ving beyon
g beyond
mpliance
nd complia
o
o
o
in
nce movin
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
comp
g be
mplian
ce mo
oving
ng beyond
beyond co
pliance m
nce movin
d complian
a
n
m
g
li
o
o
in
p
y
c
v
e
m
o
d
b
o
n
m
c
g
o
y
d
in
e
nc
moving be
ance mov
yond comp
ving beyon
li
e
o
p
e
b
nd complia
c
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
m
comp
ance
yond co
ing beyo
ompliance
ond compli
ing beyond
c
ance mov
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
com
nce m
omplia
ving b
moving
ing beyond
liance mo
nd complia
mpliance
g beyond c
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
d
y
in
n
e
e
v
o
c
b
mp
y
an
beyond co
pliance mo
moving be
ce moving
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
yond
ing be
plianc
nd com
moving be
compliance
iance mov
eyond com
oving beyo
d
e
b
n
m
c
g
o
n
y
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
dc
movin
liance
oving b
d comp
ving beyon
pliance m
yond comp
compliance
ving beyon
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
li
beyond co
moving be
ce movin
mpliance
g
n
o
yond comp
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
ving b
nce
mplian
beyond
yond co
pliance mo
beyond co
nd complia
moving be
ce moving
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
g
e
c
m
d
complianc
pliance mo
nce movin
beyond co
d
a
m
ving beyon
li
n
g
o
p
o
c
in
y
m
v
e
d
o
o
b
n
c
o
m
g
d
y
movin
com
beyon
ing be
liance
e moving
ance mov
ompliance
ing beyond
yond comp
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
oving
yond
omplia
g beyo
liance
moving be
mpliance m
g beyond c
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
e
v
g
m
c
o
d
o
n
yon
beyond c
pliance m
nce movin
d complia
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ovin
comp
plianc
beyond
ing bey
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
yo
ompli
yond
liance
ce mo
moving be
g beyond c
moving be
yond comp
d complian
in
e
n
e
v
b
c
o
o
y
n
g
m
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
oving beyo
beyond co
ance mov
nd complia
mpliance
m
li
o
o
p
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
Page
1
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
Section 1
The evolution of safety arrangements
Section 1
The evolution of safety arrangements
Section Overview
The origins of management
systems and the evolution
of safety legislation that has
influenced railway safety
arrangements are presented in
this section in order to provide
background and put the SMS
into context.
Quality within Great Britain (GB) has often
been associated with the attainment of
compliance to minimum standards, rather
than a drive for continuous improvement,
but the drive to achieve quality cannot be
delivered unless it is an embedded objective
within the whole workforce.
The contents
include:
1.1 SMS basics
1.2 Evolution timeline
1.3 The origins of SMS
1.4 The impact of legislation
1.5 Where are we now?
1.6 Conclusion
The concept of the SMS is built on the
principles of Total Quality Management
(TQM) although not all of the principles have
been successfully adopted. ROGS provides
the opportunity for the development of an
SMS bespoke to the organisation’s scope
of operations and risk profile. However
where there is a culture of compliance it
will be more difficult to do this. Making the
SMS bespoke to the organisation provides
a platform to move beyond compliance
building on a broader approach.
Page 2
SMS Principles: Moving beyond compliance
1.1 SMS basics
The SMS can be considered to be the totality of
an organisation’s arrangements for assuring and
improving safety. As ROGS guidance states ‘the safety
management system is the basis for making sure a
transport system runs safely and in line with ROGS.’
The SMS should also fulfil the requirements of regulation
5 of the Management of Health and Safety at Work
Regulations (MHSWR) to have arrangements in place to
cover health and safety. It is said that ‘management of
health and safety will depend, amongst other things, on
a suitable and sufficient risk assessment being carried
out and the findings being used effectively’.
The scope of this guidance is not to reiterate what
is already available on the mandatory or common
elements of railway SMSs (see further reading).
Rather it is to consider what is appropriate beyond
the mandatory minimum and to prompt thought and
discussion within organisations with regard to how their
individual SMS can work more effectively in practice.
Further reading...
To find out more about general SMS guidance it may be useful to refer to the documents listed below:
Health and Safety
HSE: ‘Successful health and safety management’ (HS(G)65)
Rail Based
European Rail Agency: ‘A System Approach Application Guide for SMS’
*NTC Australia: ‘Preparation of a Rail Safety Management System’
Aviation Based
*Flight Safety Information Journal: ‘A Brief Overview of Safety Management Systems for Aviation Professionals’
*International Civil Aviation Organisation: ‘Safety Management Manual’
*Federal Aviation Authority: ‘SMS Framework’
Others
*E and P Forum: ‘Guidelines for the Development and Application of Health, Safety and Environmental
Management Systems’
*International Labour Organisation: ‘Guidelines on occupational safety and health management systems’
*Ministry of Defence: ‘An introduction to system safety management in the MOD’
* Although these documents are useful references to the subject area, they are written under different
legislative regimes and should be read with this in mind. See page 70 onwards for full references
www.rssb.co.uk
Page 3
Section 1 - The evolution of safety arrangements
1.2 Evolution timeline for organisational safety arrangements
1965
The Nuclear Installations Act 1965. This required
the first set of formalised safety arrangements to
be developed by organisations in order to gain a
licence to operate.
1971
The first UK wide standard for quality assurance
in the electronics industry BS 9000, was produced
by the British Standards Institute.
1976
A chemical release incident occurred near
Seveso, Italy. It was a major hazardous event
affecting thousands, but which led to development
of the European Seveso Directive.
1979
The UK agreed British Standard document BS
5750, an assurance standard that would be
available across all industries.
1984
The European Seveso Directive was implemented
in UK law by the Control of Industrial Major
Accident Hazards (CIMAH) regulations in 1984,
which created the need for chemical operators to
have a Safety Case.
1987
BS 5750 was developed into the international
standard ISO 9000:1987. Its aim was to influence
the management of organisations to meet a
certain standard of quality in their products.
1991
Piper Alpha offshore oil installation disaster
occurred in the North Sea, leaving 167 people
dead.
1991
Concept of TQM was combined with safety to
form HS(G)65 Successful Health and Safety
Management.
1992
The Management of Health and Safety at Work
Regulations (MHSWR, 1992).
1996
BS8800 developed as a British Standard to help
implement and manage an SMS.
2006
ROGS replaced the RSC with the Safety
Management System and brought it to the
forefront of an organisation’s effort to manage
safety.
1994
Railway (Safety Case) Regulations (RSCR)
required transport operators to have a Safety
Case. Within the Safety Case actions were
required in pursuance of Regulation 5 of the
MHSWR.
2000
RSCR guidance highlighted that operators should
hold a Health and Safety Management System
highlighting the benefits of TQM and HS(G)65.
2011
Five year anniversary of the introduction of
ROGS and start of the safety recertification
process for duty holders
Figure 1: Timeline of organisational safety arrangements
Page 4
SMS Principles: Moving beyond compliance
1.3 The Origins of the SMS
The concept of managing safety through processes and
management systems has its origins in manufacturing
standards. As manufacturing developed in the twentieth
century, the demand for assurance and consistency
of products grew with it. Early standards required
manufacturers to document their work procedures,
which were later inspected to ensure that work was
being undertaken accordingly. These early approaches
aimed at compliance rather than improvement. Quality
was generally regarded as consistency in achieving the
minimum required standards.
The changes brought about by this shift looked
to engage the whole organisation in the activity
of improving product quality. This led to dramatic
improvements in the product caused by the engagement
of the employees undertaking the work.
The success of this change in approach to quality
created widespread interest across other countries,
industries and subject areas. Many of the principles
were collected in an approach known as Total Quality
Management (TQM).
Example...
The first UK wide standard for quality assurance was
British Standard (BS) 9000, produced by the British
Standards Institute (BSI) in 1971 to assist the electronics
industry in the development of this new sector. By 1979
the UK had agreed an assurance standard that would
be available across all industries. This BS 5750 was
produced to assist quality compliance as a general aim
within organisations. Its main contents were:
Continuous improvement in the Japanese
automotive industry
•
Management responsibility
•
A quality system
•
Design control
•
Document control
The vehicle transmission of a Japanese car
manufacturer was found to function at much
higher specifications than its American rivals. The
transmission’s components were working with a
tolerance well within the specifications required
by American car manufacturers.
•
Process control
•
Inspection
•
Measuring
•
Testing
•
Corrective action
•
Training
In 1987, BS 5750 was developed into the international
standard ISO 9000:1987. This document aimed to
control the management of organisations so that they
could produce to a certain standard of quality in their
products.
During this time a different view of management systems
from Japan gained popularity because of a successful
step change achieved in the field of quality.
This change endeavoured to move the management
of quality within an organisation’s product away from
inspection at the end of its development, towards
activities and involvement by all workers to continuously
improve quality throughout production.
www.rssb.co.uk
This example shows how continuous
improvements made by employees can
outperform improvements directed by senior
management and attempts to achieve quality
through procedures and inspections alone.
The superiority of the Japanese components did
not come from higher specifications set out by
management. It came from the will of its workers
to continuously improve beyond minimum
standards. The workers had a purpose they
believed in, which generated trust and results
beyond what could be achieved by specification
and compliance alone.
There are many aspects of TQM that we would
recognise in today’s SMS including:
•
Senior management leadership and commitment
•
Continuous improvement
•
Plan – Do – Check – Act
•
Worker participation
•
A TQM culture (this has many similarities to a safety
culture)
Seeing the potential of TQM, the Health and Safety
Executive (HSE) combined these principles with safety
in 1991 and published ‘HS(G)65 Successful Health and
Safety Management’.
Page 5
Section 1 - The evolution of safety arrangements
In 1994 the ISO standard 9001 was updated but with
a new emphasis to undertake preventative actions to
manage safety. In 2000 the document was updated
once again, this time incorporating the principles of
TQM.
The spread of management systems from quality into
the fields of environment, safety, asset management,
security management and social accountability
has resulted in a variety of applications. However,
ISO standards can continue to promote top-down
control within the organisation similar to their earlier
counterparts rather than encouraging the need to
generate understanding for improvement amongst
everyone, as per the TQM approach.
ISOs can be seen as simply cataloguing work
procedures and conforming to them. By design they
do not require organisations to demonstrate that they
understand what the management systems mean
beyond compliance with a tick box list of components.
In this way the organisation can earn an ISO standard
without fully understanding or integrating meaningful
principles bespoke to their operation into the
organisation.
Further reading...
To find out more about TQM and its links to safety
and ISO standards, refer to the documents listed
below:
HSE: ‘TQM and the management of health and
safety’
Seddon, J: ‘A Brief History of ISO 9000 Where
did we go wrong?’
See page 70 onwards for full references.
1.4 The impact of legislation
The safety arrangements of an organisation first
became formalised in the UK by the use of a Safety
Case presented to regulators as part of a permissioning
regime.
The Nuclear Installations Act of 1965 required nuclear
installations to hold a licence; one of its requirements
was the development and use of a Safety Case.
The Safety Case required the organisation to describe
- and demonstrate the fitness for purpose and
effectiveness of - safety arrangements through the
nuclear installation’s lifecycle. The actions carried out
by people working at the installation and the equipment,
maintenance arrangements etc, were then required to
conform to those described in the Safety Case.
In 1976, a chemical release near Seveso, Italy caused
widespread environmental damage and adversely
affected the health of thousands of people. The resultant
European Seveso Directive was implemented in UK
law by the Control of Industrial Major Accident Hazards
(CIMAH) regulations in 1984, which created the need
for chemical operators to also have a Safety Case. This
set a precedent that was followed by other industries.
Subsequent to the Piper Alpha offshore oil installation
disaster in 1991, the Safety Case used to demonstrate
that oil production platforms were safe also had to
deliver a successful SMS.
In the same year the HSE published HS(G)65
Successful Health and Safety Management. This
guidance could be used to support Regulation 5
of the Management of Health and Safety at Work
Regulations (MHSWR, 1992, now 1999) that required an
organisation to have health and safety arrangements in
place.
In 1996, BS8800 was developed as a British Standard
to help implement and manage an SMS. It built on
HS(G)65 but placed a further emphasis on implementing
the SMS, the Plan – Do – Check – Act cycle and a
safety culture. The development of Occupational Health
and Safety Management System Specification (OHSAS)
18001 which has international recognition, may be seen
as the continuation of standards thinking on SMS and
the attempted incorporation of TQM ideas.
In 1994 the Railway (Safety Case) Regulations (RSCR)
required transport operators to have a Safety Case,
within which actions were required in pursuance of
Regulation 5 of MHSWR. Later in 2000 the RSCR
guidance highlighted that operators should hold a
Health and Safety Management System highlighting the
benefits of TQM and HS(G)65.
Page 6
SMS Principles: Moving beyond compliance
The railway safety case (RSC) regime had two
purposes:
(a) To give confidence that an operator had the ability,
commitment and resources to properly assess and
effectively control risks to the health and safety of
staff, contractors, passengers and the public
(b) To provide a comprehensive core document, with
links to other more specific documents, rules and
procedures, against which management and HSE
can check that the accepted risk control measures
and the health and safety management systems
have been properly put into place and continue to
operate in a way originally intended. (HSE, 2001)
The RSC brought about a number of benefits for Duty
Holders (Transport Operators). A major benefit of the
regulations came from the process of developing the
RSC itself. The process identified gaps in procedural
documentation and led to the development of new
company standards.
The RSC also encouraged the proactive use of risk
assessment to explore specific risks within a Duty
Holder’s operation.
However, the RSC regulations often resulted in large
amounts of detail to be provided by operators because
the safety case was developed to satisfy two users; the
operator and the regulator. A large document would be
good for the regulator, because it would fully explain
and document activities to be audited against, but was
cumbersome for the operator to maintain.
1.5 Where are we now?
In 2006 ROGS replaced the RSC Regulations and
brought the SMS to the forefront of an organisation’s
effort to manage safety.
The previous regime had maintained the ‘compliance’
aspect of safety also advocated by quality standards.
This may have inhibited the improvement and
understanding aspects of safety.
Further reading...
The requirements of ROGS are supported by
ORR guidance:
ORR: The Railways and Other Guided Transport
Systems (Safety) Regulations 2006 (ROGS) (as
amended) ‘A guide to ROGS’
See page 70 onwards for the full reference.
Effective safety management requires a balance
between compliance to approved ways of working
and the widespread understanding of how work
processes and procedures are developing. Excessive
documentation written only by those who strategise
the work can exaggerate a separation between those
who do the thinking about the work and those who are
carrying it out. This can limit innovation and continuous
improvement.
ROGS provided an opportunity to address the balance,
although this can prove challenging, especially to an
industry that has developed through a tradition focussed
on compliance, law and standardisation.
1.6 Conclusion
A ’compliance culture’ has been ingrained in rail
organisations by many years of rules and standardsdriven safety legislation and management. This
compliance culture has in some ways been reinforced
through the RSC. It is a culture which is widespread
and difficult to change.
Approaches such as TQM suggest greater balance
between compliance with minimum standards where
necessary and innovation in pursuit of continuous safety
performance improvement. This is the context within
which the railway SMS now sits and is the challenge that
this guidance aims to help safety managers and others
address.
The main reason for the introduction of ROGS was
to implement the European Railway Safety Directive
(2004/49/EC) which created a common framework for
railway safety across Europe. The requirement for the
transport operator to provide comprehensive documents
for the regulator had been removed and a smaller
‘signpost’ document could be produced with a summary
of the safety management system.
www.rssb.co.uk
Page 7
Section 1 - The evolution of safety arrangements
Discussion point...
What does this guidance mean by compliance
cultures...?
The extract below from a 2009 speech by Judith
Hackitt, chair of the Health and Safety Executive,
highlights the problems of an overly bureaucratic
mindset on organisational safety.
‘Standards, frameworks and management
systems have become increasingly popular
as tools for delivering assurance to boards
and organisations’ stakeholders. There is no
doubt that management systems can and do
provide a good framework for structured and
comprehensive management of risks. But that
said, paperwork does not save lives...
[with regard to] ever more prescription and
detailed instruction. I can fully appreciate the
immediate attraction of this approach.... but it is
not appropriate for [safety assistance] to come
in the form of prescriptive detailed requirements.
I am firmly of the view that we have reduced far
too much of the role of managers and supervisors
to ‘ticking the boxes’, and we should certainly not
do that in the field of health and safety...
Summing up
•
Quality cannot be inspected into a product. The
drive to achieve a quality product needs to be an
objective shared among, and embedded within, the
whole workforce
•
ISO standards can continue to promote
conformance and control rather than understanding
and improvement unless integrated into wider
practices of the organisation
•
Previous legislation and organisational standards
may have maintained a conformance attitude to
safety rather than the development of understanding
and improvement
•
ROGS allows for the development of an SMS
bespoke to the organisation’s operations and risk
profile
•
The SMS should satisfy the organisation itself, not
just the regulator
I’ve already said a number of things about
common sense - don’t over bureaucratise the
process, don’t try to eliminate all risk - because
you can’t and because that is not what the law
requires. We all need to recognise that this is
an area of management which requires the
exercising of judgment - not just at Board level
but throughout the organisation, and ensure that
people at all levels in the organisation are trained
and encouraged to exercise their own judgment
not just comply with the rules’.
Page 8
SMS Principles: Moving beyond compliance
nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
lianc
yond
g bey
moving
liance m
yond comp
moving be
nce movin
ompliance
a
e
yond comp
li
c
c
e
p
n
d
b
a
n
m
li
g
o
o
p
y
c
in
e
v
m
d
ce
b
o
o
n
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
mov
yond
plianc
comp
oving
moving be
eyond com
compliance
ing beyond
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
e
b
n
c
m
o
g
n
y
plia
ing beyond
nce movin
ompliance
moving be
v
c
a
li
o
d
e
p
eyond com
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
a
beyon
ompli
nd com
anc
moving
g beyond c
ce moving
oving beyo
ond compli
n
in
ompliance
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
yond
mplia
nce m
d com
movin
moving be
beyond co
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
pli
moving b
liance mo
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
li
c
b
p
d
n
n
a
m
g
li
o
o
in
mov
comp
lian
yond c
ing bey
ing beyond
ance mov
moving be
yond comp
compliance
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
beyo
movin
compli
ance m
yond co
e moving
ompliance
ond compli
ing beyond
c
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
m
e moving
pliance m
moving be
c
nd complia
m
n
beyond co
o
o
e
a
y
c
li
c
e
p
n
b
d
a
n
m
li
g
o
o
p
in
y
c
v
mo
yond
ing be
nd com
mplia
moving be
compliance
liance mov
oving beyo
beyond co
p
e
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
p
d
a
m
n
li
m
o
p
o
bey
compliance ond compliance mov
eyond com
g beyond c
b
d
in
n
v
g
ce moving
o
o
in
y
v
m
e
o
b
e
m
g
c
yo
g bey
movin
liance
mplian
moving be
nce movin
beyond co
ompliance
yond comp
a
e
c
e
li
c
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
ce m
oving
beyon
mplia
yond c
d complian
beyond co
moving be
ce moving
mpliance m
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
gb
complian
pliance m
beyond co
ing beyond
d
v
m
n
g
o
nce movin
o
o
in
c
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
movin
bey
omplia
ving be
mpliance
ce moving
g beyond c
compliance ond compliance mo
n
beyond co
d
a
li
n
g
p
o
in
y
m
v
e
o
o
b
c
m
g
ce
ompli
g bey
movin
beyond
d complian
g beyond c
nce movin
e moving
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
e
c
o
d
b
n
mo
c
g
ving beyon
g beyond
mpliance
nd complia
o
o
o
in
nce movin
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
comp
g be
mplian
ce mo
oving
ng beyond
beyond co
pliance m
nce movin
d complian
a
n
m
g
li
o
o
in
p
y
c
v
e
m
o
d
b
o
n
m
c
g
o
y
d
in
e
nc
moving be
ance mov
yond comp
ving beyon
li
e
o
p
e
b
nd complia
c
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
m
comp
ance
yond co
ing beyo
ompliance
ond compli
ing beyond
c
ance mov
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
com
nce m
omplia
ving b
moving
ing beyond
liance mo
nd complia
mpliance
g beyond c
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
d
y
in
n
e
e
v
o
c
b
mp
y
an
beyond co
pliance mo
moving be
ce moving
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
yond
ing be
plianc
nd com
moving be
compliance
iance mov
eyond com
oving beyo
d
e
b
n
m
c
g
o
n
y
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
dc
movin
liance
oving b
d comp
ving beyon
pliance m
yond comp
compliance
ving beyon
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
li
beyond co
moving be
ce movin
mpliance
g
n
o
yond comp
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
ving b
nce
mplian
beyond
yond co
pliance mo
beyond co
nd complia
moving be
ce moving
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
g
e
c
m
d
complianc
pliance mo
nce movin
beyond co
d
a
m
ving beyon
li
n
g
o
p
o
c
in
y
m
v
e
d
o
o
b
n
c
o
m
g
d
y
movin
com
beyon
ing be
liance
e moving
ance mov
ompliance
ing beyond
yond comp
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
oving
yond
omplia
g beyo
liance
moving be
mpliance m
g beyond c
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
e
v
g
m
c
o
d
o
n
yon
beyond c
pliance m
nce movin
d complia
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ovin
comp
plianc
beyond
ing bey
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
yo
ompli
yond
liance
ce mo
moving be
g beyond c
moving be
yond comp
d complian
in
e
n
e
v
b
c
o
o
y
n
g
m
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
oving beyo
beyond co
ance mov
nd complia
mpliance
m
li
o
o
p
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
Page
9
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
Section 2
Shaping the system
Section 2
Shaping the system
Section Overview
The previous section
highlighted the opportunity and
benefits for organisations to
tailor their SMS to their own
particular needs and activities.
This section highlights the
benefits to be gained from
giving thorough consideration
to the foundations on which
the SMS is built, starting with
setting a clear and understood
purpose.
Many organisations will already hold a
compliant SMS. However, there is benefit in
an organisation making a conscious effort to
look again at the purpose of the SMS, what
the principles are for achievement and what
this achievement looks like.
The contents
include:
2.1 What is a system?
2.2 Establishing a purpose
2.3 Implications of an ill-defined
purpose
2.4 Preparations for an effective
system
2.5Conclusion
Examples of major accidents and events
are provided throughout section 2. These
illustrate various underlying factors that
relate to failures of SMSs for which principles
for improvement are discussed in Section 3.
Preparations for creating an effective system
are discussed and include re-considering the
purpose of the SMS, its scope and structure
and establishing the system in practice.
Page 10
SMS Principles: Moving beyond compliance
2.1 What is a system?
Before defining the purpose of the SMS it is important to
understand some key terms, such as what is meant by
the concept of a ‘system’.
A system can be defined as:
‘Two or more parts that work together to accomplish a
shared aim.’ (Deming, 2000)
For a system to be effective it must have a clear
purpose and also a defined system boundary to
establish what should and should not be included within
it.
Supersystem
At a basic level, a system can be anything that a person
is interested in understanding better. For a Formula One
team, it may be an engine, the whole car, the car plus
the driver, or the car plus driver with track and pit stop
crew.
Chosen System – Emergency Department
Image Credit: CHEN WEI SENG / Shutterstock.com
Figure 2: Examples of systems of interest
A system will have an environment and/or a
supersystem that it is a part of, as well as subsystems
that work within it. What counts as supersystem,
system or subsystem will vary depending on each
individual’s perspective. For example, one person’s
system of interest may also be another’s supersystem or
subsystem.
Systems can be complex; they have purposes,
boundaries, differing views of use and interfaces,
they also have subsystems and may be part of a
supersystem. These factors should be recognised,
understood and managed. Where the system begins
and ends is often not obvious and therefore it needs
to be debated, iterated and decided, in order to be
managed effectively.
www.rssb.co.uk
Image Credit:
Sue Robinson /
Shutterstock.com
Subsystem
Figure 3: Example hierarchy of systems / subsystems
Further reading...
For further details on the ideas behind this:
Royal Academy of Engineering: ‘Creating
systems that work’
See page 70 onwards for the full reference.
Page 11
Section 2 - Shaping the system
Example...
BP Deepwater Horizon disaster
This example highlights the importance of a
shared aim for a system that links management
and its employees. It also shows the benefits
of identifying supersystems, systems and
subsystems.
On the evening of 20 April 2010, hydrocarbons
escaped from the Macondo well onto
Transocean’s Deepwater Horizon oil rig in the
Gulf of Mexico leading to explosions and a fire
that killed 11 and injured 17. The fire burned
for 36 hours until the rig sank. Hydrocarbons
continued to flow from the wellbore for 87 days,
causing an environmental disaster.
The US commission’s report on the disaster
(National Commission on the BP Deepwater
Horizon Oil Spill and Offshore Drilling, 2011)
identified a significant lack of understanding
between management thinking and front line
activity as a contributing factor. It identified
a disconnection in what was required by
management and what could be achieved. In
essence the aims of management were not
aligned and shared with its employees.
The accident was also caused by failings
between the organisations that worked on the
rig and was exacerbated by differing levels of
safety culture throughout organisations in the
offshore oil and gas industry. By recognising
supersystems, systems and subsystems for
the management of safety arrangements the
interfaces between organisations would have
been more readily identified and the important
interfaces better managed.
2.2 Establishing a purpose
An organisation needs to put concerted effort into stating
a clear purpose for the SMS to determine how it needs
to be built and share understanding as to how it should
be shaped. The importance of establishing a clear
purpose for the SMS should not be underestimated.
Without this the outcomes from the SMS may not be fit
for purpose. During its development, the organisation
should make a conscious effort to understand:
•
What the SMS is to be about
•
What the principles are for achievement
•
What achievement looks like in reality
Other reasons to develop a clear purpose are that:
•
The purpose sets out what the employees aim
towards, it allows them to understand what they
contribute to and clearly asks them to invest in the
idea
•
It allows management to show leadership and
direction
•
It is only through conscious effort that the
relationships between SMS activities will be clearly
understood and therefore open to optimisation
•
It should generate cooperation between functional
interfaces to meet the overall purpose
•
It promotes the development of a positive
organisational culture
Other contributing factors to this disaster include:
•
Overbearing organisational standards and
procedures
•
Lack of competence
•
Poor management style
•
Low workforce participation
•
Poor cooperation and communication
between organisations
RSSB has produced a summary of the
investigation report into this incident; see page 70
onwards for the full reference.
Page 12
SMS Principles: Moving beyond compliance
2.3 Implications of an ill-defined
purpose
Unclear and ill-defined aims, built up over time, can
default the SMS to a form that has reduced benefits.
An under-performing SMS with an ill-defined purpose is
more likely when the organisation is:
•
Only attempting to meet basic legal requirements
•
Unthinkingly following the SMS of other
organisations
•
Repackaging versions of previous / existing systems
•
Focusing purely on producing comprehensive
standards and procedures, resulting in a compliance
culture
An SMS with an ill-defined purpose will prove less
effective because it has:
•
Poor foundations on which to develop a safety
culture and continuous improvement
•
Been designed by convenience which sacrifices
effectiveness and efficiency
•
Originally been designed for, and therefore better
suits, a different organisation
•
Details and structure that better suit a different
legislative system
•
Become overly complex and inflexible, and is
continually added to without thought or justification
Example...
The loss of the Nimrod aircraft
This example from the independent inquiry into
the Nimrod accident of 2006 review shows how
the lack of a clear and conscious purpose can
reduce the effectiveness of safety arrangements.
On 2 September 2006, RAF Nimrod XV230
was on a routine mission when it suffered a
catastrophic mid-air fire, leading to the death of
all 14 people on board. The immediate cause
of the fire was a fuel leak. However, behind this
cause was a series of errors made in the Nimrod
safety case.
The development of the safety case showed
all the hallmarks of an ill-defined purpose. The
safety case was said to have ‘missed the key
dangers’ and was ‘fatally undermined by a
general malaise’. The ‘task of drawing up the
Safety Case became essentially a paperwork
and ‘tickbox’ exercise’. The lack of a clear and
bespoke purpose also allowed the system to
become very complex and defeat the overall
objective of the safety case: ‘The Safety Case
regime has lost its way. It has led to a culture
of ‘paper safety’ at the expense of real safety. It
currently does not represent value for money’.
The Nimrod Review highlighted:
Safety Case faults as: Principles for the
future as:
Bureaucratic length
Succinct
Compliance-only
Home-grown
exercises
Failure to see the wood Accessible
for the trees
Archaeological
Proportionate
documentary exercises
Lack of operator input Easy to understand
Disproportionality
Document light
Other contributing factors to this loss include:
•
Poor governance and leadership
•
A poor organisational approach
•
Poor standards and procedures
RSSB has produced a summary of the
investigation report into this incident; see page 70
onwards for the full reference.
www.rssb.co.uk
Page 13
Section 2 - Shaping the system
The purpose cannot be at odds with how the
organisation is run. For example, a purpose that sees
employees as viable contributors will struggle if working
alongside organisational structures, standards and a
culture that limits real participation. A compromise that
involves the employees, but does not satisfy commercial
objectives, can equally be a shortcoming.
The purpose should be believed in by senior
management. It also needs to make sense to
employees, contractors and suppliers because the
effectiveness and efficiencies of the future will be found
by everyone directing their energies together towards
this common aim.
In order to promote benefits and gain commitment to a
clearly defined purpose:
•
Senior management needs to show consistency of
purpose to strive towards the goal
•
Time should be allowed for trust and conviction to
build; it will not come quickly, especially if it has
previously been broken
•
Short-term and perhaps unsustainable benefits may
need to be sacrificed for long-term thinking
•
Managers and employees should have the
responsibility, competence and resources to achieve
their purposes
•
Recommendations should be generated for the
future as new attainment levels of effectiveness can
lead to the identification of new purposes
The organisation may choose to set out the purpose
of the SMS in policies, detailed policy breakdowns,
objectives, plans and strategies.
Page 14
Example...
Fire Service Reforms
This example illustrates the importance of
periodically reviewing SMS arrangements to
ensure they are still optimised for the risks they
address. It also illustrates the importance of
thinking carefully about the purpose and scope of
an SMS when reviewing its component parts.
In 2001 the UK introduced a major reform to
the basis on which Fire and Rescue Services
were planned and operated. The Fire Service
had previously been set targets in terms of the
required number of appliances and maximum
time for response. The standards were highest
for dense industrial and commercial centres.
Over the intervening decades, however, building
standards had evolved to the point where fire risk
in these areas was minimal. The safety risk from
fires was now almost entirely in residential areas.
On top of this shift in where the safety risk lay,
the old Fire Service standards made no reference
to any form of activity to prevent fire. Nor did
the standards (or Fire Service funding) at all
reflect the large volumes of Fire Service activity
and numerous lives they saved in road traffic
accidents and other emergencies they attended
besides fires.
The reforms reset the purpose and scope of the
Fire Service to include a wider ‘fire and rescue’
remit, and required Fire Authorities to plan their
services around an Integrated Risk Management
Plan - directing their resources towards where
they could have the greatest effect in reducing
public risk.
SMS Principles: Moving beyond compliance
A. Purpose
B. Scope and Structure
C. Establishing
2.4 Preparations for an effective
system
The steps set out within figure 4 can help define the
SMS purpose and a supporting scope and structure
can be created or revitalised. The building of a clear
SMS purpose can provide an opportunity for a fresh
look at the safety arrangements of the organisation.
In beginning this task there is a need to take stock of
the safety risks involved in organisational activities,
and of the SMS role in managing them. The following
questions will help clarify the situation:
•
Who is at risk from the activities?
•
What part does the organisation play in controlling
those risks?
•
What part does the organisation play in controlling
risks generated by the activities of others?
•
What are the current levels of those risks and how
are they changing?
In some circumstances after following the steps in
figure 4, the organisation may retain its current purpose
deciding there is no need for a change. However, it will
be reassured that alternatives have been considered
and that the SMS in use is currently the ‘best fit’ for the
organisation.
In figure 4 A and B represent the concept phases to
plan a purpose, scope and structure for a system (in this
case an SMS) and C, a method for establishing it.
A. Purpose
A.2 Views of use
A.1 Testing
boundary
options
A.3 Internal
interfaces
A.4 Environment
including external
interfaces
B. Scope & Structure
B.1 User needs
B.2 System delivery
B.3 Design stage
B.4 Documentation
C. Establishing
C.1 Decision
C.2 Gap analysis
C.3 Managing changes
C.4 Promotion
C.5 Ongoing adjustments
Figure 4: Preparations for an effective system
www.rssb.co.uk
Page 15
Section 2 - Shaping the system
A.1 A.2 A.3 A.4 B. Scope and Structure
A. Purpose
To determine the SMS boundary the organisation may
ask:
A. Purpose
•
Is the SMS a road map to documents, the creator of
documents or both?
•
In which areas is it being expected to guide and in
which will it drive?
•
What are the areas of control and required
conformity?
•
What are the areas of possible or necessary
influence?
•
Is the purpose of the SMS to permeate the
disciplines of operations and engineering, or is it to
connect them through defined interfaces?
•
What interfaces need to be built up? Are these
interfaces to be formal or informal?
•
Is the SMS a facilitator of communications?
•
Will communications pass more freely if third parties
such as contractors are within the boundary of the
SMS or outside?
•
What other functions of the business are included
and how?
A.2 Views of use
A.1 Testing
boundary
options
C. Establishing
A.3 Internal
interfaces
A.4 Environment
including external
interfaces
A Purpose
To develop an SMS purpose that can deliver the most
benefit to the organisation, various factors that influence
what can be achieved should be considered.
A.1 Testing boundary options
For an organisation to decide its purpose, it could
consider defining what it intends the SMS to do,
including what components are going to be part of the
SMS and what is to be outside it. This is called setting
the boundary.
The boundary:
The SMS does not have a shape or form set in stone.
Establishing a boundary allows the SMS users to define
what is going to be directly managed by the SMS and
what external conditions there are that will affect the
SMS and may require interfaces.
Systems have boundaries; without them, they cannot
be thought of as systems. These boundaries should
be recognised, understood and managed. Where the
system ends is often not obvious and therefore needs
to be debated, iterated and decided, in order to be
managed.
During consideration of the boundary, the organisation
should consider what the inputs, actions and outputs of
the SMS are to be.
Page 16
SMS Principles: Moving beyond compliance
A. Purpose
A.1 A.2 A.3 A.4 B. Scope and Structure
A.2 Views of use
Individuals have established agendas that underpin
their activities. These are informed by their personal
experiences, needs and goals and may differ widely
across an organisation. Understanding the mix of views
is important when establishing a boundary that makes
sense to SMS users and engages more of them.
Example...
Different views of level crossings
This example shows that to deliver a system
that all can buy into, the views of as many
stakeholders as possible should be understood.
Over many years the railway and highway
authorities have struggled to agree the most
effective safety management arrangements for
level crossings. Many rail transport operators
feel the burden is entirely on them to try and
manage this significant risk, despite it being
created in large part by the behaviour of road
users such as motorists.
However, in road safety terms level crossings are
a tiny proportion of the risk so are not a major
priority for highway authorities. While railways
have an obligation to consider the impact of
their activities on others who are not rail users,
highway authorities’ duties are focused on road
users rather than on others.
To understand the view of the user, the organisation may
ask:
•
How will different groups of people react to the
SMS? For example, how will engineers react to the
SMS? Does it conflict with their professional body of
knowledge?
•
Will the supplier/contractor see being part of the
SMS as an advantage or a hindrance?
•
Does the boundary include employees by name only
or does it really want active participation?
•
If employees are included will they react any
differently than if they are the passive recipients of
processes, rules and standards?
www.rssb.co.uk
C. Establishing
•
Which boundary will best enable the idea of the
SMS to permeate the organisation?
•
Why does a particular function benefit from
interacting with the SMS?
A.3 Internal interfaces
The SMS will cover a number of different business
and organisational processes, as well as functions and
departments it interfaces with and influences.
Functions such as engineering tend to have qualified
professionals with well-defined approaches and
traditions of their own that have evolved over a
long period of time. In such cases, the SMS may
be considered as a side-issue, something which is
delivered by ‘other departments’. Therefore extra effort
may be required to ensure the right level of involvement
of such groups in the development of the SMS.
The organisation should clearly establish where and
how the SMS will interface with other organisational
activities. With regard to engineering, it could be with the
activities guided by documents such as EN50126: The
specification and demonstration of reliability, availability,
maintainability and safety or Engineering Safety
Management (The Yellow Book) and with processes
such as safety verification.
These recognised interfaces are important because the
organisation’s SMS, although attempting to manage all
organisational safety requirements, can have inherent
bias towards particular aspects of safety.
This is because:
•
Functions might specialise in one form of safety but
not link up with others
•
Measures or knowledge appear comprehensive but
only partially cover the organisation’s activities
•
Individuals are biased to areas where competence is
already established
•
Culture and behaviours are thought to be uniform,
but are not
Page 17
Section 2 - Shaping the system
A. Purpose
A.1 A.2 A.3 A.4 B. Scope and Structure
Example...
The Texas City Oil Refinery disaster
This example illustrates the importance of
ensuring a clear and established link between the
SMS and engineering functions.
The Texas City Oil Refinery disaster in 2005 killed
15 people and injured 200 others. The resulting
report (Baker, 2007) highlighted the effect that
organisational bias can have on an organisation’s
SMS arrangements.
BP put significant effort into safety; however,
there was a distinct bias towards personal safety,
whereas it was a lack of engineering safety which
eventually led to the accident.
Other contributing factors included:
•
Poor governance and assurance leading to
overconfidence and neglect
•
Poor leadership in process safety
•
Loss of competence in technical areas
•
Poor use and balance of indicators
Because of the variety of disciplines and activities of
an organisation, the full implications of the SMS cannot
be managed or understood by one person alone. It
takes understanding and effort across departments
and between organisations (including contractors and
suppliers) to manage the SMS.
C. Establishing
A.4 Environment
The environment refers to everything which lies outside
the SMS boundary, and it is within this that the SMS
needs to establish itself.
The development of the SMS purpose needs to
recognise the pushes and pulls its environment creates
if it is to establish its relevance within the organisation.
Stakeholders (including customers) will have a
significant impact on the environment as they are the
ultimate judges of the performance of the company, part
of which will be driven by the SMS. Solely satisfying
internal indicators of performance means little if the
groups who rely on the organisation’s output, or
contribute to its revenue or funding, are unhappy with
the organisation’s approach and delivery of products
with regards to safety. The organisation needs to identify
stakeholders and customers and their relevance to the
SMS as a first step towards understanding their needs.
In reality the picture is complex and depends on levels
of interest and influence that can become stronger or
weaker depending on other environmental conditions,
such as costs and recent events.
Costs to the organisation can increase either when
irrelevant needs are catered for (perhaps because of
unnecessary bureaucracy) or when relevant needs are
missed (such as contractor/supplier requirements). SMS
integration in the right areas will ultimately depend on
satisfying the organisation’s customers.
Hazards do not recognise silos or functional divisions,
despite the fact that an organisation’s structure and work
tasks may do.
To encourage cooperation across interfaces, refer to the
systems thinking principles section discussed in 3.3.2
Management Style.
Page 18
SMS Principles: Moving beyond compliance
A. Purpose
A.1 A.2 A.3 A.4 B. Scope and Structure
C. Establishing
Example...
Organisational failure at Mid-Staffordshire
NHS Foundation Trust
Other contributing factors to this organisational
failure include:
This example highlights that the system has to
produce outcomes which satisfy customers rather
than just internal indicators of performance.
•
Poor governance
•
Disconnected management style and
approach
•
Lack of workforce participation
•
Poor use of targets and measurements
•
Poor cooperation and communication
Concerns about mortality levels and the standard
of care provided at the Mid-Staffordshire NHS
Foundation Trust resulted in an inquiry into
the activities of the trust. This inquiry gave
rise to widespread public concern and a loss
of confidence in the Trust, its services and
management. The evidence gathered by the
Inquiry (Francis, 2010) showed that:
•
Basic elements of care were neglected
•
Staff were dismissive of the needs of patients
leading to injury and loss of dignity
•
Staff failed to make basic observations and
pain relief was provided late or in some
cases not at all
•
Patients were too often discharged before
it was appropriate, only to have to be readmitted shortly afterwards
•
Poor standards of hygiene
The Trust’s board was found to be ‘disconnected
from what was actually happening in the hospital
and chose to rely on apparently favourable
performance reports by outside bodies such as
the Healthcare Commission, rather than effective
internal assessment and feedback from staff
and patients’. There was said to be a focus on
systems, not their outcomes. The purpose of
a system is to deliver outcomes that satisfy its
customers.
www.rssb.co.uk
RSSB has produced a summary of the inquiry;
see page 70 onwards for the full reference.
Legislation creates obligations that the organisational
SMS is required to meet. These requirements and the
continuing changes to legislation relevant to the work
undertaken by the organisation, need to be identified
and integrated by SMS processes and competent
people.
These amendments (or pending changes to legislation)
need to be communicated in a targeted way to those
that need to put them into practice. Managers may also
take account of supporting approved codes of practice
and guidance, where applicable.
Page 19
Section 2 - Shaping the system
A. Purpose
A.1 A.2 A.3 A.4 B. Scope and Structure
Standards agencies use the achievement of standards
such as OHSAS 18001 to show a level of SMS
attainment akin to HSE guidance such as HSG65.
These standards can also provide some competitive
advantage in potential contract awards. Following
ROGS, ORR is to increase the focus of its interventions
beyond paper-driven compliance towards the SMS ‘in
practice’. However, SMS holders may still experience
the allure of awards presented by organisations
providing more theoretical, paper-based standards.
They may therefore continue to focus on paper-based
structures that are easy for standards agencies to audit.
Business objectives and strategic integration of
safety management should be seen as part of business
management. This means the SMS’s purpose should
readily align with the over-arching organisational
business objectives. Where possible, direct links should
be made between business objectives and what the
SMS will deliver. Safety activities should also be linked
to local or functional business plans to help promote the
SMS throughout the organisation.
Business objectives also need to recognise how
the SMS contributes to a sustainable organisation.
Misconceptions of conflicts between safety bureaucracy
and business survival should be dispelled.
Holistic views of the business like this will contribute
to strategic integration. This means the independent
components of an organisation are integrated into
combined effort. Its activities are closely linked to
developing integrated management systems.
C. Establishing
Integration is not just about the creation of crossfunctional teams and mindsets for organisational
improvement; it requires an appreciation of other
professions and recognition of the benefits that can
be attained when they work well together through a
combined perspective. For example, the purposes of
HR, safety and the operational managers need to be
mutually understood to build a competency management
system that really delivers.
These themes are all explored within this guidance
and they are easily transferred beyond the discipline of
safety. What will make the SMS effective is to be clear
on what defines good quality safety practice and what
different parts of the organisation need to do to achieve
this.
Further reading...
The NASA Systems Engineering Handbook is a
technical engineering document that may prove
helpful. Systems Engineers are beginning to
use some of the ideas covered within System
Design beyond ‘hard’ systems to also apply when
managing ‘soft’ organisational systems.
The document also covers:
•
Interface management
•
Configuration management
•
Decision analysis
National Aeronautics and Space Administration:
‘NASA Systems Engineering Handbook’
See page 70 onwards for the full reference.
Page 20
SMS Principles: Moving beyond compliance
A. Purpose
B. Scope and Structure B.1 B.2 B.3 B.4
B. Scope & Structure
C. Establishing
For example, a user need may be: ‘for our train drivers
to provide a safe train service’.
User needs may also include:
B.1 User needs
B.2 System delivery
•
The operational environment such as the geography
of the area covered, densities of use, attitude and
education of staff, etc
•
Business objectives which should define the
interaction between the business and the SMS –
these are just as important as general user needs
B.3 Design stage
B.4 Documentation
BScope and Structure
Once the purpose of the SMS has been considered and
provisionally agreed, the organisation can build on it by
identifying a supporting scope and structure.
This may involve identifying:
•
A set of user needs for the SMS
•
The system delivery requirements to meet the user
needs
•
A design stage to achieve system delivery
•
The formal documentation of plans
B.1 User needs
Building on the identification of the SMS customers in
defining the purpose (A), this next step in the process is
understanding how best to meet their needs. Interviews
and workshops could be used to elicit this information.
On each occasion those working with the SMS are
attempting to develop profound knowledge of the SMS;
what it involves, how it works, who is involved, what
individual aspirations there are and most importantly
what is realistic to achieve.
User needs should be understood and documented as
completely as possible but they should be kept short,
non-technical, and be understandable to all users.
www.rssb.co.uk
It is important that the development of solutions to the
users needs are dealt with at a later stage and that
the users do not become waylaid by trying to think
of a solution to the need before properly establishing
exactly what their requirements are. This is so that the
organisation does not become constrained or biased
towards one potential solution but instead, through
developing a thorough understanding of all user needs,
other solutions may arise that may more fully address
them.
B.2 System delivery
System delivery identifies the requirements for what the
SMS must do to overcome challenges to meet requests
created by user needs. They state the essence of
what the SMS must do, but not how it is done – this is
developed further in B.3 ‘the design stage’.
For example, it may be established that the SMS must
deliver ‘Train drivers who are competent to standard
X’. However, it is not explicit in defining how these are
achieved. By addressing these stages separately,
organisations can design to match the capability
needed, rather than be tempted to leap forward to
outcomes that that have not been fully thought through.
At the system delivery stage, controls to the possible
solutions are introduced so that the answers arrived at
are usable. These controls may be:
•
Legal requirements
•
Learning from operational experience
•
Quality requirements
Such controls help funnel the way so responses and
solutions are developed, to ensure they are fit for
purpose.
Page 21
Section 2 - Shaping the system
A. Purpose
B. Scope and Structure B.1 B.2 B.3 B.4
B.3 Design stage
function correctly, understanding and control can be
lost. They include: organisation and responsibilities;
communications; cooperation; monitoring, and
review.
At the design stage the organisation may:
•
Produce a design structure that links the user needs
with the system delivery
•
Identify the various parts required to meet the
design
•
Identify how the various parts will interact to create
the system required
For example: the design stage may suggest ’a list of
all train drivers needs to be produced and kept up to
date, standard X needs to be obtained and taught to the
drivers, a competence programme needs to be delivered
by driver managers‘.
Discussion point...
Case study reviews
To assist with the designs being developed, case
study reviews can be used to better understand
the benefits and challenges of the various options
that may be generated. This may be completed
by gathering a number of experienced employees
together that have a stake in a particular issue
and asking them to read through three or four
case studies that have been created, which are
credible as possible designs for a solution. The
thoughts of the experienced personnel regarding
the case studies raised should then be recorded
and used to help formulate decisions.
It may be useful to approach the design stage by
addressing four main areas the SMS should influence:
1) Business process arrangements are the reason
the business is in operation. Their successful
management relates directly to the success of the
organisation. They should have integrated safety
practices, so that they are safe but still perform well.
The other areas should assist with this integration.
2) Organisational arrangements make the
organisational system work. These arrangements
are the connections and feedback mechanisms
that make the organisation aware of what it is trying
to do and how it is performing. When they do not
Page 22
C. Establishing
3) SMS enablers are the components which put the
SMS into action. They are the activities that should
be carried out within the organisation to assist
organisational safety. Components such as risk
management, change management, and accident
investigation fall within this topic. SMS enablers
should be used when required to apply safety
principles to other processes or during the course of
work.
4) Safety specific arrangements include components
such as fatigue, noise, Hand Arm Vibration (HAVS)
etc that should be directly put into place as safety
arrangements.
B.4 Documentation
Documentation of the SMS should have a clear and
logical structure. The main areas covered may include:
•
System structure
•
System behaviour
•
System layout
The three areas are closely related and have some
overlap but for ease of use it can help to describe them
separately.
It may be easier to start by documenting the main SMS
deliverables and then to build on this whilst trying to
avoid making the structure too complex.
System structure covers what the major structures
of the SMS are, how they are organised, and what
relationships exist between them. This will present a
static view of the SMS.
System behaviour covers the interaction between the
various SMS parts and highlights the main behaviours
expected, such as:
•
Major system processes
•
Data flows
•
Assurance processes
SMS Principles: Moving beyond compliance
A. Purpose
B. Scope and Structure B.1 B.2 B.3 B.4
System behaviour processes from end to end across the
whole of the system should be considered, covering the
effects that one part of the system can have on another
further down the line.
System layout will describe how the system is applied
to the organisation. It will highlight things such as:
•
How information is accessed (for example via an
intranet, who has access to what)
•
Where training is managed
•
Which groups will exist to actively participate in and
enhance the SMS activities
•
Which meetings are being used to discuss safety
issues
www.rssb.co.uk
C. Establishing
By documenting the system layout, the organisation
will be able to identify clearly the infrastructure that is
needed to meet the SMS design.
These three areas can also be summarised in a form
that can be passed to the governance body and/or
employees to help them understand their role within the
system. For employees, it might identify such things as
the hazards they are exposed to through documenting
and distributing information on hazard paths and
barriers.
Page 23
Section 2 - Shaping the system
A. Purpose
B. Scope and Structure
C. Establishing
C.1 C.2 C.3 C.4 C.5
Further reading...
C. Establishing
There are frameworks available that can prove
helpful when making a decision on whether to
proceed with a scope of work. Such as:
C.1 Decision
RSSB: ‘Taking Safe Decisions’
C.2 Gap analysis
C.3 Managing changes
National Aeronautics and Space Administration:
guidance on decision analysis is found within –
‘NASA Systems Engineering Handbook’
See page 70 onwards for full reference
C.4 Promotion
C.5 Ongoing adjustments
C.2 Gap analysis
C Establishing
By following the suggestions contained within sections
A and B, the organisation will be able to come to
a decision about the concept purpose, scope and
structure of the SMS.
This is a significant step and the work and effort gone
into getting this far should not be underestimated or
undervalued, even if a decision is made for ‘no change’.
In order to do justice to the work conducted to this point,
a structured and considered process should be used to
decide whether to go ahead with any changes and to
ensure that the system is faithfully implemented as per
its design.
C.1 Decision
Once a clear purpose has been reached and scope and
structure agreed, a decision needs to be taken in order
to take the proposed new system from concept through
to reality.
This could be achieved through developing a formal
business case or may occur naturally because the
timing is right for the organisation.
Page 24
Following a decision to go ahead with a different SMS
purpose, scope and structure it is most likely that a gap
analysis will need to be undertaken to establish the
difference between current and desired usage.
During the gap analysis, it will be important for
management to distinguish between what it perceives
it is currently achieving through the SMS it is using and
the stakeholders’ and customers’ experience of it.
Gaps will be identified across themes such as:
•
Physical attributes: the SMS has the correct
procedures, personnel, equipment etc
•
Reliability: the ability of the SMS to perform the
promised service dependably, accurately and with
quality
•
Responsiveness: the ability of the SMS to respond
to the requirements of its customers
•
Assurance: the reliable level of assurance the SMS
provides the organisation in regards to safety
•
Participation: the amount of activity the SMS
creates in practice in order to manage safety
The gap analysis should:
•
Define what the organisation is trying to find out and
where it is going to find it out
•
Determine the key expectations across of the SMS
•
Use key performance indicators, audit reports,
field reports, assurance activities and regulator
interventions to produce data on any gaps
SMS Principles: Moving beyond compliance
A. Purpose
B. Scope and Structure
•
Analyse the results
•
Decide on actions to close any gaps
C.3 Managing change
By looking again at the purpose of the SMS and
attempting to align it to more effective forms for SMS
content, a number of changes can become apparent.
These may not cause immediate significant change
as improving effectiveness can be about a change
of approach and mindset that leads to incremental
improvements.
The pace of any desired changes may also be slow, as
those working with the SMS look for the most opportune
moments to instigate plans along with new business
projects or changes in approach elsewhere within the
organisation.
However, it is essential that an organisation is
awake to the possibility of change and the impacts /
consequences it may present. Significant change(s)
should follow a considered change management
process.
Significant change can be identified by the following
criteria:
•
•
Failure consequence: credible worst-case
scenario in the event of failure of the system under
assessment, taking into account the existence of
safety barriers outside the system
Novelty used in implementing the change: this
concerns both what is innovative in the railway
sector, and what is new just for the organisation
implementing the change
•
Complexity of the change
•
Monitoring: the difficulty in monitoring the
implemented change throughout its use and taking
appropriate interventions
•
Reversibility: the ability to revert to the system
before the change
•
Additionality: assessment of the significance of the
change taking into account all recent safety-related
modifications to the system under assessment and
which were not judged as significant (ERA, 2009)
www.rssb.co.uk
C. Establishing
C.1 C.2 C.3 C.4 C.5
In all cases where change is required, measures
implemented should be proportionate to the risk(s) they
present. The signpost box highlights detailed change
management guidance available.
Further reading...
To find out more about change management it
may be useful to refer to the following guidance:
For managing organisational change –
International Atomic Energy Agency: ‘Application
of the Management System for facilities and
activities’
For a good understanding of the legal
requirements and management of change –
European Rail Agency: ‘CSM Risk Evaluation
and Assessment, ERA Guide for Implementation’
For a good understanding of how change is
managed within the nuclear industry –
International Atomic Energy Agency: ‘Managing
change in nuclear utilities’
See page 70 onwards for full references.
C.4 Promotion
Senior management should promote and encourage
discussion within the organisation about the SMS
purpose that has been developed.
A publication of the purpose and senior management’s
stated commitment to deliver it could be aimed at
employees to grab their attention and encourage
widespread understanding. It should also be made clear
to everyone how they will contribute to the purpose.
An effective employee reporting and feedback system
may be made available to understand the effects of the
conscious purpose in practice.
Any competency needs and resource requirements to
implement and maintain changes identified by the new
purpose should be recognised.
Taking steps towards fulfilling the purpose in practice is
not likely to be easy nor without setbacks. This should
also be made clear to everyone, and the progress
being made against the purpose made visible through
updates.
Page 25
Section 2 - Shaping the system
A. Purpose
B. Scope and Structure
C.5 Ongoing adjustments and
refinements
It is almost certain that the SMS ideas developed on
paper will not perform exactly as expected in practice;
this is perfectly natural and acceptable.
When data and field information highlights where the
SMS does not perform as expected, it will be easier to
identify where this is occurring if the purpose has been
consciously developed.
Reviews can provide the opportunity to identify and
discuss any issues and ideas that emerge as a result of
the SMS’s purpose. The purpose itself should also be
reviewed from time to time to maintain its relevance and
currency within the organisation.
Treating the purpose in this way encourages clarity and
conscious development.
2.5 Conclusion
An SMS needs to change with time. But some parts
of the rail system – in particular a strong compliance
culture, and a recent history of voluminous safety case
documentation – make change difficult to implement and
can be a double-edged sword, stifling innovation.
Strengths in current GB safety performance trends
provide a good place to start. However, it is possible
to derive a lot more benefit, both to the individual
organisation and the railway as a system, if there
is more conscious effort invested in SMS design.
Establishing a clear purpose, scope and structure will
help with this.
SMS design can empower the entire workforce to deliver
continuous improvement in safety performance, as an
integral part of the organisation’s over-arching business
objectives.
The design also needs to be sensitive to existing
‘compliance cultures’ which can over-emphasise the
prescriptive dimension of safety management and stifle
the opportunity to innovate and increase competence.
In section 3, the guidance considers how, having tailored
the SMS to the organisation; it can be made to work
effectively in practice.
Page 26
C. Establishing
C.1 C.2 C.3 C.4 C.5
Summing up:
•
Preparations for an effective system include defining
a clear purpose, scope and structure and a method
for establishing the system in practice
•
For a system to be effective it must have a clear
purpose and also a defined system boundary to
establish what should and should not be included
within it
•
An SMS that has an ill-defined purpose will often not
fit the organisation’s structure, philosophy and aims
or recognise and take into account ever changing
risk factors
•
Working to arrive at the most appropriate purpose
and boundary by understanding many views of use
can mean that many more people have a stake in
the success of the SMS. However, the purpose will
need to be clear to all
•
It is essential that senior managers understand and
accept their roles and responsibilities in creating the
environment for the SMS to succeed
•
If senior managers do not understand or back a
well–defined purpose for the SMS they stand little
chance in taking workers / contractors / suppliers
along with them and being effective in practice
•
Safety risks appear very differently when viewed
from different stakeholder perspectives, and railway
organisations need to think carefully about the part
others play in creating and managing risks when
devising their own SMS
•
The SMS and business objectives should be
aligned to facilitate SMS integration into the wider
organisation
•
User needs should be identified and documented in
a way that is understandable to all
•
The design stage of an SMS may be approached
by understanding business process arrangements,
organisational arrangements, SMS enablers and
safety specific arrangements
•
Gap analysis can help establish differences between
current SMS usage and the desired SMS usage
•
Managing change is part and parcel of improving the
effectiveness of the SMS
•
Ongoing reviews of, and where necessary
adjustments to, the SMS are essential to keep the
system effective
SMS Principles: Moving beyond compliance
ovin
g be
nd co
ance
mplian
oving beyo
mpliance m d compliance movin
ond compli
beyond co
o
y
c
g
e
d
b
in
n
v
g
o
o
y
in
m
e
v
b
o
nce
beyon
ce m
oving
yond c
nd complia
d complian
moving be
ce moving
mpliance m
n
n
o
o
e
a
c
y
li
c
e
d
p
n
b
n
a
m
li
o
g
o
y
p
c
in
e
m
ov
moving b
compliance
beyond co
ing beyond
e
d
v
c
pliance m
n
g
o
n
o
in
a
y
m
v
li
e
o
p
b
e
m
c
m
g
n
o
movin
omplia
yond c
ing b
pliance
moving be
ance mov
compliance
g beyond c
eyond com
li
b
in
d
p
v
n
g
m
o
o
o
in
y
m
c
v
e
o
b
d
e
n
m
g
c
an
g beyond c
oving beyo
nce movin
ompliance
in
a
m
c
v
li
ond compli
o
p
d
e
n
m
c
m
o
n
o
y
c
e
a
e
li
c
d
b
p
mplian
beyon
d com
nce
moving
beyond co
ce moving
ving beyon
nd complia
g
mpliance
n
o
o
a
in
y
m
li
v
e
p
o
b
e
m
m
g
c
o
n
in
c
e
a
v
yond
ce mo
compli
oving
mplianc
moving be
pliance m
d complian
beyond co
ing beyond
n
m
v
o
g
o
o
y
c
in
e
m
v
d
b
o
n
e
g
o
m
c
y
in
d
n
lia
moving be
ompliance
ving beyon
liance mov
c
o
p
e
d
yond comp
c
m
m
n
n
o
o
a
c
e
y
li
c
e
d
p
n
b
n
a
m
o
oving
compli
ance
ing bey
yond co
mpliance m
ond compli
ance mov
ing beyond
moving be
y
li
v
e
p
o
b
e
c
m
m
g
n
o
in
c
a
e
li
v
c
d
p
o
n
n
yo
nce m
omplia
nd com
moving
moving be
nd complia
mpliance
g beyond c
oving beyo
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
n
y
in
a
e
v
nd
e
li
c
p
moving b
complian
liance mo
oving beyo
p
d
e
eyond com
m
n
c
m
o
n
o
y
e
a
c
li
e
c
d
p
b
n
n
a
m
g
o
li
o
y
p
movin
ing be
plianc
d com
yond c
ompliance
moving be
eyond com
ving beyon
liance mov
b
o
p
e
g
m
c
m
n
o
in
c
e
a
v
li
c
o
d
p
n
n
m
a
m
o
in
bey
ond compli
beyond co
ompliance
ance mov
y
c
li
g
e
p
d
e moving
b
in
n
m
v
g
o
o
o
y
c
in
e
m
v
d
b
o
n
beyo
oving
nce m
yon
pliance
ce moving
moving be
nd complia
mpliance m
eyond com
n
o
o
a
y
e
c
li
e
c
p
d
b
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
mo
ing b
nd co
beyond
mplian
compliance ond compliance mov
oving beyo
beyond co
e moving
c
m
g
n
in
a
e
li
v
c
p
o
n
a
m
m
li
o
y
p
c
e
vin
be
g beyond
complianc
liance mo
eyond com
in
p
b
d
v
ce moving
n
m
g
o
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
yon
movin
g bey
mplian
liance
moving be
beyond co
nce movin
ompliance
yond comp
e
a
c
li
e
c
d
p
b
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
b
o
d
o
a
n
m
ing
g beyond c
ond compli
oving beyo
y
in
m
e
compliance ond compliance mov
v
b
o
e
g
m
c
in
n
e
v
a
c
li
o
comp
ov
mplian
nce m
bey
pliance m
beyond co
ing beyond
nd complia
m
ce moving
v
g
o
o
o
y
in
c
e
v
m
d
b
o
n
e
g
m
o
c
y
in
n
e
e
v
mplia
beyo
ving b
ce mo
mplianc
beyond co
liance mo
ce moving
d complian
p
beyond co
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
b
d
o
o
n
g
c
a
m
o
in
y
ce
ond compli
ance mov
ing beyond
moving be
y
li
v
e
p
o
b
e
d complian
c
m
m
g
n
o
in
c
a
e
li
v
c
d
p
o
n
n
nce m
omplia
nd com
g beyo
mov
nd complia
mpliance
g beyond c
nce movin
oving beyo
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
n
y
in
a
e
v
e
li
c
o
b
omp
g bey
mplian
oving
nce m
g beyond c
pliance m
beyond co
ance movin
nd complia
li
m
g
o
p
o
y
in
c
e
m
v
b
o
o
d
c
n
g
m
o
d
p
in
y
n
e
v
c
moving be
eyond com
liance mo
oving beyo
b
p
d complian
e
m
g
m
c
in
o
n
e
v
c
a
c
li
o
n
d
p
m
a
n
li
m
o
mo
comp
nd co
liance
ing bey
oving beyo
yond comp
ing beyond
compliance
ance mov
e
v
m
b
o
d
e
n
g
m
c
o
n
in
y
e
a
v
e
li
c
o
b
p
n
y
m
a
g
li
com
moving be
nce movin
ompliance
yond comp
c
a
e
li
e
c
d
ng beyond
p
b
n
n
a
m
g
o
li
o
y
in
p
c
e
v
b
m
o
d
nd co
oving
mp
beyon
nce m
oving beyo
beyond co
mpliance m compliance moving
nd complia
m
g
o
in
c
e
v
c
d
o
n
n
m
a
o
li
y
p
e
e
ing b
yond
ce m
nd com
mplianc
iance mov
moving be
d complian
beyond co
oving beyo
e
n
c
g
m
o
n
y
in
a
e
v
e
li
c
o
b
p
n
m
g
a
m
b
li
o
in
c
nce mov
ompliance
e moving
a
yond comp
c
c
li
e
n
d
p
ing beyond
b
a
n
li
m
o
g
p
o
y
in
c
e
m
v
b
o
d
o
c
n
yond
nce m
com
moving
g beyo
moving be
nd complia
nce movin
ing beyond
ompliance
e
a
v
c
li
c
o
p
n
d
m
a
n
m
li
o
o
p
e
y
c
c
e
m
n
d
b
o
ing
beyon
nce m
omplia
yond c
liance mov
nd complia
g beyond c
moving be
ce moving
o
n
in
y
e
a
v
e
li
c
o
b
p
n
m
a
g
m
li
b
in
o
e
p
v
c
c
m
d
liance mo
ce moving
d complian
p
beyond co
n
n
ving beyon
a
m
g
o
li
o
y
p
in
c
e
v
m
b
o
d
o
n
g
c
m
o
in
d
mov
g bey
com
liance
beyon
ing beyond
compliance nd compliance movin
yond comp
e moving
v
c
d
o
n
n
a
m
o
li
y
p
e
e
c
b
m
n
o
g
m
a
c
vin
mpliance
g beyond
oving beyo
ond compli
o
in
y
c
m
v
e
pliance mo
o
d
b
e
n
m
c
g
o
n
y
in
e
a
v
e
li
c
o
b
mplian
oving
ing
nce m
nd comp
beyond co
ance mov
nd complia
mpliance m
li
g
o
o
oving beyo
p
y
c
in
e
m
v
d
b
o
o
n
c
g
m
o
d
y
in
n
e
e
v
lianc
nd co
g beyo
ce mo
oving b
yond comp
oving beyo
pliance m
nce movin
d complian
a
n
m
m
li
o
o
p
y
e
c
e
c
m
d
b
n
o
n
a
c
g
li
o
d
y
in
p
ov
yond com
compliance
moving be
ving beyon
e
o
d
b
e
n
mpliance m
m
g
c
o
n
y
in
e
a
v
e
li
c
o
b
p
n
m
a
g
m
movin
compli
ving
liance
yond co
liance mo
ompliance
yond comp
ing beyond
p
c
moving be
e
v
m
b
o
d
o
n
g
m
c
o
in
y
d
e
v
e
n
c
o
b
o
n
plia
oving bey
beyond co
ce moving
mpliance m
m
g
n
o
in
c
a
e
v
li
eyond com
c
d
o
p
n
n
m
a
m
o
li
y
o
p
e
c
e
ce
nd com
oving b
mplianc
beyond
d complian
beyond co
oving beyo
n
mpliance m compliance moving
o
g
m
y
in
e
e
v
b
c
o
n
g
m
a
in
li
v
mo
pliance
yond
d comp
movin
compliance
moving be
eyond com
mpliance
ving beyon
d
b
o
o
n
c
g
o
m
d
y
in
n
e
v
e
o
b
o
c
y
n
g
m
e
a
pli
moving b
g beyond c
nce movin
ompliance
in
e
c
a
v
li
c
d
o
eyond com
p
n
n
a
m
m
o
li
o
y
p
e
c
e
c
m
b
d
n
o
beyon
nc
omplia
yond c
moving
nd complia
moving be
g beyond c
ce moving
o
ompliance
n
in
y
e
a
v
e
li
c
o
b
p
n
m
a
g
m
li
o
in
p
e
c
v
c
m
yond
movin
ce mo
mplian
yond co
moving be
beyond co
d complian
ompliance
n
g
moving be
c
o
in
d
y
e
v
n
e
c
o
o
b
n
y
m
a
g
e
li
e
b
d
in
p
m
complianc
e moving
ance mov
ving beyon
li
c
d
o
beyond co
p
n
n
m
a
o
m
li
y
o
p
e
e
c
c
b
m
n
d
o
g
a
n
c
li
movin
yond
comp
g beyo
plian
moving be
nce movin
ing beyond
compliance
eyond com
e
v
a
b
li
c
o
p
n
g
m
a
m
in
li
e
o
v
p
c
c
o
n
m
d
m
a
o
v
yon
beyond c
mpliance
liance mo
ond compli
g
o
y
p
c
in
e
m
moving be
v
b
d
o
o
n
c
g
o
m
in
d
y
v
n
e
e
o
o
b
nd
g bey
oving
nce m
mplianc
oving beyo
pliance m
nce movin
nd complia
beyond co
a
m
m
o
li
o
y
p
e
c
e
c
m
b
d
n
o
n
g
a
c
li
o
in
d
y
p
v
mo
g be
beyon
d com
plian
compliance nd compliance movin
ving beyon
eyond com
ce moving
o
b
n
m
a
g
li
in
p
e
v
c
m
o
n
o
a
m
c
li
o
ov
bey
yond comp
ompliance
ing beyond
pliance m
c
e
v
m
b
o
d
o
e moving
n
g
m
c
o
in
d
y
e
v
n
e
c
o
o
b
n
y
m
yon
ing be
moving
complia
liance
moving be
ance mov
mpliance
li
yond comp
ng beyond
o
e
p
e
c
c
b
m
n
d
o
a
g
n
c
li
o
in
p
d
y
v
n
e
m
o
ce m
nd co
g beyo
omplia
oving b
d complian
oving beyo
pliance m
nce movin
g beyond c
m
a
m
in
li
e
o
v
p
c
c
o
n
m
d
m
a
o
n
li
c
o
p
e
d
y
c
mo
m
be
mpliance
ving beyon
d complian
beyond co
o
o
n
e moving
g
c
o
m
y
in
d
e
v
e
n
c
o
b
o
n
y
m
g
a
e
li
in
mov
comp
oving b
beyo
mpliance
ng beyond
pliance m
compliance
e moving
c
m
beyond co
d
n
o
n
g
a
c
o
li
in
y
d
p
v
e
n
o
m
b
o
o
y
m
g
c
ce
ompli
yond
movin
ving be
d complian
moving be
g beyond c
liance mo
ompliance
in
p
e
c
v
c
m
o
d
n
o
n
a
m
c
li
o
y
p
d
e
e
n
c
m
b
o
n
y
g
pliance m
beyond co
d complia
om
n
g
c
ce movinwww.rssb.co.uk
moving be
o
in
d
y
Page
27
e
v
n
e
c
o
o
b
n
y
m
a
g
e
li
b
in
e
p
v
mo
com
g bey
moving
mplianc
ing beyond
compliance
nce movin
mpliance
beyond co
d
a
o
g
n
li
c
o
p
in
d
y
v
m
n
e
o
o
o
b
c
y
m
g
e
p
d
nce
ing beyon
nce movin
e moving b
eyond com
v
a
c
b
o
li
n
p
m
g
nd complia
a
li
m
in
e
p
o
v
c
c
o
m
n
o
d
m
a
c
pli
yon
ce
m
nd
Section 3
The SMS in practice
Section 3
The SMS in practice
Section Overview
It is important to recognise that
it is not just the SMS ‘model’
and its constituent components
that make up the SMS, but also
how an organisation ‘lives out’
its SMS through activity and
associated behaviours.
All these factors should come together for deliberation
during the development of the SMS purpose and the
practice of safety within the organisation.
This document suggests that when you change the
way work is designed and managed, and make those
who do the work the central part of the intervention,
the safety culture of an organisation can change
dramatically as a consequence.
The ‘safety culture’ of an organisation can be defined
as: the product of individual and group values,
attitudes, perceptions, competencies and patterns of
behaviour that determine the commitment to, and the
style and proficiency of, an organisation’s health and
safety management’. (HSE Advisory Committee on
the Safety of Nuclear Installations (ACSNI)).
The principles presented in this document do not
focus on culture as something distinct from the work
or as something that can be the subject of a direct
intervention. Instead it sees the safety culture of
the organisation as an emergent property from the
activities of management (including taking a system
wide view) and their relationship with employees.
For this reason there is not a distinct section on safety
culture in this document. However, interpretations
of safety culture can provide a focus on the
frequency of key day-to-day behaviours (frontline
and management) and the extent to which these
are encouraged and supported by an effective and
flexible safety management system. It can also
highlight the shared belief in the importance of safety.
The elements in this section are here first and
foremost because they make management systems
more effective. Many of the contributory factors in
the examples of accidents and events highlighted in
section 2 further demonstrate the importance of these
ideas.
This section provides the opportunity to weigh up
alternative ideas for improvement of organisational
factors in relation to a particular SMS. It aims to help
managers make the most appropriate decisions to
improve the effectiveness of an SMS at the most
appropriate times. Within different systems some
ideas will work better, and therefore have a stronger
emphasis, than others but none are likely to be the
best or only option in all circumstances.
The contents
include:
3.1 The organisational
essentials
3.2 Management style and
approach
3.3 Monitoring SMS
effectiveness
3.4Conclusion
It is widely recognised that the elements contained
within section 3 of this document contribute to making
management systems more effective (Deming,
2000, Seddon 2003, et al). However they are often
looked at in isolation as separate entities and so not
considered collectively as a whole with regard to
system development, a key feature of this document.
Page 28
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
3.1Organisational
Essentials
Whatever the organisation’s management style, there
are some basic building blocks without which it will be
difficult to improve an SMS. These are:
•
Governance arrangements (3.2.1)
•
Organisational approach (3.2.2)
•
Company standards and procedures (3.2.3)
•
Competence (3.2.4)
3.1.1 Governance arrangements
3.3 Monitoring SMS Effectiveness
However one individual could have specific
accountability for safety in the business, and have a
higher level of safety knowledge and competence. It is
beneficial if this person is not the senior safety manager
too, so that appropriate and objective checks and
balances can take place.
Senior management will need to form a view on
the effectiveness of the SMS after due and careful
enquiry, based on information and assurances
provided. Reviewing the effectiveness of internal
control is an essential part of the senior management’s
responsibilities. Management is accountable to its
governance bodies for monitoring the SMS requirements
and for providing accurate assurance information that it
has done so.
It is important that the people who are most
closely involved with an organisation’s governance
arrangements (including functions such as management,
executive, board, trustees, funders etc) understand the
actions taken to develop the SMS and how it assists
their collective responsibility to the organisation.
Governance bodies may monitor safety performance
through the identification and tracking of suitable
health and safety Key Performance Indicators (KPIs),
and ideally should track ‘Active Indicators’ (see 3.4.2)
to enable them to monitor key controls in the SMS to
receive early warning of emerging problems.
Safety risk should be considered within governance
arrangements as a part of business risk and treated
as seriously as any other risk, such as financial
risk, commercial risk, environmental risk, and so on.
Governance arrangements should take steps to ensure
that appropriate control processes are in place and that
their effectiveness is monitored collectively.
Governance bodies should not be above reviews on
their own ability to perform in relation to the SMS. For
example, it is good practice to employ one or more
non-executive directors with appropriate knowledge
and experience to challenge a Board’s thinking and
engagement on safety.
Through participating in the SMS developments
described in section 2, governance bodies within the
organisation will understand what they want from the
SMS and how it supplies information and support to
managers to help them put safety into practice.
Building trust within the organisation should not just be a
matter of the employees learning to trust management,
but also senior managers learning to trust their
employees.
The organisation’s governance bodies need to take
clear action to allow participation and responsibility at
all levels of the organisation and to avoid unnecessary
compliance requirements and bureaucracy.
There must be clear accountabilities for safety at
governance level. All senior managers should receive
appropriate training to ensure they are aware of safety
risks and basic safety management arrangements.
www.rssb.co.uk
Enablers:
Good governance arrangements will:
•
Embed the SMS into the day-to-day
operations of the company and form part of
its wider business culture
•
Respond quickly to evolving risks to the
business arising from factors highlighted by
the communication and monitoring elements
of the SMS
•
Allow reporting measures to reach the board
to highlight any significant problems or
failings
•
Be willing to receive ‘bad news’ so that it has
a clear view of reality in the business
Page 29
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Anyone who takes part in governance or is part of a
governance body, would benefit from an introduction to
the SMS upon joining. They should understand the role
they play in the delivery of the SMS and understand the
need for consistent leadership and commitment.
3.3 Monitoring SMS Effectiveness
Further reading...
The following guidance covers information
relating to governance responsibilities:
HSE: ‘Leading Health and Safety at Work’
Example...
Revised Guidance (Turnball): ‘Internal Control:
Guidance for Directors on the Combined Code’
Senior management commitment
RSSB: ‘Ethical basis of rail safety decisions’
Along with the Train Protection and Warning
System (TPWS), an important factor in achieving
a step improvement towards reducing signals
passed at danger (SPADs) was the strong
commitment from senior management, which
was in turn felt at all levels within individual
organisations.
The Ladbroke Grove accident in 1999 revealed
the continuing reliance of the rail industry SMS
on preventing drivers passing red aspects.
A main part of the industry’s response to the
accident was to introduce a system-wide,
coherent project to reduce SPADs. This involved
an unprecedented degree of senior level
leadership from all parts of the industry – monthly
progress meetings, for example, were attended
at CEO or Chairman level by a large proportion
of train companies. RSSB provided a shared
infrastructure and secretariat for the project,
collating management reports and promulgating
best practice in incident reporting, investigation
and prevention.
The result was a rapid and sustained campaign
which has contributed to a significant reduction in
SPAD risk.
Page 30
RSSB: ‘Taking Safe Decisions’
HSE: ‘Case studies that identify and exemplify
Boards of Directors who provide leadership and
direction on occupational health and safety’
See page 70 onwards for full references.
3.1.2 Organisational approach
to the system
The SMS is an enabler for the development of safety
ideas, control, innovation and communication; however,
how well these are delivered will be significantly affected
by the type of approach used by an organisation.
Those using the SMS need to be aware of the type of
approaches to safety management they can choose for
the SMS and the overall organisational approach that
the SMS must work within.
Three types of approaches discussed here are:
•
Top down
•
Bottom up
•
Middle out
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
See table 1 on the following page for examples of these
three approaches.
Traditionally heavy industries such as nuclear, oil
and gas, and rail have top down approaches to their
organisations. They are characterised in the following
ways:
•
The thinking part of the organisation is centralised
•
Power as well as responsibility is hierarchical
•
Plans and decisions about the right way to work
within the organisation come from the top and are
applied down through the organisation
This approach will be highly standardised offering high
levels of control and uniformity across the organisation.
Input into the standards by employees will generally
be low, with perhaps some consultation with a few
employees at the centre, but little that can be seen as
meaningful beyond this.
3.3 Monitoring SMS Effectiveness
Senior managers retain much freedom within this
structure, but this decreases significantly as an
individual’s position within the hierarchy descends and
the structures from the top take effect.
Original interpretations of continuous improvement best
reflect the bottom up approach. In this instance:
•
Employees have the maximum freedom to actively
take part in the organising and delivery of the
company
•
Power is decentralised from the top; employee
participation is a necessary requirement to make
things happen and allow communications to pass
freely
•
The management hierarchy is generally much flatter,
so that much of the management role is undertaken
at the ground level
In practical situations requiring discussion and action
from employees, outcomes will often default to
compliance with a person’s position in the hierarchy
of the organisation and/or in line with standards and
procedures, rather than to the expertise of the people
who know the situation best.
www.rssb.co.uk
Page 31
Section 3 - The SMS in practice
3.1 Organisational Essentials
Traditionally
used
Characteristics
3.2 Management Style & Approach
Top Down
Bottom Up
Middle Out
Heavy industries such as
nuclear, oil and gas
Creative industries,
Automotive industry
Mixed
• The thinking part of
the organisation is
centralised
• Maximum freedom to
actively take part in the
organising and delivery
of the organisation
• The middle out approach
means that the main
inputs and flows for the
SMS come from the
middle management
level.
• Power as well as
responsibility is
hierarchical
• Plans and decisions
about the right way
to work within the
organisation come from
the top and are applied
down through the
organisation
Major
Contributors
3.3 Monitoring SMS Effectiveness
• Power is decentralised
from the top, employee
participation is a
necessary requirement to
make things happen and
communications pass
more freely
• The management
hierarchy is generally
much flatter so that much
of the management role
is undertaken at the
ground level
• The middle out approach
may use the middle
manager level to form
a version of the SMS
at a lower level within
the organisation but
which will still input
into overarching
organisational SMS
objectives.
• Below this middle
SMS, managers and
employees would have
greater freedoms to have
an effect on the contents
of the SMS and how it is
run.
Senior Managers
Employees
Middle Management
High
Low
High
Hierarchy
Competence
Both
Employee input
Low
High
Mixed
Needs neglected
Trust of bottom up
Senior Management direct
control
Attempts to balance both
Changed to accommodate
senior management, targets
etc
Original interpretations of
continuous improvement:
Engages employees from
the bottom to invest in
improvements
Uses both bottom up and
top down
Top down SMS approach
Many bottom up inputs
1 Top Down SMS + some
harmonised/ Local/Bottom
up SMS
Control
Deference to:
Continuous
Improvement
SMS Influences
Table 1: Examples of Top Down, Bottom Up and Middle Out approaches to safety
Page 32
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
If not implemented effectively however, common issues
associated with adopting this approach include:
•
Inconsistent quality control across the organisation
•
Employees overstepping the boundaries of
permissible activities
•
Limitations to centralised awareness and control
However, these challenges can be offset by high
levels of competence and understanding throughout
the organisation as well as a heavy reliance on strong
leadership and strong reporting activities.
Example...
Empowering the whole workforce
This example shows a method used to help
empower the whole workforce. However, it is
important to remember that tools and methods
will naturally follow if the right principles are used
to set up an environment for participation.
Many privatised utilities inherited rigid, rule-based
structures for decision making at lower levels of
the organisation – as indeed did the railways.
This led to numerous problems; in particular
people focusing on ‘keeping to the rules‘ rather
than ‘doing our best for the system’, even in
situations where it was clear that these were in
conflict.
To tackle this problem, some utilities reviewed
their processes and procedures and introduced,
in parallel, a ‘traffic light’ system to make clear to
staff at all levels the scope of and limits on their
delegated authority to make decisions and depart
from normal practices. Green denoted decisions
entirely within the employee’s scope, red those
not to be taken by the employee without approval
from above, and amber intermediate cases.
3.3 Monitoring SMS Effectiveness
The middle out approach means that the main
inputs and flows for the SMS come from the middle
management level. Information from this source may
be seen as more acceptable to the other levels, having
greater trust from both and being in a position to better
negotiate the needs of the top and bottom of the
organisation.
The middle out approach may use the middle manager
level to form a version of the SMS at a lower level within
the organisation but which will still input into overarching
organisational SMS objectives. This would provide
senior management with a consistency of standards and
processes below the middle as well as a reliable stream
of information about the performance of the middle SMS
to the top organisational SMS.
Below this middle SMS, managers and employees
would have greater freedoms to have an effect on the
contents of the SMS and how it is implemented. This will
enable greater participation and generate the awareness
of the safety principles created by developing and
managing the SMS at a lower level. Competence would
need to be developed in a way that creates trust and
assurance at the various levels of the organisation.
The various middle SMSs would require harmonisation
between them via the organisational SMS rather than
homogenisation.
Further reading...
For further information on how different
organisational approaches can assist the delivery
of objectives:
Environmental Change Institute: ‘Midstream and
sideways: considering a middle-out approach to
changing energy demand’
See page 70 onwards for the full reference.
In the best practice cases, these schemes were
accompanied by a general statement that no
employee would ever be disciplined or criticised
for taking a decision outside their ‘green’ scope
where they did so in the genuine belief that they
were acting in the best interests of the whole
organisation.
www.rssb.co.uk
Page 33
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
3.1.3 Company standards and
procedures
The development of company standards and procedures
influenced by safety considerations has no doubt
assisted the establishment of unprecedented levels of
safety within the GB workplace.
Some would argue that these levels of safety have
been achieved mostly because of direct legislative
intervention and technology rather than the
organisational management of safety. Whether this is
true or not, safety management that works more on
paper than in practice is a recognised challenge for
many organisations.
Company standards and procedures can set
expectations and promote consistency of approach to
safety in a company’s activities. However, rather than
an approach agreed by management, such standards
can also be mistaken for an exact representation of
how activities can be undertaken as well as an audit
trail proving safety. This misconception can lead to the
development of higher levels of safety bureaucracy in
order to fulfil the perception of greater assurance up the
chain of command while also creating less ability to put
safety improvement into practice in the field.
The SMS has a double-edged challenge in
demonstrating the theoretical commitment to safety in
company standards, procedures, indicators and targets
as well as engaging the competence, cultural and
behavioural instincts in an organisation’s employees
to be able to actually work an SMS in practice. These
requirements need to be recognised and managed by
those delivering an SMS.
When company standards and procedures are put
together it is therefore desirable to consider:
•
The role of the employee and their satisfaction with
the task
•
The complexity of the environment where the task is
to be carried out
In some standards and procedures, the role of the
employee has been reduced to a powerless ‘doer’,
either because of the false belief that it reduces
organisational costs or to increase the perception of
central control.
Page 34
3.3 Monitoring SMS Effectiveness
In this type of situation, management’s intentions are not
put into practice because the employees have become
alienated from their roles. When employees do feel
satisfied with their role it has been shown to improve
performance at work, reduce feelings of stress, and lead
to inclusion.
Organisations should look for ways of introducing
standards and work procedures without turning off
employees’ ability to think. When practical, employees
at all levels in the organisation can be trained and
encouraged to exercise their own judgment, leaving
absolute control in place for high risk activities. The
potential for continuous improvement will also be
increased under such conditions.
This flexibility to interpret some standards and
procedures can also help when the paperwork
developed cannot match the complexity of the tasks
undertaken.
For the organisation to remain viable its practice must
meet the complexity of its activities. Managers may
develop ‘tick box’ mentalities or a mentality that is only
reactive because the standards and procedures in use
cannot meet the complexity of the environment that they
are designed to operate within.
The link between those creating company standards/
procedures and those implementing them should
therefore be well understood by the organisation. The
organisation should consider in which elements the
paper or the practice is more important to enable the
objective to be met in a safe manner.
If the development of company standards and
procedures is to assist the activities of employees
in practice, then it is important for the standards to
serve, facilitate and complement the activities being
undertaken.
3.1.4 Competence
If the principles of a purposeful SMS are to be
successfully followed, then it is necessary for competent
and motivated employees to be developed at all levels
within the organisation.
Although developing competence will not in itself
guarantee safety, it will improve levels of consistency
of performance and adherence to the principles of the
SMS.
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
Organisations which can tap into their employees’ ability
to learn and increase their value on their behalf will
often derive benefits as a consequence. Competence
is central to developing a learning organisation and
continuous improvement. It also tackles issues of poor
staff performance, low morale and high staff turnover.
Competence management systems (CMS) within heavy
industries are often well established and in the case of
the GB rail industry, the management of competence is
also a legal requirement.
It is recognised within these industries that an
individual’s competence is based upon their personal
abilities, training and skills developed through
experience.
If any concerns do arise with organisational
competence, it may be because a CMS can only ever
be as good as the information that is put into it and an
understanding of how far this truly reflects competence
within the organisation.
Barriers:
The reliability of the CMS may be limited
because:
•
The CMS can become a tick box exercise
showing high activity while hiding low quality
•
Competence can be seen as ending with
training and not through the acquisition of
tacit skills and knowledge (which are harder
to monitor)
•
Inexperienced staff may be wrongly
designated as competent in the CMS as a
result of it being process driven (eg being
‘rushed through the system’)
•
Experience is seen to equate to competence
and therefore poor behaviours picked up over
time as habits are not challenged
•
Skill and staff shortages are not recognised
within the CMS
•
The CMS becomes the only focus for safety
competence neglecting the roles not covered
by the CMS
•
Managers see the training duration and costs
as being uncompensated so do not recognise
the full benefits of competence development
and cut corners where possible
www.rssb.co.uk
3.3 Monitoring SMS Effectiveness
As with the use of all data, a CMS can deceive its
users into thinking that what the system is trying to
highlight is actually the reality of competence within the
organisation. This can cause an overreliance on the
CMS as a source of information for competence instead
of building and using other methods such as one to one
development by line managers.
Many major accidents such as those that occurred at
Columbia, Texas City, Hatfield and Ladbroke Grove,
highlight failings in employee competence in those
that might usually have been deemed competent by
the organisation. This is because general competence
standards had reduced, experienced personnel had
picked up poor behaviours, or the opportunity to identify
the competence requirement was missed.
Example...
Searching out competence
The example shows that it is important to keep
improving on levels of competence.
The Sizewell B nuclear reactor was the first
Pressurised Water Reactor (PWR) to be built
in the UK. An important part of the safety case
for the reactor system was that any significant
cracks in the pressure vessel with potential to
cause failure would be able to be detected using
ultrasound scanning. But this was a relatively
novel and high-tech technology, and there were
concerns as to how reliable such ultrasound
measurements could be, even though the
competency was being managed.
To address those concerns, a facility was set up
containing a number of specially fabricated test
pieces - mock parts of a reactor pressure vessel.
Various types of defect were built into these test
pieces, with no external clues at all as to their
nature or location.
Ultrasonic inspectors who were to be employed
at Sizewell had first to come to this facility, with
their equipment, and prove that they were able to
locate and characterise defects in the test pieces.
Page 35
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Experience from what is happening at the ground level
of an organisation can become very complex as can
the knowledge of how to operate. To manage this,
tacit knowledge is developed and internalised by the
individual, which is very difficult to reproduce in training
documents as it is the craft of the employee developed
over time and through intimate experience. It is the
sort of information that is lost when an experienced
employee leaves the organisation.
The generation of these skills can only be passed/
generated through the upkeep of mentoring activities
following training and continuing throughout the
development of the employee. Levels of training can be
easily reflected within the CMS. Experience should not
be undervalued because it is difficult to show. It is vitally
important in the attainment of competence.
Barriers:
Within many organisations, the competence
requirements for the safety related activities of
managers are not as well thought through as they are
for safety critical roles, and they are not tracked within a
CMS.
It is vital for managers to hold a level of competence
in safety that shows that they understand their role in
managing it within the organisation. Safety managers
have principles, processes and tools that they work to in
order to manage safety; this creates a logical structure
behind what they are trying to achieve.
Managers with safety related activities should have
enough safety knowledge to have a defined logic to
their safety work. They will have to know the principles
behind what hazards have been identified, why barriers
to hazards are in place and their role in managing the
activities.
Enablers:
Tacit skills that are built up by experienced
personnel can be lost if:
•
3.3 Monitoring SMS Effectiveness
To be effective managers should have
competency objectives developed in line with:
The culture of the organisation creates an
environment where lifelong development is
not recognised or positively encouraged
•
The delivery of the purpose of the SMS
Poor practices are seen to be a reflection
of the individuals involved rather than
the system and therefore become an
unmentioned subject
•
Departmental or functional safety objectives
•
The desire to create effective teams within
the organisation
•
It is hard to collect worthwhile data on
mentoring activities and its success and so it
is not valued
•
Knowledge of how safety works across
functions as a system, and not in silos,
requiring cooperation and co-ordination
•
Rushed working environments make it
difficult to find the time required to provide
the assistance needed to develop and
maintain a good level of competence
•
Understanding how learning across
the organisation can assist functional/
departmental safety
•
Frequent changes of senior operational
management can cause a lack of experience
and inability to pass on learning
•
•
Reductions in staff numbers and increased
workloads can reduce the ability of the
organisation to incorporate new information
and remain competent
Page 36
If the safety role is not defined for the organisation’s
managers then:
•
They may be overwhelmed by all the eventualities
they feel they have to control
•
Managers may direct their energies towards other
activities that they feel more able to control
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS Effectiveness
Discussion point...
Having the right levels of safety competence
throughout the business
Organisations often provide prescriptive
standards for managers to supervise safety within
the organisation. To provide leadership in safety,
managers also need a level of competence to
work from.
A survey for the HSE (1997b) looking into the
chemical regulations (COSHH) found that safety
representatives were far more knowledgeable
than their managers on safety related issues. In
fact, 90% of safety representatives were aware
of the main principles of the main chemical
safety regulations, whereas over a third of
managers had not even heard of the regulations.
The survey also found that over 80% of safety
representatives had received training in health
and safety in the last two years, compared to
44% of managers.
Further reading...
For further information on competence within the
organisation:
Office of Rail Regulation: ‘Developing and
Maintaining Staff Competence’
RSSB: ‘Competence assessment and verification
standards’ (T183)
Discussion point...
The compliance/competence balance
What counts as competence may vary between
organisations because of the balance required
between the need for competence and the
observation of, and compliance to, the rules.
For some organisations the more standards and
processes there are to know and follow the less
there is a need for a level of competence of the
worker to interpret, and understand a situation or
be aware of their own limitations.
Compliance cultures should fully recognise that
the generation of standards and procedures are
not the only or final answer to achieving safety
and therefore they should increase the personal
responsibility of workers within the organisation
by trusting in leadership, competence and
professional judgement to drive the organisation
forwards.
By putting thinking into standards and procedures
and relying less on paper to make the SMS work,
employees can improve safety performance
where it has previously stagnated.
This would also reduce friction between functions
and managers as well as any issues between
interfaces, allowing the SMS to integrate further
into the organisation. A thorough analysis of the
competence requirements of the organisation can
determine where detailed compliance is required
/ is working and where there are tasks that can
allow for interpretation by competent employees.
RSSB: ‘Development of competence assessment
criteria for supervisors in safety critical roles’
(T258)
RSSB: ‘A competence needs analysis for trainers
and their line managers’ (T588)
RSSB: ‘Non-technical skills for rail: development,
piloting and evaluation of a training course’
(T869)
HSE: ‘Managing Competence for Safety Related
Systems’
See page 70 onwards for full references
Image Credit: Network Rail
www.rssb.co.uk
Page 37
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
3.2 Management style
and approach
The success of a management system depends not
just on what is done, but also on the way that it is
done. Significant future improvements in safety and
performance are likely to be unlocked through an
approach which moves away from the predominance
of a compliance culture and instead enables the right
behaviours and competence, potentially via systems
approaches.
A number of examples in section 2 highlighted some
key factors that need to be addressed in terms of
management style and approach:
•
Leadership (3.2.1)
•
Management style (3.2.2)
•
Employee participation (3.2.3)
•
Cooperation (3.2.4)
•
Communication (3.2.5)
3.2.1 Leadership
Effective leadership in relation to safety provides a clear
statement to everyone that the management of the
organisation is worth engaging with.
Leadership is not the same as management. It should
not be assumed that managers are automatically
leaders just because they have experience of a role or
have been on a training course. Overseeing compliance
to standards, targets and quotas is more akin to
supervision than leadership.
Organisations should have a clear understanding about
what effective leadership looks like for them.
Within the workplace a supportive environment for
leadership includes long term commitment, mentoring
and provision of responsibility provided continuously
so leadership behaviours have a chance to embed and
become adopted by other employees that may become
leaders one day. This includes providing appropriate
competencies and structures.
Page 38
3.3 Monitoring SMS Effectiveness
Enablers:
Leadership is often cited to provide responsibility
and authority for safety and it should be
recognised in the SMS that:
•
It is important for managers to lead from the
front when communicating the importance of
safety and set a consistently good example
•
Leadership is more than simply endorsing
a procedure or conducting a safety tour, it
is about making a demonstrable and visible
commitment to ensuring safety and welfare
•
Managers should demonstrate engagement
with employees and take their issues
seriously. It cannot be expected that every
problem will be solved each and every time;
however the manager should show the
employee that their points have been taken
seriously
•
Managers should provide staff with
encouragement with regard to working
in a safe manner and should welcome
suggestions and contributions whether
positive or negative
An important characteristic for a leader is to be
authoritative; this leader specifies a vision to work
towards and then creates an environment where the
leader can take people with them. With regards to the
SMS, this vision should be linked to the well thought out
purpose suggested in section 2.
To be able to create the right environment the leader
needs the authority and freedom to lead, otherwise the
employee’s/group’s/team’s confidence in, and respect
for, the leader may be undermined by an organisation
whose bureaucracy cannot react to the demands
required for change.
In such circumstances, the expertise of the leader
may have become subordinate to the authority of
standards and procedures that can be inflexible in
the face of complex situations faced on the ground. If
the authoritative leader cannot create change about
them, because what is really expected from them is
compliance, their enthusiasm and ability may account
for little.
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS Effectiveness
create understanding of the value and importance of
having the capability for safety in place. The leader:
Barriers:
If there appears to be a lack of safety leadership
shown within an organisation this may be due to:
•
Creates individual, team and organisational
capacities for change in safety
•
Not enough leadership training being
provided to managers
•
Communicates and makes informal connections
to create a path for change
•
The organisation not creating the
commitment and drive to lead safety within
the organisation
•
The structures used within the organisation
not being favourable to create the actions
regarded as leadership
•
Different objectives within the organisation
driving behaviours that conflict with SMS
objectives
Where there are strong organisational barriers to
management’s ability to show their leadership skills in
safety, they may look to show them in other aspects of
their role, pushing safety to one side.
Further reading...
For further information on Leadership:
Goleman, D: ‘Leadership that gets results’
HSE: ‘Director Leadership Behaviour Research’
To progress towards a good safety culture leaders will
also need to be able to:
•
Create understanding for change within
the organisation. Here the leader creates
understanding within a department/function/group
of the different views behind the need to drive for
safety and how it is going to be put into place within
the organisation
Leaders consider the initiation of the change,
and highlight the more strategic aspects to the
employees around them.
They:
•
•
Establish starting points for change
•
Design and manage the journey
•
Communicate the guiding principles in the
organisation
Create the capacity for safety. Capacity is created
by leaders within the organisation in order for a
change in approach to safety to take effect. Leaders
help develop the skills required for working with
change, through coaching or being democratic
towards others to help them develop their ideas for
safety
An important enabler of capacity building is the
power and significance of informal networks that
www.rssb.co.uk
See page 70 onwards for full references.
3.2.2 Management Style
Distinct styles of management used within the
organisation can have very different effects on the ability
of the SMS to have a positive impact. For instance,
command and control activities may excel in achieving
compliance whereas systems thinking may be better for
creating involvement.
A dominant version of either style within the organisation
is likely to limit SMS development and therefore it is
important to be able to adapt a response to the particular
needs of a situation, mixing approaches as appropriate.
The command and control delivery of management
objectives has been used by organisations over long
periods of time. It’s about exercising authority and
direction to effectively manage resources.
The authority in control:
•
Establishes the objectives
•
Determines roles, responsibilities, and relationships
•
Establishes rules and controls (standards, etc)
•
Monitors and assesses the situation and progress
Subordinates then carry out the actions required and
Page 39
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
create a flow of information to the ‘commander’ on the
success of the activities. When a subordinate is given
a task it is important for them to do what they are told
and follow the chain of command. In this way the flow of
information is linked to someone’s place in the chain.
Targets and measures may be set to gather data on the
level of work being produced and to be able to react
accordingly. This style of management lends itself to a
reductionist approach where it is felt that by reducing the
organisation’s work down to functions and departments
the work is better managed. If each part is driven to
comply or excel with their requirements independently, it
is assumed that the whole will benefit.
The use of command and control styles has, in some
organisations, created an effect whereby the freedom of
the individual to have an input into their work has been
reduced as much as possible. The reasons for this are
either to increase the control of their actions (eg to stop
unsafe acts) or to be able to substantiate claims for the
reduction in cost for the individual’s work.
This type of management may increase the sense of
control and reliability of the organisation’s delivery but
it can also create an environment where the employee
becomes disenfranchised from their work contributing to
a lack of trust, a poor working culture, higher costs and a
lack of innovation.
In contrast, systems thinking is a different
management style that can be used. It has two major
themes:
1) Understand the working environment as a
system
2) Work with employees on the system
Systems thinking considers the work to be undertaken
as a continuous flow and therefore it should be managed
as such, otherwise competing elements will eventually
reduce its effectiveness.
Within systems thinking, functions or departments need
to be continually aware of how their activities affect the
system as a whole and manage their practices to suit.
Systems thinking managers look to optimise the overall
system of work by recognising the:
•
3.3 Monitoring SMS Effectiveness
functions and departments
•
That individual functions should not act as
competing parts but rather be recognised as
interdependent functions whose delivery impacts on
the whole system
•
Contribution of individual work functions to improve
the wider system as a whole rather than meeting
their own independent needs
•
Shared goals across all functions within the system
Example...
A whole system approach to reliability
Within this example, only a whole system
approach will lead to a full apprecitation of
reliability issues and identify areas for further
improvement.
‘Although the manufacture of rails is subject to
rigorous quality control measures, these do not
extend all the way to work sites. Rails leave
the manufacturer within specification, but can
often be damaged or crippled by the time that
they arrive at worksites. These crippled rails
are installed, partly because the damage may
not be immediately obvious to the installation
team laying the track, and partly because of the
pressure to complete the work programme and
reopen the line.
The installation of misaligned or crippled rails
leads to poor track quality, which can lead to
damage to bogies and wheel sets. This will
be due to the higher contact forces generated
between track and wheels at line speed. This
is intensified by the trend to higher bogie
stiffness, and can cause the train to ‘hunt’ for a
considerable distance. This will accelerate the
rate of rail wear above that normally expected. It
may also contribute to secondary damage to the
overhead line equipment and pantograph. The
problem is increased by the level of pantograph
maintenance performed by TOCs, which renders
pantographs less tolerant to high dynamic loads’.
(RSSB Project T935 commissioned by TSLG)
Interdependences within the system and the need
to pro-actively communicate and cooperate between
Page 40
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
Further reading...
For further information on the ideas of Systems
Thinking:
Advice UK: ‘Radically Re-thinking Advice
Services in Nottingham. Interim Report of the
Nottingham Systems Thinking Pilot’
See page 70 onwards for the full reference.
Systems thinkers take a particular view about
employees that seeks to fully engage them, and to
highlight this the Theory X and Theory Y concept
(McGregor, 1960) shown in table 2 is often referred to.
Within the descriptions of the table it is not suggested
that employees are absolutely one type or another
but it is put forward that if managers generally treat
employees in accordance with Theory Y it will deliver
better returns for the business as the approach becomes
a self fulfilling prophecy.
Theory X
•
Views workers as shirkers, who dislike work
and will avoid it where possible
•
Workers must be coerced into working
towards goals set by the organisation
•
People need to be directed. It is assumed
that they are unambitious, will avoid
responsibility and seek security above all
else
•
People are self-centred and resistent to
change
•
People are generally gullible
3.3 Monitoring SMS Effectiveness
Theory Y
•
Views workers as naturally inclined to put
effort into their work, just as they are to put
effort into their play or rest
•
Workers will show self-direction in the
pursuit of organisational objectives
•
People usually accept and will often seek
authority
•
Most people are capable of using their own
ingenuity to solve organisational problems
•
Most people are only given the chance to
use a small proportion of their intellectual
capabilities in the workplace
Table 2: Theory X and Y (MacGregor, 1960)
www.rssb.co.uk
Page 41
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Improving training and competence of the workforce
further increases returns as they assist the organisation
to improve its business through the skills and abilities
they have gained.
Much the same as TQM principles, ‘systems thinking’
moves the generation of quality in a product away from
inspections and compliance towards activities that
engage the whole workforce to become mindful of their
work.
Employees are trusted with more power allowing them
to have a real say in what happens which increases
commitment, innovation and mutual trust. Their
daily experience of a task can create better detailed
interpretations for development than those of managers
removed from the task.
Systems thinking methods also move the blame for
failures or under-achievement in organisational tasks
away from particular individuals and towards the overall
system.
3.3 Monitoring SMS Effectiveness
Managers provide leadership by working on improving
the system, creating incremental changes that generate
an environment where aims are achieved because
employees are not fearful of repercussions for mistakes
as for the most part these are considered to be
generated as part of the system.
Here there is a similarity between systems thinking
approaches to working together to improve the system
and accident investigation approaches that look beyond
the individual being at fault. Accident investigators
understand that systemic organisational weaknesses or
failures can indirectly or directly contribute to accidents
and incidents. They recognise that effective safety
management is dependent on an understanding of
safety risks and then controlling these risks in an active
and systematic way. For more information, see the
Investigation guidance on the RSSB website www.rssb.
co.uk.
Discussion point...
Contrasting management approaches prior to and after an accident
Clapham Railway Accident 1
Consistent individual error
during the maintenance of
signals
Error is not identified and has
been a long held practice
Train passes faulty signal
and crashes
Investigation
Managers use command
and control activities to keep
workers to the task
Accident Occurs
Investigation: Only at this point
does management look beyond
the individual to the wider system
for fault
Reactive Management Approach
Regards workers as the
primary cause of success or
failure of a task
Workers inclined to hide
failures
Bad news is a reflection of
the manager’s ability
Systems Thinking Management Approach
Regards the system in use
as the primary cause of
success or failure
Managers work with
employees to improve the
system
Workers have more freedom
to recognise failures
Accident Occurs
Investigation: Managers and
employees are used to looking
beyond the individual for being
at fault and continue to enhance
this method of working
Management show
Leadership by improving the
system
1 The Clapham Railway Accident had many underlying causes. The error made during the maintenance of the signal is just one underlying
cause used here to highlight a specific point. For further details of the accident a link to the report is provided below:
http://www.railwaysarchive.co.uk/documents/DoT_Hidden001.pdf
Page 42
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS Effectiveness
3.2.3 Employee participation
Enablers:
Employee participation has often been cited by SMS
guidance (such as HS(G)65 and OHSAS 18001)
as a driver to improve safety and recently as a key
component of a good safety culture. The employee on
the ground is usually closer to the hazards and risks
being controlled and therefore can play a significant role
in how they are addressed.
A culture of participation may include:
•
The granting of more power to those
managers operating closely with employees
so that they can provide effective leadership
•
The creation of measurements and perhaps
removal of some targets in a collaborative
effort with the employees on the ground so
that they agree with why the measure is
needed and what it is intended to achieve
•
A will to work on improving the overall system
and not isolating failure or improvement to
individual employees
•
The removal of rivalries that create silos
and break up the performance of the overall
system
Employee participation is usually cited as:
•
Consultation in the creation of new policies and
plans
•
Involvement in risk assessment activities and job
safety analysis
•
Involvement in accident reviews and union
representation in investigations
•
Engaged working with trade union bodies
This is just a small list of how employees can be
engaged. Continuous improvement can also be used to
create employee participation in the day-to-day activities
of the SMS. The use of continuous improvement that
influenced the early principles of TQM relates to a
bottom up approach whereby employees are given the
trust, power, and freedom to have a greater say in the
development of their work.
Instead of managers inspecting improvements in at
the end of the task, employees are asked to actively
participate and to improve the management system.
To build a culture of participation, management is
encouraged to take actions that create the right
environment for the culture to thrive.
www.rssb.co.uk
This style is different to organisational cultures that
require full compliance to:
•
Senior management rules
•
The implementation of senior management’s ideas
•
Meeting senior management targets
Within this form of continuous improvement, people are
trusted to improve their work. This gives them a role to
play within the organisation that improves cooperation,
creates engagement, drive and a participative
organisational culture.
Achieving appropriate levels of employee participation
will be easier with some management approaches than
others. Systems thinking encourages employees and
managers to work together to improve the system and
therefore participation will naturally develop. Command
and control approaches may require more organised
structures because the ability to actively participate
becomes less the further down the hierarchy an
employee is.
Page 43
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Example...
Engaging with the workforce
This example shows that engaging the whole
organisation in hazard identification and
management processes can have substantial
benefits for business as well as safety.
Following an accident at a large UK water
company the organisation asked its workforce to
look again at the hazards present. A significant
proportion of hazards identified were revealed
to be ‘No safe way of doing it so actually in
practice it never gets done’. Examples included
whole buildings or premises becoming dark at
all times because no-one could change light
bulbs far beyond the reach of ladders/steps, and
large numbers of ultrasonic level detectors for
tanks and cisterns which were simply not being
maintained – in many cases these were mounted
on slender rods extending some metres out over
an opening, with no way of bringing the detector
back to a safe place to check it.
The process revealed significant gaps between
the paper plans for maintenance and what was
actually happening in practice – with significant
business implications. By failing to maintain
liquid level checks, for example, the company
had become increasingly vulnerable to failures
which could lead to millions of pounds worth of
equipment damage, all for the sake of a check
which should have cost a few pounds.
To support the philosophy of employee participation,
employees can be formed into groups in order to
develop and manage the ideas created by an SMS
at the operational level and to increase the take up of
these ideas within the organisation.
Page 44
3.3 Monitoring SMS Effectiveness
Enablers:
Groups are found to enable the take up and use
of ideas because:
•
Peer pressure and social norms influence the
individuals to follow the lead of the group
•
Participants become familiar with each other
and begin to work well as a functional unit
through loyalty and cohesion rather than
hierarchies, rules and standards
•
Direct face to face contact is made easier for
managers
•
Groups enable leadership activities
Weick and Sutcliffe’s (2007) reviews of High Reliability
Organisations (HRO) such as those used to run US
Navy aircraft carriers, have noted that in a shift from top
down structures to a decentralised structure, teams are
developed to have the competence, professionalism
and leadership to reflect the safety principles and
carry out tasks necessary to continue providing high
levels of safety. This has also led to teams being more
mindful about safety issues, allowed for the complexity
of the working environment and recognised the shifting
locations of expertise.
To form effective groups, departments or other units
may establish an SMS plan of their own that they
can respond to and have audited. This then feeds
back into the organisational SMS. This group SMS
may produce the change in organisational dynamics
required to develop the safety culture often desired by
organisations.
Smaller organisations often find that the benefits of
group activities naturally form and increase participation.
This is because there is a optimal size for groups to be
active, above which meaningful participation becomes
much more difficult.
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
Further reading...
For further information on worker participation
within the organisation:
HSE: ‘Involving your workforce in health and
safety’
Flight Safety Digest: ‘A Road Map to a Just
Culture’
Enablers:
Cooperation should be increased between those
within the organisation because the SMS fosters
behaviours whereby:
•
Employee’s involvement and competence
should increase co-operative activity
•
Employees will feel they will be treated fairly
and therefore will co-operate more
•
Trust between the workforce is increased
•
Leadership will develop the intention to cooperate on safety issues
See page 70 onwards for full references.
3.2.4 Cooperation
Cooperation both within an organisation and between
organisations will have an impact on the overall success
of an SMS in practice.
As highlighted within 3.2.2 Management Style,
management approaches such as command and control
work with a reductionist mentality where it is thought that
as long as each individual function does their part they
would see the whole being taken care of.
These approaches have created problems with
cooperation when targets and incentives are used to
increase the performance of each part individually.
These can further enhance barriers whereby functions
are incentivised to work on their own tasks rather than
co-operate on common risks, sub-optimising the whole
system.
3.3 Monitoring SMS Effectiveness
Cooperation can be further assisted by:
•
Understanding others’ needs and viewpoints
of how a situation affects them, recognising
the pressures and constraints of other roles
•
Creating shared overall purposes for those
dealing with contentious issues
•
Removal of divisive targets and managing
the system, not the individual or function
•
Fostering a management intention for win –
win opportunities instead of infighting where
managers look after their own corners
Cooperation is imperative for the system to perform well.
The performance of the overall system relies on each of
its parts knowing what it should be doing in conjunction
with the other parts.
The ultimate level of cooperation would be where
one part of the organisation is willing to sacrifice an
advantageous position in order to help another part of
the organisation improve theirs, with the intention of
benefitting the organisation as a whole.
www.rssb.co.uk
Page 45
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS Effectiveness
Example...
Barriers:
Cooperation across organisations
At a formal interface shared safety critical
requirements should be managed to avoid:
This examples shows that a lack of cooperation
and understanding between people and
organisations can inhibit good decision making
•
Wide variations between the different
organisations in safety performance
The loss of the Challenger Space Shuttle and
all its crew in 1988 was caused by the failure of
an O ring seal (CAIB, 2003). Poor cooperation
and communication can also be seen as an
underlying cause to this disaster
•
A duplication of effort and waste of resources
•
Difficulties caused by different organisations
sharing a workplace, because responsibilities
are clear and agreed
The launch had been postponed several times,
meaning that the spaceship had been left
standing outside during a particularly cold night.
Engineers and managers at Morton Thiokol,
the company responsible for the seals, held a
teleconference with NASA the previous evening
to discuss the implications of the weather. The
engineers advised that the O rings – which were
clearly identified as a top criticality component
– could only be qualified down to 12°C, but
their management, under pressure from NASA,
agreed that the launch could go ahead.
•
Unnecessary conflicts as the strength of
barriers is managed
•
Adverse effects caused across the
organisational boundary as an issue created
in one organisation effects the other
The temperature that night dropped below
freezing and the launch was delayed next
morning while ice teams worked to ensure the
rocket and gantry were clear. The Morton Thiokol
engineers’ concerns were then realised as the
tragedy unfolded.
As well as writing the interface requirements into the
SMS, the co-operating organisations may also draw
up a memorandum of understanding, use change
management processes or use contracts to coordinate
shared responsibilities.
The activities should define the nature of the hazards
and risks, type and size of operations; recognise legal
requirements as well as the duration and reassessment
of the interface.
Cooperation can help improve:
The SMS is also legally required to honour a duty
of cooperation across transport operators. Where
cooperation between these interfaces are safety critical
they should be clearly defined and may include:
•
A documented exchange of safety-related
information
•
Clear escalation channels to resolve issues of
contention
•
A way that the companies can implement the
co-operative activities within their own operating
procedures
•
The exchange of safety ideas and awareness of
risks
•
Confidence and support built between organisations
in the knowledge that the safety actions taken are
the correct ones
•
Assurance activities
It is vitally important to have strong cooperation within
the rail system because of the variety of disciplines
and specialist activities internally and externally to
the organisation. Within complex environments the
full implications of the SMS cannot be managed or
understood by one group alone, it takes effort across
the whole organisation and between organisations to
manage it.
To have a real grasp of the risk, individuals have to co-
Page 46
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
operate in an organised way that enables the awareness
of the risk to all the relevant parties. This includes
applying the right management style.
and have late responses are likely to become redundant
to those previously participating in communication
exchanges.
Further reading...
For further information on cooperation:
3.3 Monitoring SMS Effectiveness
Enablers:
RSSB: ‘Duty of Cooperation Guide’
To assist the development of good
communications:
RSSB: ‘Industry Shared Risk Database’
•
Managers should encourage and welcome
dialogue with employees by establishing twoway communications and being prepared to
hear bad news
•
The SMS has a pivotal role within the organisation in
assisting with the creation and application of safety
communications.
A balance should be struck between safety
and production in the number and location
of communications. For instance, safety
messages may be given in the working
environment and not just in offices or mess
rooms
•
Good communication builds trust and responsive
behaviours within the organisation.
Managers should be aware that visible
communications, ie their actions, can be
stronger than verbal communications
•
Inappropriate employee actions must be
managed in such a way that they are not
perceived to be reprisals related to safety
activities, injuries, or complaints
•
Managers should not allow functional barriers
to become a natural dividing line where
efforts to communicate or co-operate can be
stopped
•
One to one discussion should be regarded
as pivotal for generating understanding so
the manager can act in the most appropriate
ways. Written information in the form of
figures may give the manager an impression
of what is happening but this should support
face to face discussions that really complete
the picture of what is going on
RSSB: ‘Safety Risk Model’
Step Change in Safety: SMS Interfacing
Guidance
3.2.5 Communication
It is important to be aware of the barriers to the free flow
of communication in order to avoid and reduce their
impact.
A manager may experience the following if
communication is poor:
•
Some employees may be aggressive in reporting
problems or expressing safety concerns because
the activity makes them feel anxious
•
Some employees do not understand certain levels
of communication or may not speak good English,
therefore communications should be targeted
•
The employee may feel undervalued as a provider
of information if responses are slow
The SMS should include the development of formal
procedures for the sending and receiving of safety
documentation vertically and horizontally within the
organisational structure.
Particular attention should be given to the bottom up
communications that can be difficult to achieve under
certain management styles. Communications that are
not acknowledged, that do not receive due consideration
www.rssb.co.uk
See page 70 onwards for full references.
Although open forms of communication, may be more
easily understood by everyone, there are other forms
of communication that are not easily understood. For
example, rather than being openly communicated
some safety information only reaches employees in the
codified form of standards and procedures. Here the
Page 47
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
employee is regarded as being protected to the best
of the standard or procedure maker’s ability. However,
the hazards they are protected from and barriers put in
place to protect them may be unknown to them and can
lose emphasis over time.
Managers should consider whether the hazards and
barriers within standards should be communicated more
clearly and openly so that the users are aware of the
main hazards and barriers they are working with.
Informal communications are present throughout an
organisation but, by definition, they are done so in
an unmanaged way. Informal communications can
take place most effectively in groups where positive
behaviours can be reaffirmed and encouraged by those
with good safety discipline. However, there will be a
negative impact on the SMS and the business if informal
communication is used inappropriately, especially by
management, to resist the organisational safety culture
or universally agreed standards and processes: for
example, if a manager unofficially puts pressure on
someone to achieve production at a faster pace to the
detriment of safety.
•
3.3 Monitoring SMS Effectiveness
Management are competent in their safety role,
are consistent in what it entails and can lead the
employees to deliver safety
Unsaid communications on safety issues could be
minimised by providing clear and recorded structures
that support managers and employees to manage
complicated or unresolved safety issues rather than hold
them accountable for failure.
Further reading...
To read more on how communication barriers
and functional thinking can prevent effective
exchange of safety critical information and stifle
professional differences of opinion refer to the
Columbia accident investigation report:
NASA: ‘Volume I of Columbia Accident
Investigation Board Report’
See page 70 onwards for the full reference.
Just as critical to manage is unsaid communication.
Ideas and experiences between individuals can remain
unsaid because it appears inappropriate for those
involved to recognise its implications. For instance, the
continued breach of safety rules known by management
and employees alike may not be discussed because
each participant sees it as part of the standing informal
rules of the organisation. They therefore may not even
be conscious of these unwritten rules.
Informal and unsaid communications within an
organisation can allow catastrophic risks to build up
without their formal recognition.
Informal communications are inevitable and can play
as much of a role in a positive safety culture as in a
negative one but they will only do so when:
•
Employees are engaged with safety activities within
the organisation and believe in their need
•
Employees have been provided a role in safety
by the organisation that they wish to take on and
understand what it entails
Image Credit: Gary Blakeley / Shutterstock.com
Page 48
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS
effectiveness
3.3 Monitoring SMS Effectiveness
Enablers:
Good targets should:
If the effectiveness of the SMS is not continuously
monitored and evaluated, then the organisation has little
or no assurance over it, and it may be seriously suboptimal.
1. Be based on reliable measures
Similarly if the organisation cannot create reliable
information it may be sub-optimal but with deceptive
appearances.
4. Be specific, quantified and timebound
Effective monitoring is discussed here in terms of:
2. Have a clear purpose
3. Be clearly linked to desired outcomes
5. Be challenging but realistic
6. Be attributable
•
Targets (3.3.1)
7. Be balanced – in number, scope and
timescale
•
Safety performance indicators (3.3.2)
8. Not encourage perverse behaviour
•
The reliability of measurement processes (3.3.3)
•
Safety assurance (3.3.4)
9. Be measurable using coherent Performance
Indicators
3.3.1 Targets
Targets are a key part of managing the overall rail
system and there is a clearly established role that
organisations should be aware of:
•
Organisational targets within the SMS are a legal
requirement of ROGS
•
The Office of Rail Regulation (ORR) is required to
produce information on targets to meet Common
Safety Targets (CST) set by the European Rail
Agency (ERA)
•
Organisations feed their target activities into this
CST information
•
High Level Output Specifications have targets
•
RSSB assists organisations in the development of
safety plans
10. Take account of local circumstances
11. Take account of uncertainty
(taken from RSSB, Managing the effects of
applying targets to the GB rail industry, 2007)
An overemphasis placed on targets by the organisation
can create damaging side-effects. These effects should
be managed by those working with the SMS when
supporting senior management’s need for data with the
negative behaviours of employees that can be created
by the targets.
Targets are used by many industries and are well
liked by senior management as they can provide
a quantifiable view of the achievements of safety
within the organisation and a clear direction for senior
managers to push the organisation towards.
www.rssb.co.uk
Page 49
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Barriers:
Targets can generate the following problems
within the organisation:
•
Targets can put a cap on achievement
and disrupt the philosophy of continuous
improvement
•
The figures for targets may not be made
upon solid information
•
Targets often measure activity rather than
quality, so quality can be lost
•
The purpose of management and employees
affected can drift towards focusing on targets
and away from the original purpose of the
work
•
If the ability or worth of personnel is judged
on the comparison of targets, it can create
the perception of an unjust organisation as
there are rarely level playing fields for a fair
comparison to be made
•
The ingenuity of management and
employees to improve the system moves
away from such innovation and towards
meeting targets
•
Targets can create conflict if functions do not
integrate their activities
As a whole the SMS would benefit through the
cooperation and integration of purposes across the
various organisational functions, but without care,
targets can block this from happening.
Systems thinkers also believe that the accomplishments
of individuals (good or bad) are most often as a result
of the system and its natural variation. To use targets
to praise success and criticise the failure of employees
without knowledge of this creates feelings of unjust
behaviour.
Example...
Negative effects of targets on the NHS
The side-effects that can be generated by targets
have often been shown within the National Health
Service because of the media attention drawn by
this organisation. Extracts from a NHS review by
The Institute of Healthcare Improvement (2008)
below are illustrative.
The review identified that as the health service
did not have a clear idea of what good quality
health care meant it took a default position
whereby quality meant meeting targets. The
review suggested that targets created problems
such as:
•
The development of a culture more of fear
and compliance rather than of learning,
innovation and enthusiastic participation in
improvement
•
Nurses threatened with the sack because
targets were not met
•
Patients left at the bottom of the pile of
priorities
Barriers:
The negative effects of targets may be shown by:
•
Performance that drops off as soon as
targets are met or when hope is lost that they
can be met
•
Targets that appear to be achieved but
contribute to the loss of other beneficial work
that does not have targets or reduces the
quality of work achieved
•
The expression of unjust behaviour from the
workforce which has been created by senior
management
•
Senior management using targets to ‘kick’
those seen as poor performers
•
Targets conflicting within different parts of the
organisation
Page 50
3.3 Monitoring SMS Effectiveness
The misuse of targets was most drastically
shown when:
•
Patients in danger of jeopardising a
treatment target being met were put in a
‘clinical decision unit’ which was effectively a
‘dumping ground’ for patients in order to stop
the clock
•
Doctors were diverted away from seriously
ill patients so that they could treat ones with
minor problems in order to make the trust
look better
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
Further reading...
3.3 Monitoring SMS Effectiveness
Discussion point...
For further information on the effects of Targets:
Safety Performance Indicators
Institute for Healthcare Improvement:
‘Achieving the Vision of Excellence in Quality:
Recommendations for the English NHS System
of Quality Improvement’
An outcome indicator is a measurement of events
after they have occurred. Typically they fall into
three categories:
•
Accidents: measures of the frequency and/
or consequence of events that result in injury
or damage. For example, the number of train
collisions or the risk from slips, trips and falls
•
Precursors: measures based on events that
are not accidents but which occur in the
accident causal chain (usually because one
or more safety barriers have been breached).
For example the number of signals passed at
danger (SPADs) or equipment failures
•
Results: outcomes of an activity undertaken.
For example, inspection scores, audit
findings, observed behaviours or the pass
rate for assessments
See page 70 onwards for the full reference.
3.3.2 Safety performance
indicators
In the past, rail industry organisations have often used
indicators that show the ‘outcome’ of how the system is
functioning. This was often through indicators such as
accident statistics or the failure of components.
Although this data provides good information that should
be used to develop the SMS, it does rely on the failure
of the system for the data to be provided.
As organisations have improved their safety
arrangements and ‘outcome’ statistics have become less
frequent, safety managers have been encouraged to
also use indicators to measure the activities being used
to prevent an outcome from occurring.
These ‘activity’ indicators may be placed into processes
to highlight early on when they do not perform as
expected so that faults are picked up prior to the
negative outcome.
When ‘activity’ and ‘outcome’ indicators are used
together they provide a greater detail of prevention and
assurance than using one type of indicator on its own.
Therefore a balance needs to be arrived at to maximise
the benefits of both indicators and assist informed
decisions on safety interventions.
An activity indicator is a measurement of whether
risk control systems are in place to prevent
undesired safety outcomes. Activity indicators
allow weaknesses to be identified in the current
operations. They direct actions to strengthen
and improve processes before accidents occur.
Activity indicators show:
•
The existence of an activity, input or process
•
The level of implementation or compliance
with an activity input or process
•
The effectiveness of an activity, input or
process (this is similar to a result (outcome)
indicator)
•
The use of an activity, input or process to
identify areas of improvement
It is important to recognise that the absence or reduction
in the number or frequency of accidents/incidents does
not necessarily mean that an organisation is safe.
Moreover, even when all the key elements/components
of effective safety management are in place and
working well, safety performance can ‘plateau’ or even
decline. Therefore sustained focus is required to ensure
continuous improvement.
www.rssb.co.uk
Page 51
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Further reading...
•
HSE: HSG254 ‘Developing Process Indicators’
Step Change in Safety: ‘Leading Performance
Indicators, Guidance for Effective Use’
See page 70 onwards for full reference.
Variation within data
o Poor appreciation of variation can unnecessarily
increase workloads and costs
For further information on setting and using
indicators within the organisation:
RSSB: ‘The application of leading and lagging
indicators to the rail industry (measuring
safety performance) and associated guidance
‘Managing Safety Performance’
3.3 Monitoring SMS Effectiveness
Data does not hold an internal truth that cannot be
debated. For example, when we put forward a value
such as ‘12 driver errors this period’ it should not be
used as a fact that stands by itself. Rather the data
should be a part of a build up of information from
different sources that creates a knowledgeable idea of
what is happening.
When data is used, the context needs to be understood:
•
How reliable is it?
o Are the figures genuine?
3.3.3 The reliability of
measurement processes
In any system, it is necessary to set and measure
outcomes in order to determine whether the system
is operating in accordance with expectations, and
to identify where action may be required to improve
performance to meet these expectations.
However, in the collection and use of data, managers
should have a healthy respect for its proper use and
recognise that poor use can be a barrier to a positive
safety culture.
For data to work well for the organisation, managers
should look beyond figures alone and identify many
important features behind the data received.
The users of data should understand:
•
The limits of data
o Data has no innate meaning, only a meaning
that people attach to it. Therefore data cannot
be right or wrong, but the meanings people
place on it can
o There are many necessities to manage and
improve the organisation which cannot be
measured
•
Bias towards data
o People have inherent biases in their
understanding of data
Page 52
o Could the collection of the data be only partial?
o Do people understand what is being collected
and therefore are reporting correctly?
o Are the details of what is being collected open to
error?
•
Is it reasonable to base my interpretations upon the
data?
o Does the data actually tell me what I think it
does?
o Can the data be telling me something else?
o Does the data tell me quantity or quality?
o How much of the story is told or not told by the
data?
o Is the data driving the right behaviours?
o Do I understand variation within the system?
o Is the data conflicting?
Data is an important element in improving the system,
but on its own it does not provide a robust evidence
base for a decision.
When data is being used it should be balanced by
how far the figures can provide an understanding of a
situation with how much of a situation is not being told
by the data. Managers must be careful not to allow the
numbers to become the reality that they are actually
trying to describe.
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
Managers do not have to be professional statisticians to
be able to use data but they should understand the level
of their own ability and allow themselves to be driven by
the right principles rather than by just the numbers.
Bias towards data
In our interpretations of the data we receive we
cannot escape our individual biases that inform
our understanding of a situation. However, we can
understand the types of bias that can have negative
effects and therefore these should be managed when
working with the SMS.
Bias can take the forms of:
a) Frequency bias - this is a result of how we usually
understand internal information. We can make the
mistake of under or over estimating the likelihood
of an occurrence based on our own experiences,
rather than recognise the full experience that many
can have.
3.3 Monitoring SMS Effectiveness
Variation within data
Statistical control charts can be difficult for managers
to set up and use. However, an understanding of the
basic principles of variation can at least mitigate some
common mistakes made by people when using data.
The collection of any data about a process or a system
of work will always show levels of variation as to how
well it performs. This variation is often recognised by the
‘normal distribution’ or ‘bell curve’ highlighted by figure 5.
Variation within the process or system means
that managers need to be mindful about what
action they take when comparing only a few data
points. Continually adjusting the system when poor
performance is assumed (because of natural variation)
rather than actually happening can lead to a decrease in
the quality of the system. It can also increase the cost of
the process or system at the same time.
b) Selectivity, Conformity and Familiarity bias - all
represent a similar mistake that can be made by
people as they tend to become comfortable with a
set of information that they are usually presented
with. This means that people begin to look for the
patterns of information they expect to see whether
it be recent information, obvious evidence, or ideas
that suit and support our own. These patterns can
become very strong as confidence grows that the
conformity is correct and therefore people can
ignore alternative information that provides better
solutions or highlights new problems.
c) Group Think bias - occurs when as a group people
begin to become familiar with similar patterns of
events that suit their ideas of life. Ideas that go
against the groups are then stamped out as the
group defends the shared experiences that they
hold. This issue has been known to take groups of
highly skilled professionals in completely the wrong
direction when trying to manage a situation.
d) Overconfidence bias - shows that people can
overestimate their knowledge of a situation and
its outcome. Again this means that alternative
information is not properly considered.
www.rssb.co.uk
Page 53
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
3.3 Monitoring SMS Effectiveness
the data (via formulas) that represent the capacity of the
system.
No. of accidents
Key
= control limit
These are known as the upper and lower control limits.
In-between these lines are the common causes of
variation and although they may show different results
from one data point to the next these differences are not
regarded, to a high level of confidence, as statistically
significant.
UCL
Department
Figure 5: The Bell Curve
For instance, managers can imagine that in one month,
a figure highlighted that a team performed well, but in
the next month, the figure indicated the performance
was poor, whereas in actual fact the system has not
changed at all and the differences are within natural
variation. If managers were then to praise and blame
employees accordingly it can be seen that the team
at the receiving end may rightly feel they have been
treated unjustly – having likely put the same amount of
effort and diligence into both months.
Further, managers may put effort into developing
solutions for the difference between one month and the
other which will be wasted as the actions are likely to
correct an independent variable rather than have an
effect on the system as a whole.
To effectively improve the management system the
organisation should learn more about variation. There
are two types of variation within systems: ‘Common
causes of variation’ and ‘Special causes of variation’.
Common causes of variation fall within and form the
shape of the bell curve. They are to be expected; they
are normal and will not be removed (although the
amount of variation may be reduced). Special causes
of variation fall outside the bell curve and they should
be removed from the system to bring it under statistical
control.
To help understand variation, the statistical control chart
shown in figure 6 is often used. The data gathered is
used to construct a mean line to show the average of
the data points that have been collected over a given
time frame. Two further lines are also developed from
Page 54
Mean line
LCL
Figure 6: Statistical Control Chart
Chasing after these common causes individually is
not likely to improve the overall system. However
comparing the data across the chart will allow managers
to introduce change that makes a difference to the
system as a whole.
Over time the data collected will show variation but as
long as they are common causes it can be said with a
high level of confidence that these differences are not
significant.
Managers may wish to:
•
Work to make the upper and lower control limits
closer together so that the system in use is under
greater control
•
Lower the control levels so that overall numbers are
reduced
In Figure 6, the data point found on its own above the
upper control limit is a special cause of variation, so its
value is statistically significantly different from the values
of the common causes. It therefore requires specific
attention and individually needs to be worked on so that
the system is again brought under statistical control.
Likewise the value below the lower control limit line is
also a special cause of variation and should draw the
attention of the manager, perhaps because it highlights
an improvement or because it indicates under reporting.
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
As the use of statistical control charts can be difficult,
statisticians within the organisation may be turned to for
assistance where possible. If this help is not available
then managers should at least be aware of the principles
of variation and work with them so that mistakes are not
made when managing data and their response to it.
The manager supporting the SMS should recognise that:
•
•
•
Variation is natural; compare results over a series
of data points instead of a few to really understand
what is happening and if anything is really changing
Be patient in the reaction to what looks like common
causes of variation and try to improve the system
as a whole rather than chase individual issues. The
solutions to individual issues are likely to overburden
the system rather than improve it. Take the time to
add quality to the system rather than simply more
activity
Be quick in the reaction to special causes of
variation they reflect a lack of statistical control
within the activities reviewed and the causes should
be addressed
Further reading...
3.3 Monitoring SMS Effectiveness
threats to safety’,
RSSB Assurance Paper 2010
The application of safety assurance within the
organisation will depend on the level and depth of the
safety assurance programme and should be determined
by the level of risk generated by the organisation’s
activities. Effective safety risk management is the
cornerstone of safety assurance.
Organisations will cover assurance activities within their
SMS. However, what is classed as ‘assurance’ can vary.
A list of assurance activities grouped by the FAA are
shown in table 3.
Assurance Activities
Continuous monitoring
Employee reporting
system
Audit
Analysis of data
Internal evaluation
System assessment
External evaluation
Preventive/Corrective
action
Investigations
Management review
Table 3: FAA list of SMS Assurance Activities (2006)
For further information to help understand
variation refer to:
Nolan. T and Provost. L: ‘Understanding
Variation’
Foundation Coalition: Presentation on ‘Statistical
Quality Control’
See page 70 onwards for full references.
3.3.4 Safety Assurance
Effective organisational assurance involves detailing a
picture of safety within the organisation from a number
of targeted information sources. It is a collaboration
of processes, activities and behaviours that aim to
verify the integrity of a system and is an organisation’s
response to safety risk.
Safety Assurance can be defined as;
‘Confidence that risks, processes and behaviours are
being managed and controlled to acceptable levels
through appropriate measures that will identify potential
www.rssb.co.uk
Example...
Peer review for audit
This example shows a method of audit that can
be used to reinvigorate this much tried and tested
assurance measure.
The nuclear industry has developed a
programme to help the members of the World
Atomic Nuclear Operators organisation (WANO)
compare their operational performance against
best international practice through an in-depth,
objective review of their operations by an
independent team from outside their organisation.
The review, carried out at the request of the
plant, is conducted by an international team over
two weeks consisting of staff from other nuclear
power plants, in other words, peers of the staff of
the station being reviewed. WANO peer reviews
give members an opportunity to learn and share
the best worldwide insights into safe/reliable
plant operation, and thereby improve their own
performance.
Page 55
Section 3 - The SMS in practice
3.1 Organisational Essentials
3.2 Management Style & Approach
Enablers:
A safety assurance framework is enabled by:
•
Corporate and operational objectives
developed and implemented throughout the
organisation
•
Clarity of roles and responsibilities and
delegated authority
•
High standards of behaviour
•
Competence (skills and ability)
•
Effective communication throughout the
organisation
•
Effective monitoring and reporting
Barriers:
When assurance activities have reported
successful arrangements on the ground, but then
have been proven to be untrue through accident
investigation or further review, it may have been
because of:
•
A lack of independence in the review of the
system of management
•
The poor identification of measures to identify
how the SMS is performing
•
An inability to learn from the findings made
•
Overconfidence in one source of information
instead of using a variety of information
sources
•
Poor communications about findings that
could have made a difference
Page 56
3.3 Monitoring SMS Effectiveness
Traditional safety assurance guidance is systems-based
but with a strong focus on legislative and regulatory
compliance. It therefore tends to have strong formal
controls. However, high profile major accidents have
indicated that compliance activities alone do not
guarantee sound safety assurance.
The establishment of a safety assurance framework
without an underlying value system can encourage
compliance rather than commitment which does not
guarantee that appropriate assurance is undertaken
even if a process is in place. Appropriate values and
behaviours need to be developed and validated.
Discussion point...
Australian Assurance Guidance
The Australian Standard HB 254-2005
Governance, Risk Management and Control
Assurance highlights a view of safety assurance
that adds further ideas to the development of
assurance activities which improve the SMS in
practice.
Within this guidance the underlying value system
of the organisation is said to be managed by
inherent controls which are separated from
formal controls, where:
•
Inherent control relates to proactive
promoting of purpose, capability and
commitment throughout the organisation,
including the board. It occurs continuously
and consistently as part of normal business
practice and includes: systems thinking,
developing a learning organisation,
motivating trust and relationships and
matching competencies with objectives
•
Formal control involves assigning,
monitoring, reviewing, and reporting.
Activities that are traditionally commandcontrol style processes, compliance focused
and based upon organisational hierarchy
SMS Principles: Moving beyond compliance
3.1 Organisational Essentials
3.2 Management Style & Approach
In short, the formal controls say that you have in place
processes that can be followed and the inherent controls
are there so that those participating in the processes are
consciously going to act in accordance with them.
From the perspective of continuous improvement
and systems thinking it should also be possible to go
further. For example, activities could become more
self-sustaining if measurement and review activities are
placed with those responsible for undertaking the actual
work. This could lead to managers intervening less,
and being more selective in the use of formal controls.
Instead they could focus on being systems orientated
and testing that the SMS itself meets the required
standards.
Assurance activities can then:
•
Optimise the system by identifying areas of strength
and weakness as well as multiple causes and
effects
•
Highlight relationships across the system via its
interventions, which can then be worked upon
•
Maintain a sustainable environment for good safety
behaviours
Further reading...
For further information on the application of
safety assurance:
FAA: ‘Introduction to Safety Management
Systems for Air Operators’
Standards Australia: Australian Standard HB
254-2005: ‘Governance, Risk Management and
Control Assurance’
Information on the WANO peer review may be
found on the WANO web site
See page 70 onwards for full references.
www.rssb.co.uk
3.3 Monitoring SMS Effectiveness
3.4 Conclusion
Increasing the SMS’s impact in practice has the
potential to make systems even more progressive and
attain higher levels of maturity, as well as continuous
improvement in safety, and other aspects of the
business.
Having tailored the SMS to the organisation as
discussed in section 2, the next step is to check the
following align with the purpose, scope and structure of
the SMS:
•
Governance and organisational arrangements that
support and enable the SMS
•
Standards and procedures that empower and
support, not just command
•
Competence at management and employee level
that goes beyond simple compliance
Management style is critical to SMS effectiveness.
Railway organisations may need to blend command
and control styles with more enabling and empowering
approaches and operate across the system. A strong
focus on the success of the whole system should
permeate the organisation – silo mentalities are often
counter-productive.
The SMS needs reliable methods to monitor and
evaluate the organisation to truly reflect how well the
system is doing and how it can do better. The aim
should be to optimise the implementation of the SMS
in place, but also to understand when and if there is a
need to go back and review the fitness for purpose of
the SMS itself.
Change is inevitable and intentions to stop it are
unrealistic. However, with the principles for improvement
suggested by this guidance in mind, it is worth
noting and remembering that uncontrolled change
or complacency can have negative side effects and
includes the potential to lose what the organisation
already does well.
Page 57
Section 3 - The SMS in practice
Example...
Bias, change and the role of assurance to
maintain what the organisation does well
Summing up
•
This example shows that even well known
organisations can get it wrong. When assurance
activities do not help to manage change or allows
complacency there can be drastic consequences.
Between 2007 and 2009 a number of crashes,
injuries and deaths in America were identified
by the National Highway Traffic Safety
Administration (NHTSA) as being caused by
defects within models of Toyota vehicles. These
defects were ‘sticking’ accelerator pedals and a
design flaw that enabled them to become trapped
by floor mats, both of which created dangerous
high-speed unintended acceleration incidents.
During 2009 and 2010 Toyota began a recall
of almost 8 million vehicles and paid almost
£30 million in compensation because of these
incidents. In a statement to American Congress
Akio Toyoda (Toyoda, 2010), the president and
CEO of Toyota stated:
‘Toyota has, for the past few years, been
expanding its business rapidly. Quite frankly,
I fear the pace at which we have grown may
have been too quick. I would like to point out
here that Toyota’s priority has traditionally been
the following: First; Safety, Second; Quality,
and Third; Volume. These priorities became
confused, and we were not able to stop, think,
and make improvements as much as we were
able to before, and our basic stance to listen to
customers’ voices to make better products has
weakened somewhat. We pursued growth over
the speed at which we were able to develop our
people and our organization, and we should
sincerely be mindful of that’.
Page 58
Interpretations of safety culture can provide a focus
on the frequency of key day-to-day behaviours
(frontline and management) and the extent to which
these are encouraged and supported by an effective
and flexible safety management system. It can
also highlight the shared belief in the importance of
safety
Further reading...
On safety culture:
Reason: Managing the risks of organisational
accidents, Ashgate, Sydney
RSSB: Safety Culture Toolkit
Seddon: Systems thinking in the public sector:
the failure of the reform regime and a manifesto
for a better way
See page 70 onwards for full references.
•
Effective behavioural change is most likely to occur
when individuals have the freedom to change their
behaviour because the ‘structural’ elements provide
an environment that supports this change, instead of
being a barrier to it
•
Company standards and procedures influenced by
safety should be recognised as either assisting the
practice of workers or commanding the practice.
This will affect how they are developed
•
Developing competence will not in itself guarantee
safety but it will improve the consistency of
performance and adherence to SMS principles
•
The SMS needs to address not only how an
organisation knows that its staff have the
competence to do what they do, but also how it will
know that they are actually doing it as intended
•
Levels of training can be easily reflected within the
CMS. Experience should not be undervalued just
because it is difficult to show. It is vitally important in
the attainment of competence
•
Clear safety roles for managers make the safety
discipline understandable and controllable, reducing
stress and creating more safety activity
SMS Principles: Moving beyond compliance
•
The ability to lead should not be assumed because
a person is experienced in a role or has been on a
training course. It is a skill acquired over time with
directed effort towards clear attributes
•
Blindly following pure numbers in data can deny
an organisation the richer picture of activities
and issues that should be actively debated for
improvement
•
Where leadership traits can only be shown by
obedience to rules, its example may struggle to be
inspirational
•
Many important features of an organisation can be
difficult or impossible to measure. Do not overlook
them
•
Systems thinking is an alternative management
approach to command and control
•
•
The whole of the organisation should be more than
the sum of its parts. The organisation should focus
on optimising the whole rather than each individual
part via improved cooperation
Do not automatically assume that because there is
always a positive number on a chart in the monthly
report that it can be trusted to be reliable and
unbiased
•
Day-to-day or month-to-month variations in numbers
may or may not be significant. Make sure you have
the statistical capability to understand whether
what you are seeing is a real issue or just part of
background variability
•
Traditional safety assurance guidance is systemsbased but with a strong focus on legislative and
regulatory compliance. It therefore tends to have
strong formal controls. However, high profile major
accidents have indicated that compliance activities
alone do not guarantee sound safety assurance
•
Original interpretations of continuous improvement
relate to a bottom up approach
•
Groups working to safety arrangements that they
own can help to create leadership opportunities,
engagement and self regulation (mindful activity)
towards safety principles
•
A process to list and transfer information on hazards
and barriers to employees would greatly assist in
communicating their presence
•
Targets can sometimes lead people to optimise
a task, department or function at the expense of
the wider organisation. Sometimes optimising the
overall purpose needs an individual goal to be
relaxed or revisited
www.rssb.co.uk
Page 59
Page 60
SMS Principles: Moving beyond compliance
ovin
g be
nd co
ance
mplian
oving beyo
mpliance m d compliance movin
ond compli
beyond co
o
y
c
g
e
d
b
in
n
v
g
o
o
y
in
m
e
v
b
o
nce
beyon
ce m
oving
yond c
nd complia
d complian
moving be
ce moving
mpliance m
n
n
o
o
e
a
c
y
li
c
e
d
p
n
b
n
a
m
li
o
g
o
y
p
c
in
e
m
ov
moving b
compliance
beyond co
ing beyond
e
d
v
c
pliance m
n
g
o
n
o
in
a
y
m
v
li
e
o
p
b
e
m
c
m
g
n
o
movin
omplia
yond c
ing b
pliance
moving be
ance mov
compliance
g beyond c
eyond com
li
b
in
d
p
v
n
g
m
o
o
o
in
y
m
c
v
e
o
b
d
e
n
m
g
c
an
g beyond c
oving beyo
nce movin
ompliance
in
a
m
c
v
li
ond compli
o
p
d
e
n
m
c
m
o
n
o
y
c
e
a
e
li
c
d
b
p
mplian
beyon
d com
nce
moving
beyond co
ce moving
ving beyon
nd complia
g
mpliance
n
o
o
a
in
y
m
li
v
e
p
o
b
e
m
m
g
c
o
n
in
c
e
a
v
yond
ce mo
compli
oving
mplianc
moving be
pliance m
d complian
beyond co
ing beyond
n
m
v
o
g
o
o
y
c
in
e
m
v
d
b
o
n
e
g
o
m
c
y
in
d
n
lia
moving be
ompliance
ving beyon
liance mov
c
o
p
e
d
yond comp
c
m
m
n
n
o
o
a
c
e
y
li
c
e
d
p
n
b
n
a
m
o
oving
compli
ance
ing bey
yond co
mpliance m
ond compli
ance mov
ing beyond
moving be
y
li
v
e
p
o
b
e
c
m
m
g
n
o
in
c
a
e
li
v
c
d
p
o
n
n
yo
nce m
omplia
nd com
moving
moving be
nd complia
mpliance
g beyond c
oving beyo
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
n
y
in
a
e
v
nd
e
li
c
p
moving b
complian
liance mo
oving beyo
p
d
e
eyond com
m
n
c
m
o
n
o
y
e
a
c
li
e
c
d
p
b
n
n
a
m
g
o
li
o
y
p
movin
ing be
plianc
d com
yond c
ompliance
moving be
eyond com
ving beyon
liance mov
b
o
p
e
g
m
c
m
n
o
in
c
e
a
v
li
c
o
d
p
n
n
m
a
m
o
in
bey
ond compli
beyond co
ompliance
ance mov
y
c
li
g
e
p
d
e moving
b
in
n
m
v
g
o
o
o
y
c
in
e
m
v
d
b
o
n
beyo
oving
nce m
yon
pliance
ce moving
moving be
nd complia
mpliance m
eyond com
n
o
o
a
y
e
c
li
e
c
p
d
b
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
mo
ing b
nd co
beyond
mplian
compliance ond compliance mov
oving beyo
beyond co
e moving
c
m
g
n
in
a
e
li
v
c
p
o
n
a
m
m
li
o
y
p
c
e
vin
be
g beyond
complianc
liance mo
eyond com
in
p
b
d
v
ce moving
n
m
g
o
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
yon
movin
g bey
mplian
liance
moving be
beyond co
nce movin
ompliance
yond comp
e
a
c
li
e
c
d
p
b
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
b
o
d
o
a
n
m
ing
g beyond c
ond compli
oving beyo
y
in
m
e
compliance ond compliance mov
v
b
o
e
g
m
c
in
n
e
v
a
c
li
o
comp
ov
mplian
nce m
bey
pliance m
beyond co
ing beyond
nd complia
m
ce moving
v
g
o
o
o
y
in
c
e
v
m
d
b
o
n
e
g
m
o
c
y
in
n
e
e
v
mplia
beyo
ving b
ce mo
mplianc
beyond co
liance mo
ce moving
d complian
p
beyond co
n
n
a
m
g
o
li
o
y
p
in
c
e
v
m
b
d
o
o
n
g
c
a
m
o
in
y
ce
ond compli
ance mov
ing beyond
moving be
y
li
v
e
p
o
b
e
d complian
c
m
m
g
n
o
in
c
a
e
li
v
c
d
p
o
n
n
nce m
omplia
nd com
g beyo
mov
nd complia
mpliance
g beyond c
nce movin
oving beyo
o
o
in
y
m
c
v
e
o
d
b
e
n
c
m
g
o
n
y
in
a
e
v
e
li
c
o
b
omp
g bey
mplian
oving
nce m
g beyond c
pliance m
beyond co
ance movin
nd complia
li
m
g
o
p
o
y
in
c
e
m
v
b
o
o
d
c
n
g
m
o
d
p
in
y
n
e
v
c
moving be
eyond com
liance mo
oving beyo
b
p
d complian
e
m
g
m
c
in
o
n
e
v
c
a
c
li
o
n
d
p
m
a
n
li
m
o
mo
comp
nd co
liance
ing bey
oving beyo
yond comp
ing beyond
compliance
ance mov
e
v
m
b
o
d
e
n
g
m
c
o
n
in
y
e
a
v
e
li
c
o
b
p
n
y
m
a
g
li
com
moving be
nce movin
ompliance
yond comp
c
a
e
li
e
c
d
ng beyond
p
b
n
n
a
m
g
o
li
o
y
in
p
c
e
v
b
m
o
d
nd co
oving
mp
beyon
nce m
oving beyo
beyond co
mpliance m compliance moving
nd complia
m
g
o
in
c
e
v
c
d
o
n
n
m
a
o
li
y
p
e
e
ing b
yond
ce m
nd com
mplianc
iance mov
moving be
d complian
beyond co
oving beyo
e
n
c
g
m
o
n
y
in
a
e
v
e
li
c
o
b
p
n
m
g
a
m
b
li
o
in
c
nce mov
ompliance
e moving
a
yond comp
c
c
li
e
n
d
p
ing beyond
b
a
n
li
m
o
g
p
o
y
in
c
e
m
v
b
o
d
o
c
n
yond
nce m
com
moving
g beyo
moving be
nd complia
nce movin
ing beyond
ompliance
e
a
v
c
li
c
o
p
n
d
m
a
n
m
li
o
o
p
e
y
c
c
e
m
n
d
b
o
ing
beyon
nce m
omplia
yond c
liance mov
nd complia
g beyond c
moving be
ce moving
o
n
in
y
e
a
v
e
li
c
o
b
p
n
m
a
g
m
li
b
in
o
e
p
v
c
c
m
d
liance mo
ce moving
d complian
p
beyond co
n
n
ving beyon
a
m
g
o
li
o
y
p
in
c
e
v
m
b
o
d
o
n
g
c
m
o
in
d
mov
g bey
com
liance
beyon
ing beyond
compliance nd compliance movin
yond comp
e moving
v
c
d
o
n
n
a
m
o
li
y
p
e
e
c
b
m
n
o
g
m
a
c
vin
mpliance
g beyond
oving beyo
ond compli
o
in
y
c
m
v
e
pliance mo
o
d
b
e
n
m
c
g
o
n
y
in
e
a
v
e
li
c
o
b
mplian
oving
ing
nce m
nd comp
beyond co
ance mov
nd complia
mpliance m
li
g
o
o
oving beyo
p
y
c
in
e
m
v
d
b
o
o
n
c
g
m
o
d
y
in
n
e
e
v
lianc
nd co
g beyo
ce mo
oving b
yond comp
oving beyo
pliance m
nce movin
d complian
a
n
m
m
li
o
o
p
y
e
c
e
c
m
d
b
n
o
n
a
c
g
li
o
d
y
in
p
ov
yond com
compliance
moving be
ving beyon
e
o
d
b
e
n
mpliance m
m
g
c
o
n
y
in
e
a
v
e
li
c
o
b
p
n
m
a
g
m
movin
compli
ving
liance
yond co
liance mo
ompliance
yond comp
ing beyond
p
c
moving be
e
v
m
b
o
d
o
n
g
m
c
o
in
y
d
e
v
e
n
c
o
b
o
n
plia
oving bey
beyond co
ce moving
mpliance m
m
g
n
o
in
c
a
e
v
li
eyond com
c
d
o
p
n
n
m
a
m
o
li
y
o
p
e
c
e
ce
nd com
oving b
mplianc
beyond
d complian
beyond co
oving beyo
n
mpliance m compliance moving
o
g
m
y
in
e
e
v
b
c
o
n
g
m
a
in
li
v
mo
pliance
yond
d comp
movin
compliance
moving be
eyond com
mpliance
ving beyon
d
b
o
o
n
c
g
o
m
d
y
in
n
e
v
e
o
b
o
c
y
n
g
m
e
a
pli
moving b
g beyond c
nce movin
ompliance
in
e
c
a
v
li
c
d
o
eyond com
p
n
n
a
m
m
o
li
o
y
p
e
c
e
c
m
b
d
n
o
beyon
nc
omplia
yond c
moving
nd complia
moving be
g beyond c
ce moving
o
ompliance
n
in
y
e
a
v
e
li
c
o
b
p
n
m
a
g
m
li
o
in
p
e
c
v
c
m
yond
movin
ce mo
mplian
yond co
moving be
beyond co
d complian
ompliance
n
g
moving be
c
o
in
d
y
e
v
n
e
c
o
o
b
n
y
m
a
g
e
li
e
b
d
in
p
m
complianc
e moving
ance mov
ving beyon
li
c
d
o
beyond co
p
n
n
m
a
o
m
li
y
o
p
e
e
c
c
b
m
n
d
o
g
a
n
c
li
movin
yond
comp
g beyo
plian
moving be
nce movin
ing beyond
compliance
eyond com
e
v
a
b
li
c
o
p
n
g
m
a
m
in
li
e
o
v
p
c
c
o
n
m
d
m
a
o
v
yon
beyond c
mpliance
liance mo
ond compli
g
o
y
p
c
in
e
m
moving be
v
b
d
o
o
n
c
g
o
m
in
d
y
v
n
e
e
o
o
b
nd
g bey
oving
nce m
mplianc
oving beyo
pliance m
nce movin
nd complia
beyond co
a
m
m
o
li
o
y
p
e
c
e
c
m
b
d
n
o
n
g
a
c
li
o
in
d
y
p
v
mo
g be
beyon
d com
plian
compliance nd compliance movin
ving beyon
eyond com
ce moving
o
b
n
m
a
g
li
in
p
e
v
c
m
o
n
o
a
m
c
li
o
ov
bey
yond comp
ompliance
ing beyond
pliance m
c
e
v
m
b
o
d
o
e moving
n
g
m
c
o
in
d
y
e
v
n
e
c
o
o
b
n
y
m
yon
ing be
moving
complia
liance
moving be
ance mov
mpliance
li
yond comp
ng beyond
o
e
p
e
c
c
b
m
n
d
o
a
g
n
c
li
o
in
p
d
y
v
n
e
m
o
ce m
nd co
g beyo
omplia
oving b
d complian
oving beyo
pliance m
nce movin
g beyond c
m
a
m
in
li
e
o
v
p
c
c
o
n
m
d
m
a
o
n
li
c
o
p
e
d
y
c
mo
m
be
mpliance
ving beyon
d complian
beyond co
o
o
n
e moving
g
c
o
m
y
in
d
e
v
e
n
c
o
b
o
n
y
m
g
a
e
li
in
mov
comp
oving b
beyo
mpliance
ng beyond
pliance m
compliance
e moving
c
m
beyond co
d
n
o
n
g
a
c
o
li
in
y
d
p
v
e
n
o
m
b
o
o
y
m
g
c
ce
ompli
yond
movin
ving be
d complian
moving be
g beyond c
liance mo
ompliance
in
p
e
c
v
c
m
o
d
n
o
n
a
m
c
li
o
y
p
d
e
e
n
c
m
b
o
n
y
g
pliance m
beyond co
d complia
om
n
g
c
ce movinwww.rssb.co.uk
moving be
o
in
d
y
Page
61
e
v
n
e
c
o
o
b
n
y
m
a
g
e
li
b
in
e
p
v
mo
com
g bey
moving
mplianc
ing beyond
compliance
nce movin
mpliance
beyond co
d
a
o
g
n
li
c
o
p
in
d
y
v
m
n
e
o
o
o
b
c
y
m
g
e
p
d
nce
ing beyon
nce movin
e moving b
eyond com
v
a
c
b
o
li
n
p
m
g
nd complia
a
li
m
in
e
p
o
v
c
c
o
m
n
o
d
m
a
c
pli
yon
ce
m
nd
Section 4
System performance and maturity
Section 4
System performance and maturity
Section Overview
Having shaped an SMS that
moves beyond compliance and
has the buy-in and functionality
across the organisation, this
section looks at how it might
also be judged or tested as
evidence of achieving a certain
level of merit or distinction. It
also looks at how this external
assistance should not eclipse
the development of internal
capability.
The SMS must be designed primarily for the
organisation using it and living by it. It is a
tool that should contribute to overall business
management goals and not merely be used
to demonstrate compliance to a third party
regulator (which nonetheless will need to
inspect it).
Whether or not an organisation is excelling is
a matter of judgement, and not necessarily
something which automatically provides any
useful information to the SMS holder about
whether management is working or not.
However, for excellence to truly take hold in a
way that is in keeping with the philosophy of an
SMS that moves beyond compliance, it cannot
be driven at any expense and should be a
conscious choice made by the organisation.
Excellence is being increasingly cited by
ORR as an aspiration for the rail industry. It
is therefore fitting for this guidance to discuss
some of these pertinent ideas, highlighting
some of the thinking behind excellence and
being clear on what it can mean.
The contents
include:
4.1 Organisational excellence
4.2 The ORR approach to
safety excellence
4.3 An approach to excellence
4.4 Conclusion
The term ‘excellence’ is used widely within
business as an indicator of performance even
though the details of what it actually means
and how it will look is not always clear.
Notions of ‘excellence’ and ‘maturity’ are
attractive as they suggest a higher calibre
of performance and achievement within an
organisation.
This section aims to boost understanding
of the ideas used by other industries and
organisations to weigh up the maturity,
merit and excellence demonstrated by an
organisation and how this relates to SMSs.
Page 62
SMS Principles: Moving beyond compliance
4.1 Organisational excellence
There are many bodies that promote routes to
excellence, such as the International Institute for
Organisational Excellence, which sees itself as ‘building
world class organisations’ and the Malcolm Baldrige
Performance Excellence Programme. Historically,
the term ‘excellence’ is most often used with regard
to quality, as a way to build on quality management
standards. There are many structures suggested to help
gain this version of excellence; one way for example, is
through Total Organisational Excellence (TOE).
In a similar manner European Foundation for Quality
Management (EFQM) promotes its ‘Excellence Model’
as a proven way to bring excellence to organisations. It
was originally established to provide a European focus
on TQM.
Example...
EFQM and excellence
This example highlights the EFQM interpretation
of excellence.
EFQM recognises that regardless of sector,
size, structure or maturity, organisations need to
establish an appropriate management framework
to be successful.
The EFQM Excellence Model is said to be
a practical, non-prescriptive framework that
enables organisations to:
•
Understand their key strengths and potential
gaps in relation to their stated vision and
mission
•
Effectively communicate ideas within and
outside the organisation
•
Integrate existing and planned initiatives,
removing duplication and identifying gaps
•
Provide a basic structure for the
organisation’s management system
The Excellence Model provides an holistic view of
the organisation and determines an overarching
framework for developing sustainable excellence
Available at: http://www.bqf.org.uk/sustainableexcellence/benchmarking-types.
See page 70 onwards for web link.
A similar organisation to EFQM is the British Quality
Foundation which highlights that ‘these programmes are
a great way to demonstrate to your stakeholders that
you are committed to performance improvement and are
serious about achieving excellence’. In much the same
way as the International Standards Organisation has
attempted to bring ‘quality’ to organisations, ‘excellence’
is sold as a route to improvement.
Capability Maturity Model (CMM) is a structure used
to improve organisational performance and maturity.
It is built on quality principles and was initially used to
assess the maturity of potential software contractors.
CMM provides criteria for organisations to progress
through five levels of improvement, each time gaining a
higher level of maturity.
Following the Success of CMM, Capability Maturity
Model Integration (CMMI), was developed to enable the
use of this maturity improvement model into disciplines
other than software, for example into safety culture
maturity models.
Models are made with assumptions and simplifications
and therefore cannot be a completely accurate
representation of reality. They assist interpretation but
do not deliver a definitive answer not open to question.
To look on these models from a considered perspective
the founders of CMMI – the Carnegie Mellon University
- use a quote with regard to their work worth highlighting
here: ‘Remember that all models are wrong; the
practical question is how wrong do they have to be to
not be useful’.
The model should provide a valuable contribution to
discussions but there can be a danger that too much
reverence means that they can command them. Those
working with a model cannot be passive bystanders,
standing back and letting the tool do the work. Active
interpretation is required by those using the model and
collaborative working is needed to get the best out of it.
A model will get stronger – not because it has to be
100% correct – but because it is improved and built
upon where necessary and enables its users to come
together as active contributors to build a view of reality.
4.2 The ORR approach to safety
excellence
The search for excellence has been promoted across
many industries as well as by ORR.
ORR uses the content of table 4 to highlight its
interpretations of what excellence is and what is not.
www.rssb.co.uk
Page 63
Section 4 - System performance and maturity
It is...
It is not...
Trust
Gold plating
People and behaviours
Harming employees
Legal compliance
Having dissatisfied
employees
Transparent reporting
Blame
Two-way communication
Lots of paper
Having a strong and
continuous improvement
culture
Tick box audit
Managing risks
Inappropriate standards
and procedures
Doing things right first
time
Paying less attention to
contractor safety
Making the most of
everyone’s capabilities
Endless debate or
complex processes
Table 4: ORR vision for excellence
whilst others tick the boxes to gain accreditations for
their organisation.
As ORR will be carrying out interventions to see how the
safety arrangements of the organisation are developed
in practice, its inspectors will look to identify those with
tick box approaches. The use of the SMS will therefore
need to be made consciously and with judgement,
alongside structure and compliance.
Additionally, the bespoke SMS that suits its own
clearly developed purpose, stemming from established
guidance, is more likely to be recognised by RM3 as
being excellent. This is because its integration into
practice is likely to be stronger as the intention requires
a conscious effort and ‘fits’ the organisation.
However, inspectors may have to look beyond basic
recognised structures to the logical intentions of
the bespoke SMS and their achievement within the
organisation’s unique and complex environment. This
should be acceptable as long as actions are wellconsidered and justified.
Looking back at sections 2 and 3 of this guide will reveal
that the ORR vision resonates strongly with the ideas,
themes and approaches put forward for an SMS that
moves beyond compliance.
Indeed, the rail industry has itself developed initiatives
which are designed to promote excellence. One
example is RISAS (Railway Industry Supplier Approval
Scheme), which looks to generate gumption in the
supply chain for critical rolling stock components, and
adopt an office-to-shop floor approach to competence,
risk, management and safety culture.
ORR has provided a number of interpretations for
excellence with regard to SMSs and has a structure
for its assessment via the document Rail Management
Maturity Model (RM3). EFQM’s excellence model is
referred to in RM3. It is directly related to CMMI and
is built around SMS guidance such as HS(G)65 and
OHSAS 18001, but also has features from recent
research and accident reports.
The document and its guidance are used by ORR
inspectors to provide a consistent way of evaluating
the management arrangements required by ROGS
regulations. It looks to monitor the use of the SMS as it
works in practice.
Under previous regimes such as the delivery of ISO
standards, this type of criteria has resulted in some
organisations setting out to attempt to achieve the goals
Page 64
Further reading...
For further information:
ORR: ‘Rail Management Maturity Model’
See page 70 onwards for the full reference.
4.3 An approach to excellence
The SMS can be more effective in practice and work
towards excellence through developing learning at a
number of levels:
•
Optimisation across the system (4.3.1)
•
Understanding localised complexity (4.3.2)
•
Develop confidence within its employees to build on
this learning (4.3.3)
4.3.1 Optimisation across the
system
The system will be managed and optimised best by
following the ideas in sections 2 and 3:
•
By clearly identifying the purpose of the SMS a
statement is made across the organisation about
what the SMS is and how it should work.
SMS Principles: Moving beyond compliance
•
Activities such as leadership and participation
enabled by the organisation then strive to put the
purposeful SMS into practice. Data and assurance
activities used in the appropriate manner mean the
organisation can be set up to begin to understand
what aspects of the SMS do or do not work
System thinking then suggests looking across the
system at what effects each part of the SMS is having
on other parts to adjust them where necessary. The
SMS should be responsive to the changing environment
it works within and no single response will always be
effective.
At the system level of the SMS, those managing it
should be continually trying to get to the root cause as
to why certain effects are occurring and what elements
within, for instance, finance or engineering, need to be
managed to optimise the whole system.
The system should be continually challenged and
potential weaknesses sought out. The question to
continually ask is ‘why?’ Why has an accident not
been learned from, why are figures not truly reflective?
Understanding can then be built up about the
relationships within the system and how to get the most
out of it.
As understanding is developed about the parts within
the whole and the relationships between them (positive
or negative), the organisation can begin to build on the
positive interactions and reduce the negative features.
For example, the locations of different initiatives,
departmental objectives etc and their effects within the
organisation. Through these activities, behaviours within
the organisation become more harmonious and efficient.
Waste will also be taken out reducing overall cost.
The users of the SMS will only be able to continually
question the use of the SMS if it has created the right
environment for clear headed and objective responses
to its performance. Challenges will not be received well
if they are thought to be focusing on the performance of
individuals within the system. Instead, the organisation
should create a learning environment where the focus is
on improving the system.
As those working with the SMS attempt to balance
activities across the system it will be found that there is
not one single correct interpretation of how to progress.
Different employees within the organisation will be
operating to their own purposes (safety or otherwise).
The most appropriate way to move forward will be
to try to understand the different purposes within the
www.rssb.co.uk
organisation and progress towards a common solution.
The more the employees participate in this practice
the better the solutions will be. They are also more
likely to be followed. In this sense management’s role
is less about goal setting and more about managing
relationships and learning about the system.
The overall purpose of the SMS as well as business
objectives will guide the discussions and may be
updated following new information.
Further reading...
For further information on systems thinking refer
to the following guidance:
Lean Enterprise Research Centre: ‘Lean and
Systems Thinking in the Public Sector in Wales’
Demos: ‘System failure Why governments must
learn to think differently’
See page 70 onwards for full references.
4.3.2 Understanding localised
complexity
As discussed in section 3, by creating room for
employees to participate and show leadership within the
organisation another aspect of the SMS in practice can
be improved. Through creating employee participation
the managers of the organisation have a greater
opportunity to develop responses to the complexity of
activities on the ground.
Continuous improvement recognises that managers
away from the locality of the work cannot fully appreciate
the complexities of what happens to achieve it. Further,
it recognises that a tolerable plan designed by those
that will put it into use can work better in action than
‘excellent plans’ put together by those that may never
meet those implementing them.
When management systems guidance talks about
managers being ‘seen on the ground’, this is not
because employees need a senior leader to show
them what safety actions need to be taken. Rather, it is
because if the manager is not on the ground and seeing
for themselves what is happening they have very little
chance of fully understanding what needs to be done.
The system in action needs to be tested by its users in
order to bring it closer to reality and/or usefulness.
Page 65
Section 4 - System performance and maturity
Through working closely with the employees of the
organisation, a better understanding of SMS use in
particular locations can be understood and managed in
the SMS. If the SMS enables competent employees and
good leaders then some procedures can be adapted for
the locality of the work.
Making usable rules for complex situations can be
extremely difficult. It can be easier to provide the tools
for those at the locality (controls, competence and
leadership) so that rules can be continuously improved
towards effective practice.
If an organisation does not believe in the potential of its
employees because they do not have the capabilities
required to maintain and improve the organisation, it
would not be surprising to also find that this organisation
has an immature culture, safety or otherwise.
Structures and tools are easily observed within an
organisation and with some effort can be copied into
others. But evolutions in team dynamics and tacit
abilities that created and embedded the improvements,
and then seek to build on them, are complex.
An overemphasis on external developments can
draw attention to looking outside the organisation
for development and innovation. Complex internal
developments may not receive the same attention. The
organisation should develop for itself the fertile ground
in which the good practice is generated. If this is not
done then the ideas of the organisation’s personnel may
always be subsumed by the ideas of others.
If the organisation does not build up the integrity of its
own ideas, the department’s or function’s own self image
and identity will be weak, participation may be low and
continuous improvement inhibited.
4.3.3 Confidence to build from
within
Continuous improvement can develop the organisation
from within itself. It is the development of the
organisation’s own employees that engages them and
their own successes that they will strive to put in place.
Further reading...
For further information on the ideas behind
continuous improvement it may be useful to refer
to the following guidance:
Thinkflow: ‘Continuous Improvisation: why we are
so good at it and why it holds back improvement’
See page 70 onwards for full references.
Looking externally for good practice and benchmarking
ideas are obviously beneficial for the organisation.
However, these activities should be balanced with efforts
to develop from within.
Discussion point...
External ideas of improvement can be
misleading
‘In different parts of the world health care
systems are busily copying approaches from
other services that are in the process of
abandoning them’
Nigel Edwards, Policy Director, NHS
Confederation
Page 66
SMS Principles: Moving beyond compliance
4.4 Conclusion
Summing up
This section has shown where interpretations of
excellence have come from and has indicated that
the ideas are closely linked to existing ideas about
management systems.
•
There is a direct link between quality management
systems and the promotion of ‘excellence’ as both
are gained through large governing bodies and are
based on quality
A bespoke SMS develops a conscious purpose
and therefore a strong integrity for its principles and
reasoning. If it is to be excellent in practice it:
•
ORR has provided a number of interpretations
for excellence with regard to SMSs and has a
structure for its assessment via the document Rail
Management Maturity Model (RM3)
•
Systems thinking suggests looking across the
system at what effects each part of the SMS
is having on other parts to adjust them where
necessary
•
Continuous improvement recognises that managers
away from the locality of the work cannot fully
appreciate the complexities of what happens to
achieve it
•
An overemphasis on external developments can
draw attention to looking outside the organisation
for development and innovation. Complex internal
developments may not receive the same attention.
The organisation should develop for itself the fertile
ground in which the good practice is generated
•
Continually seeks to optimise its activities across the
system by being able to respond to information from
the organisation
•
Meets the complexity of its work by creating an
environment that really enables participation
•
Works to improve activities from within itself
With the application of purpose and participation an
organisation may continuously improve towards an SMS
that achieves its goals.
The management system that can truly deliver this in
practice has the potential to become excellent for safety
as well as for the business.
Image Credit: Ints Vikmanis / Shutterstock.com
www.rssb.co.uk
Page 67
Conclusion
Safety management system principles: moving
beyond compliance does not set a prescriptive path
towards a more effective SMS. This is because each
organisation and its operational risks are unique. It
is important for the organisation to function well as a
system and the components that make up this system
should be adaptable to the changing context of the
wider organisation. One answer is not likely to be right
on every occasion, or work well with all other solutions.
However, clear principles of risk, change management
and configuration control can provide reasoned support
to ongoing changes.
This document has suggested that, if the SMS
is bespoke to the organisation, it will increase its
effectiveness and therefore enhance safety culture. The
organisation can develop the SMS so it becomes more
than the sum of its parts by:
By clearly understanding the SMS and being willing to
work across the systems, functions and departments,
organisations can improve SMS integration and use.
There will also be a positive impact on business as
these activities reduce costs and identify efficiencies.
Safety managers, among others, have a key role in
moving the SMS forwards so that it offers more than
legal compliance but also increased adaptability,
suitability, business support and continuous
improvement, in all aspects of management.
Safety management system principles: moving
beyond compliance has provided principles that can
underpin this work. Managers are able to draw on
the principles that best fit their organisation and the
changing environment within which it works.
1. Consciously developing the SMS with a clearly
defined purpose and scope, as well as an
understanding of how it fits into the organisational
environment.
2. Creating an organisational environment that can
sustain the purpose of the SMS, enabling its
employees to put it into action and managers to
maintain its effectiveness.
3. Optimising the SMS across the system and
continuously learning how to refine/adjust its
position within the organisation.
Page 68
SMS Principles: Moving beyond compliance
References
Baker, J. 2007. The Report of the BP US Refineries Independent Review Panel.
BS OHSAS 18002:2008. 2008. Occupational health and safety management systems — Guidelines for the
implementation of OHSAS 18001:2007. London: BSI.
CAIB. 2003. Columbia Accident Review Panel, Report Volume 1 August 2003, Washington: Columbia Accident
Investigation Board.
Deming, W.E. 2000. The New Economics For, Industry, Government, Education – 2nd Edition. Cambridge: The
MIT Press.
EFQM. 2010 EFQM Excellence Model. EFQM
Federal Aviation Authority. 2006. Introduction to Safety Management Systems For Air Operators – Advisory Circular
Report 120-92 (June).
Francis. R, 2010. Independent Inquiry into care provided by Mid Staffordshire NHS Foundation Trust January 2005
– March 2009. London: The Stationary Office.
Hackett, J. 18 March 2009. Leadership in Health and Safety - The Essential Role of the Board. Speech Presented
at the Annual Rivers Lecture, available at: http://www.hse.gov.uk/aboutus/speeches/transcripts/hackitt180309.htm
Haddon-Cave. C, 2009. An Independent Review into the Broader Issues Surrounding the Loss of the RAF Nimrod
MR2 Aircraft XV230 in Afghanistan in 2006. London: The Stationery Office.
HSE. 1997a. HSG65 Successful Health and Safety Management. Norwich: HSE Books.
HSE. 1997b. Industry’s Perception and Use of occupational Exposure limits. Sudbury: HSE Books.
HSE. 2001. Railways (Safety Case) Regulations 2000 including 2001 amendments Guidance on Regulations.
Sudbury: HSE Books.
Institute of Health Care Improvement. 2008. Achieving the Vision of Excellence in Quality: Recommendations
for the English NHS System of Quality Improvement. Available at: http://www.policyexchange.org.uk/assets/IHI_
report.pdf
National Commission on the BP Deepwater Horizon Oil Spill and Offshore Drilling. First edition. January 12, 2011.
Seddon, J. 2003. Freedom From Command and Control: A Better Way to Make the Work Work. Buckingham:
Vanguard.
Toyoda, A. February 24 2010. Prepared Testimony of Akio Toyoda, Toyota Motor Corporation Committee
on Oversight and Government. Speech Presented at The United States Congress, available at: http://www.
toyotainthenews.com/watch-toyotas-akio-toyoda-testify-to-congress/
Weick, K.E., Sutcliffe, K. M. 2007, Managing the Unexpected, Resilient Performance in an Age of Uncertainty.
Second Edition. San Francisco: Jossey-Bass.
www.rssb.co.uk
Page 69
Further reading details
URL links for further reading
Section 1 Links
Document
Available at:
To find out more about general SMS guidance it may be useful to refer to the documents listed below:
Health and Safety Executive, ‘Successful health and
safety management’ (HSG65), 1997
http://books.hse.gov.uk/hse/public/saleproduct.
jsf?catalogueCode=9780717612765
European Rail Agency, ‘A System Approach Application
Guide for SMS’, 2011
http://www.era.europa.eu/Document-Register/
Documents/sms_guide_a-system-approach.pdf
Rail Safety Regulators Panel in conjunction with the
National Transport Commission, ‘Preparation of a Rail
Safety Management System’, 2008
http://www.ntc.gov.au/filemedia/Reports/NRSG_
SafetyManagementSystemSMS_J.pdf
Flight Safety Information Journal ‘A Brief Overview
of Safety Management Systems For Aviation
Professionals’, 2008
http://www.raes-hfg.com/reports/21may09-Potential/
SMS_v4.pdf
International Civil Aviation Organization, ‘Safety
Management Manual’, 2009
http://www2.icao.int/en/ism/Guidance%20Materials/
DOC_9859_FULL_EN.pdf
Federal Aviation Authority ‘SMS Framework’,2010
http://www.faa.gov/about/initiatives/sms/specifics_
by_aviation_industry_type/air_operators/media/sms_
framework.pdf
E&P Forum, ‘Guidelines for the Development and
Application of Health, Safety and Environmental
Management Systems’, 1994
http://www.ogp.org.uk/pubs/210.pdf
International Labour Organisation, ‘Guidelines on
occupational safety and health management systems’,
ILO-OSH 2001
http://www.ilo.org/wcmsp5/groups/public/---ed_protect/--protrav/---safework/documents/normativeinstrument/
wcms_107727.pdf
Ministry of Defence, ‘An introduction to system safety
management in the MOD’, 2011
http://www.mod.uk/NR/rdonlyres/D60AACB8-A2EA4A1C-9E16-953AA075E951/0/WhiteBookIssue3.pdf
To find out more about TQM and its links to safety and ISO standards it may be useful to refer to the
documents listed below:
Health and Safety Executive, ‘TQM and the
management of health and safety’, 1997
http://www.hse.gov.uk/research/crr_pdf/1997/crr97153.
pdf
Seddon J, ‘A Brief History of ISO 9000 Where did we go
wrong?’, 2000
Extract available at: http://www.systemsthinking.
co.uk/3-1-article.asp
The requirements of ROGS are supported by ORR guidance:
Office of Rail Regulation, ‘A guide to ROGS’, 2011
Page 70
http://www.rail-reg.gov.uk/upload/pdf/rogs-guidancemay11.pdf
SMS Principles: Moving beyond compliance
Section 2 Links
Document
Available at:
For further details on the ideas behind creating systems that work:
The Royal Academy of Engineering, ‘Creating systems
that work’,2007
http://www.raeng.org.uk/education/vps/pdf/RAE_
Systems_Report.pdf
Systems Engineers are beginning to use some of the ideas covered within System Design beyond ‘hard’
systems to also apply when managing ‘soft’ organisational systems. The NASA Systems Engineering
Handbook may prove helpful to dip in and out of:
National Aeronautics and Space Administration, ‘NASA
Systems Engineering Handbook’, 2007
http://education.ksc.nasa.gov/esmdspacegrant/
Documents/NASA%20SP-2007-6105%20Rev%20
1%20Final%2031Dec2007.pdf
There are frameworks available that can prove helpful when making a decision whether to proceed with a
scope of work. Such as:
RSSB, ‘Taking Safe Decisions’, 2009
http://www.rssb.co.uk/SAFETY/Pages/
SAFETYDECISIONMAKING.aspx
National Aeronautics and Space Administration, ‘NASA
Systems Engineering Handbook’, 2007
http://education.ksc.nasa.gov/esmdspacegrant/
Documents/NASA%20SP-2007-6105%20Rev%20
1%20Final%2031Dec2007.pdf
To find out more about change management within the organisation it may be useful to refer to the
following guidance:
For managing organisational change –
International Atomic Energy Agency, ‘Application of the
Management System for facilities and activities’,2006,
For a good understanding of the legal requirements and
management of change management –
http://www-pub.iaea.org/MTCD/publications/PDF/
Pub1253_web.pdf
http://www.era.europa.eu/Document-Register/
Documents/guide-for-application-of-CSM-Ver-1-1.pdf
European Rail Agency, ‘Guide for the application of the
Commission Regulation on the adoption of a common
safety method on risk evaluation and assessment
as referred to in Article 6(3)(a) of the Railway Safety
Directive’, 2009
For a good understanding of how change is managed
within the nuclear industry –
http://www-pub.iaea.org/MTCD/publications/PDF/
te_1226_prn.pdf
International Atomic Energy Agency, ‘Managing change
in nuclear utilities’, 2001
For further reading on accident summaries produced by RSSB:
RSSB summary report for Deepwater Horizon
http://www.rssb.co.uk/SiteCollectionDocuments/docs/
BP%20Deepwater%20II%20OFU%20FINAL.pdf
RSSB summary report for Nimrod
http://www.rssb.co.uk/SiteCollectionDocuments/docs/
Nimrod%20OFU.pdf
RSSB summary report for Mid Staffordshire NHS
http://www.rssb.co.uk/SiteCollectionDocuments/docs/
Mid-Staffs%20NHS%20OFU.pdf
www.rssb.co.uk
Page 71
Further reading
Section 3 Links
Document
Available at:
For further information to assist those with governance responsibilities it may be useful to refer to the
following guidance:
Health and Safety Executive, ‘Leading Health and
Safety at Work’,2007
http://www.hse.gov.uk/pubns/indg417.pdf
Financial Reporting Council (Turnball - Revised
Guidance) ‘Internal Control: Guidance for Directors on
the Combined Code’, 2005
http://www.frc.org.uk/documents/pagemanager/frc/
Revised%20Turnbull%20Guidance%20October%20
2005.pdf
RSSB, ‘Ethical basis of rail safety decisions’, 2005
(T230a)
http://www.rssb.co.uk/SiteCollectionDocuments/pdf/
reports/research/T230a%20Ethical%20basis%20of%20
railway%20decisions.pdf
RSSB, ‘Taking Safe Decisions’, 2009
http://www.rssb.co.uk/SAFETY/Pages/
SAFETYDECISIONMAKING.aspx
Health and Safety Executive, ‘Case studies that
identify and exemplify Boards of Directors who provide
leadership and direction on occupational health and
safety’, 2006
http://www.hse.gov.uk/research/rrpdf/rr499.pdf
For further information on how different organisational approaches can assist the delivery of objectives:
Environmental Change Institute, Oxford University,
‘Midstream and Sideways: Considering A Middle-Out
Approach to Changing Energy Demand’, 2010
http://www.eci.ox.ac.uk/publications/downloads/
paragjanda-middleout.pdf
For further information on competence within the organisation:
Office of Rail Regulation, ‘Developing and Maintaining
Staff Competence’, 2002
http://www.rail-reg.gov.uk/upload/pdf/sf-dev-staff.pdf
RSSB, ‘Competence assessment and verification
standards’, 2004 (T183)
http://www.rssb.co.uk/SiteCollectionDocuments/pdf/
reports/research/Competence%20assessment%20
and%20verification%20standards.pdf
RSSB, ‘Development of competence assessment
criteria for supervisors in safety critical roles’, 2003
(T258)
http://www.rssb.co.uk/SiteCollectionDocuments/
pdf/reports/research/Development%20of%20
competence%20assessment%20criteria%20for%20
supervisors%20in%20safety%20critical%20roles.pdf
RSSB, ‘A competence needs analysis for trainers and
their line managers’, 2006 (T588)
http://www.rssb.co.uk/SiteCollectionDocuments/pdf/
reports/research/T588_rpt_final.pdf
RSSB: Non-technical skills for rail: development,
piloting and evaluation of a training course (T869)
http://www.rssb.co.uk/RESEARCH/Lists/DispForm_
Custom.aspx?ID=808
For further information on Leadership:
Goleman. D, ‘Leadership that gets results’, 2000,
http://academy.clevelandclinic.org/Portals/40/
HBRLeadershipGetsResults.pdf
Health and Safety Executive: ‘Director Leadership
Behaviour Research’, 2010
http://www.hse.gov.uk/research/rrpdf/rr816.pdf
Page 72
SMS Principles: Moving beyond compliance
Section 3 Links Continued
Document
Available at:
For further information on the ideas of Command and Control and Systems Thinking:
Command and Control Research Program,
‘Understanding Command and Control’, 2002
http://www.dodccrp.org/files/Alberts_UC2.pdf
Advice UK, ‘Radically Re-thinking Advice Services in
Nottingham. Interim Report of the Nottingham Systems
Thinking Pilot’, 2009
http://www.adviceuk.org.uk/_uploads/
documents/1MicrosoftWordNottinghamSystemsThinkingPilot-InterimReport.pdf
For further information on worker participation within the organisation:
Health and Safety Executive, ‘Involving your workforce
in health and safety’, 2008
http://www.hse.gov.uk/pubns/priced/hsg263.pdf
Flight Safety Digest, ‘A Road Map to a Just Culture’,
2005
http://www.skybrary.aero/bookshelf/books/233.pdf
For further information on cooperation:
Step Change in Safety, ‘SMS Interfacing Guidance’,
2003
http://stepchangeinsafety.net/ResourceFiles/Health%20
%20Safety%20Guidance%20Bk.pdf
RSSB, ‘Duty of Cooperation Guide’, 2009
http://www.rssb.co.uk/SiteCollectionDocuments/
national_programmes/RSSB%20Duty%20of%20
Cooperation%20Guide%20Part%201.pdf
RSSB, ‘Industry Shared Risk Database’
http://isrd.rssb.co.uk/
RSSB, ‘Safety Risk Model’
http://www.safetyriskmodel.co.uk/default.aspx
To read more on how communication barriers and functional thinking can prevent effective exchange of
safety critical information and stifle professional differences of opinion refer to the Columbia accident
investigation report:
National Aeronautics and Space Administration,
‘Volume I of Columbia Accident Investigation Board
Report’, 2003
http://www.nasa.gov/columbia/home/CAIB_Vol1.html
For further information on the effects of Targets:
Institute for Healthcare Improvement, ‘Achieving the
Vision of Excellence in Quality: Recommendations for
the English NHS System of Quality Improvement’, 2008
http://www.policyexchange.org.uk/assets/IHI_report.pdf
RSSB, Managing the effects of applying targets to the
GB rail industry, 2007 (T611)
http://www.rssb.co.uk/RESEARCH/Lists/DispForm_
Custom.aspx?ID=700
For further information on setting and using indicators within the organisation:
RSSB: ‘The application of leading and lagging
indicators to the rail industry (measuring safety
performance) and associated guidance ‘Managing
Safety Performance’ 2011 (T852)
http://www.rssb.co.uk/RESEARCH/Lists/
DispForm_Custom.aspx?ID=698
Health and Safety Executive, HSG254 ‘Developing
Process Indicators’, 2006
http://books.hse.gov.uk/hse/public/saleproduct.
jsf?catalogueCode=9780717661800
Step Change in Safety, ‘Leading Performance
Indicators, Guidance for Effective Use’, 2006
http://stepchangeinsafety.net/stepchange/News/
StreamContentPart.aspx?ID=1517
www.rssb.co.uk
Page 73
g bey
mplia
lian
yond c
moving
beyond co
nce movin
moving be
yond comp
a
g
mpliance
e
li
e
b
in
p
c
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
beyon
nd co
nce m
movin
mplianc
e moving
oving beyo
nd complia
ompliance
o
beyond co
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
a
in
e
li
m
v
b
p
d
o
om
ompliance
ving beyon
ce moving
pliance m
c
o
n
m
a
d
g beyond c
m
o
li
n
c
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
ompli
yond
ing be
mplia
e moving reading
moving be
g beyond c
liance mov
mpliancFurther
beyond co
e
in
p
c
v
g
n
o
m
in
a
o
m
li
v
c
p
o
e
d
m
m
c
n
o
n
o
i
bey
ompliance
g beyond c
ance mov
nd complia
c
li
o
in
p
d
y
v
n
e
o
m
ce moving
o
b
o
m
y
c
g
e
e
d
b
in
c
n
v
mo
d
g beyo
moving
complian
compliance
ving beyon
mpliance
nce movin
o
d
o
a
n
m
c
li
ng beyond
o
p
d
y
e
n
m
e
c
o
o
b
n
y
c
a
g
e
li
d
movin 3 Links
comp
beyon
mplia
Section
Continued
oving b
ompliance
beyond co
ing beyond
pliance m
ce moving
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
n
m
c
o
o
n
c
y
e
a
g be
liance mov
nd compli
complianc
ing beyond
p
o
v
d
y
m
o
n
e
ce movin
o
o
b
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
Document
Available
movin at:
ce m
ing be
yon
complia
ance mov
ompliance
d complian
moving be
li
c
n
ng beyond
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
li
e
g
d
p
b
n
in
m
o
ov informationnto
eyuseful to try: g beyond co
g bbe
e m
comp
moving
further
may
ompliancFor
nce moitvin
ovin
avariation
ing beyond
omplia cehelp understand
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
ing
com
g beyo
pliance mo
vin
eyond http://www.apiweb.org/UnderstandingVariation.pdf
nd complia
o
m
b
o
o
m
nce movNolan.
y
c
g
e
e
d
in
b
c
v
n
n
g
o
o
a
T
and
Provost.
L,
‘Understanding
Variation’,
y
in
li
m
e
v
mo
ing b
yon
liance
nd comp
moving be
compliance ond compliance mov
ving beyo1990
yond comp
d
e
e
n
c
b
o
n
y
a
g
e
li
in
b
p
v
g
m
o
y
o
m
comp
movin
ing be
yond c
compliance
ompliance
ance mov
ing beyond
moving be
li
c
v
p
o
d
e
m
n
m
c
o
o
n
e
c
y
a
c
e
li
d
n
b
p
n
m
a
o
li
Foundation
Coalition, o
Presentation
com
ving
ving bey on ‘Statistical
ond comp
ompliance
beyond http://foundationcoalition.org/resources/ie/Quality1/
y
m
c
e
ance moQuality
g
d
b
e
in
n
c
v
g
o
n
o
y
in
a
e
v
li
m
b
o
p
Control’
oving
bey
d com
nce m
pliance
aquality1.ppt
ving beyon
ce moving
mpliance m
eyond com oving beyond compli
n
o
b
a
c
li
g
d
p
n
in
m
o
v
o
y
o
c
e
m
ncefurther information
e m
oving b
ncthe
m
eyond com
liaon
ing beyond
application
oflia
safety
assurance:
e
b
p
v
c
g
o
n
m
d compliaFor
in
o
m
v
c
p
o
e
d
m
c
m
n
o
n
o
m
liance
yond c
ving bey
d complia
moving be
yond comp
compliance
g beyonhttp://rgl.faa.gov/regulatory_and_guidance_library/
e
iance mo
e
d
in
b
c
v
n
g
n
o
o
a
y
in
m
li
e
v
p
b
o
e
m
Federal
Aviation
Authority,
‘Introduction
to
Safety
g
c
m
movin
ond co
g bey
liance
complian
ndAir
oving beyManagement
beyofor
nce movin
ompliance
yond comp rgadvisorycircular.nsf/0/6485143d5ec81aae8625719b0
c
a
g
e
li
Systems
Operators’,
2006
d
in
b
p
n
v
g
m
o
o
y
o
in
m
c
e
v
b
o
o
d
e
nc
ving
pliance m
ce mo055c9e5/$FILE/AC%20120-92.pdf
ving beyon
g beyond c
m
n
o
in
o
a
v
nd complia
m
li
c
o
p
d
e
m
m
n
c
o
o
n
e
c
y
a
c
ompli
ce
ving be
mplian
beyond
g beyond c
d complian
liance mo
beyond co
n
in
ce moving
v
g
o
n
y
o
in
a
e
v
li
m
b
o
p
e
g
m
m
c
in
o
n
v
c
e
Standards
Australia, Australian
Standard
plia HB 254- d comphttp://www.saiglobal.com/PDFTemp/Previews/OSH/as/
lianc
yond
ving be
ce mo
d com
eyonManagement
oving be2005
liance mo
g bRisk
eyon
d complian
p
b
in
n
v
m
o
g
o
o
y
in
‘Governance,
and
Control
misc/handbook/HB254-2005.pdf
c
e
m
v
b
d
o
e
n
g
co
m
c
o
in
lian
oving bey
ance mov
ing beyond
ompliance
m
li
nd compAssurance’,
v
c
p
o
e
d
m
c
m
n
2005
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
oving
omplia
g beyo
nd com
ance
pliance m
nce movin
g beyond c
oving beyo
ond compli
a
y
in
li
m
e
v
p
b
o
e
m
g
c
m
o
n
in
c
a
e
v
li
d
c
o
n
mp
reading on
eyofurther
nd coculture:
moving be
pliance m
yosafety
d complian
e
e
n
m
c
b
o
o
n
moving bFor
y
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
mov
dc
yond c
liance m
oving be
mpliance
ving beyon
moving be
liance mhttp://safetyculturetoolkit.rssb.co.uk/Home.aspx
o
ond comp
p
e
d coToolkit
m
c
m
n
RSSB,inSafety
Culture
n
o
o
e
a
c
y
li
c
e
d
p
n
b
n
a
m
o
li
g
comp
mov
pliance
ing bey
yond co
mpliance
ing beyond
ance mov
eyond com
moving be
v
li
b
o
p
e
g
m
m
c
in
o
n
v
c
e
a
o
li
c
b
d
p
n
m
n
a
Axminster,
Triarchy Press.
pli
com in the Public
eyo J. , 2009,g‘Systems
mpliance
nd com
ce moving
o
o
n
beyondThinking
c
y
moving bSeddon,
a
li
e
d
p
b
in
n
v
o
m
g
o
y
o
in
e
c
m
v
b
e Failure of the Reform
mo and a
Sector:
Regime
oving
nd c
beyond
pliancThe
ompliance
oving beyo
d cWay’,
yond comManifesto
mpliance m compliance moving
n
m
o
o
c
y
e
e
d
c
for
a
Better
b
n
n
o
a
g
y
li
in
e
p
mov
plianc
yond
ving b
d com
mpliance
moving be
eyond com
ving beyon
pliance mo
b
o
e
m
g
c
m
o
n
in
c
a
v
e
d
li
o
c
n
p
n
m
o
g
a
m
y
li
be
beyond co
ompliance
ond comp
ance movin
c
y
li
g
e moving
e
p
d
in
b
n
v
m
o
g
o
o
y
c
in
m
e
v
d
b
o
n
e
lianc
yond
nce m
moving
g beyo
yond comp
moving be
nd complia
nce movin
ompliance
o
e
a
c
y
li
c
d
e
p
n
n
b
a
m
o
li
g
o
y
p
c
e
in
m
n
v
b
d
mo
4pLinks
beyond co
nd complia
ce moving
ving beyon
g
o
n
o
y
a
mplianceSection
in
li
e
m
v
b
o
e
g
m
m
c
o
in
n
c
v
e
a
ce mo
ving
compli
mplianc
g beyond
liance mo
d complian
e movinDocument
p
beyond co
ing beyond
n
v
o
m
g
o
y
o
in
e
c
m
v
b
d
o
e
g
Available
at:
n
m
c
o
in
n
plia
mov
liance
beyond
ing bey
eyond com
compliance
yond comp
e moving
ance mov
li
c
e
d
p
n
b
n
a
o
m
g
li
y
o
p
in
e
c
v
b
m
d
o
o
g
an
n
c
in
e m
the EFQM and
Excellence
nce movwebsite:
g beyond
ond compli
oving beyo
a
y
in
li
m
e
v
compliancFor
p
b
o
e
m
g
m
c
o
n
in
c
e
a
v
d
li
c
o
nce m
d comp
g beyon
omplian
movin
beyond chttp://www.efqm.org/en/
ce movinEFQM
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
website
g
m
c
o
y
in
n
v
n
e
e
a
mpli
moving b
complianc
pliance mo
oving beyo
e
d
m
m
c
n
o
n
o
beyond co
c
e
a
y
li
c
d
e
p
n
n
b
a
o
m
li
g
y
o
e
dc
lia
movininformation
yon
ving bORR
nd comp
ce further
moguide
use
to
support
identification
of
e the
beyomaturity:
ving bethe
yond comp
ingsafety
liancon
mo
e
v
complianFor
p
b
o
e
m
g
m
c
o
n
in
c
e
v
a
li
c
d
o
p
n
n
m
a
o
movi
compli
liance
ing bey
eyond com
nce movOffice
yond comp
ompliance
ing beyond http://www.rail-reg.gov.uk/upload/pdf/managementc
e
moving b‘Rail
v
b
d
o
e
of
Rail
Regulation,
Management
Maturity
n
g
m
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
ce m
com
plianmaturity-model.pdf
oving beyo
d complia
e moving
m
c
n
m
o
n
o
beyond Model’,
c
y
a
e
li
e
2011
d
c
p
b
n
n
o
a
m
g
li
y
o
in
p
e
c
yond
ving b
d com
mpli
ce mov
moving be
ving beyon
pliance mo
beyond co
o
d complian
e
m
g
c
m
o
n
in
c
a
v
e
li
d
o
c
p
n
n
m
o
a
m
y
li
e
o
be informationg on
nc
Forgfurther
Systems
may beduseful
following
mov
compto refer to ythe
yond c Thinking git b
mpliaguidance:
nce movin
compliance
movin be
be ond co
vin eyon
d
o
n
g
e
c
o
m
in
y
n
v
e
a
e
o
li
b
c
y
p
m
n
g
a
m
co
nce
ompli ‘Lean andoSystems
moving be
nd cCentre,
ompliahttp://www.wao.gov.uk/assets/englishdocuments/
nce movin
c
o
e
a
y
li
c
g beyondLean
Enterprise
Research
d
e
p
n
n
b
a
m
li
y
g
o
p
e
c
in
b
m
v
d
o
oving2010
omp
yond c
g beyon
ance moin the Public
Wales’,
lianceinm
d compliThinking
g beyond c
moving be
ce movinSystems_Thinking_Report_eng.pdf
ompSector
n
in
c
e
v
a
li
c
d
o
p
n
n
m
a
o
m
li
y
o
e
p
e
c
c
v
b
m
ving
liance mo
d complian
beyond co
ing beyond
p
n
v
o
g
m
o
y
ance moDEMOS,
o
in
e
m
c
v
b
o
d
e
g
n
m
c
o
in
n
a
failure - Why
governments
http://www.demos.co.uk/files/systemfailure2.
bey
ing bey
pliance must learn
nce mov
d compli‘System
compliapdf?1240939425
e moving
ance mov
eyond com
d
li
c
ng beyonto
b2004
n
p
n
o
a
g
m
li
y
think
differently’,
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
nce
movin
com
yond
g beyo
nd complia
moving be
ing beyond
compliance
nce movin
v
e
a
o
d
li
c
n
m
p
n
o
a
m
y
li
e
o
e
c
p
c
b
n
m
a
d
g
li refer to the mpliance m
n
d co
ovinfurther information
onbthe
behind continuous
it may
eyoideas
compto
nduseful
beyonimprovement
obe
ving
g
o
y
o
e
liance mFor
in
m
b
v
o
g
e
m
c
in
v
n
e
o
a
c
m
g beyond c
mpliguidance: ond complian
e
in
c
o
v
following
g be
c
n
o
a
d
m
li
n
p
o
e
m
y
c
o
e
n
plia
nce movin
bey
nd c
ng b
a
o
m
li
g
y
o
p
in
e
c
v
b
m
d
o
o
g
n
c
m
o
in
d
y
v
liance ‘Continuous
d com
beyon
ing be
pliance mo whym
we
ond compThinkflow,
ving beyon
ancsoe movhttp://www.swimm.co.uk/events/documents/
liare
ce moving
d comImprovisation:
o
p
n
n
m
a
o
li
y
o
e
p
e
c
c
b
m
n
d
o
g
a
n
m
c
li
in
o
y
ov at it and how itmholds
nd
g beimprovement’,
good
2005
ovinback
yond comp
ompliance
ing beyoswimmpresentation170205_000.pdf
e
c
v
pliance m
b
o
d
e
g
n
m
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
m
d com
omplia
ing b
liance
moving
ving beyon
ance mov
g beyond c
mpliance
li
yond comp
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
in
o
v
d
y
e
m
o
n
e
c
b
an
beyond co
oving beyo
mpliance m compliance moving
g
m
o
in
ond compli
c
e
v
c
d
o
n
n
m
a
o
li
y
e
p
e
nd com
mplianc
oving b
eyond
compliance
beyond co
d
oving beyo
n
mpliance m ompliance moving b
g
m
o
in
y
v
e
e
o
c
b
n
m
g
a
li
dc
movin
comp
pliance
oving
ving beyon
ompliance
pliance m
ing beyond
eyond com
c
v
b
m
d
o
o
g
n
c
m
o
in
y
d
v
e
e
n
o
c
b
o
o
n
m
y
e
plia
oving bbeyond
g beyond c
ce movingSMS Principles:
mMoving
ompliance
n
in
c
a
yond comPage
e
v
li
74
compliance
d
c
o
p
n
n
m
o
a
m
li
y
o
e
p
e
c
c
b
m
oving
ce
mplian
beyond
yond co
beyond co
d complian
mpliance m compliance moving
g
n
moving be
o
in
y
v
e
e
o
c
b
n
m
a
g
li
e
in
p
g
m
nc
ov
nd
beyond co
pliance m
nd complia
ance movin
oving beyo
eyond com
oving beyo
ce moving
ond compli
nce
movi
com
beyo
ing b
e moving
ance mov
ompliance
ing beyond
li
c
c
v
beyo
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
a
ng
ce moving
ond
beyo
mpli
n
y
o
a
g
e
li
c
b
in
p
d
v
g
m
n
o
o
o
in
m
c
y
v
m
e
o
ce
moving b
beyond co
ing beyond
pliance m
e
v
g
m
c
o
d complian
o
n
in
m
c
a
v
li
o
d
e
p
n
m
c
m
o
n
y
o
mo
omplia
ing be
pliance
yond c
ance mov
g beyond c
moving be
eyond com
compliance
b
in
e
d
v
c
g
n
o
n
o
in
m
a
y
v
li
e
o
p
b
e
m
c
m
g
co
g bey
mplian
movin
liance
ing beyond
beyond co
ance movin
ompliance
yond comp
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
m
v
d
e
o
om
n
b
e
m
c
g beyond c
oving beyo
ce moving
mpliance
d complian
in
m
n
o
v
a
c
o
li
e
d
p
c
m
n
n
m
o
a
e
o
y
li
c
c
e
p
m
ing b
mplian
d com
beyond
ance mov
compliance
beyond co
ving beyon
d
ce moving
g
o
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
y
o
a
e
in
c
li
c
d
moving be
ance mov
li
yond comp ing beyond complian
e
p
e
ving beyon
c
b
n
m
a
o
g
li
c
in
p
d
v
m
n
o
com
mov
g beyo
nce m
yond co
ing beyond
nce movin
ompliance
nd complia
moving be
v
c
a
li
o
d
e
p
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
oving
beyon
omplia
nce m
nd com
pliance m
nd complia
g beyond c
ce moving
oving beyo
o
n
in
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
o
in
e
a
c
b
v
li
c
nd
d complian
yond comp
ce moving
pliance mo
n
e
n
m
oving beyo
o
b
a
o
y
li
g
c
e
p
b
in
d
m
v
n
g
o
o
o
c
in
y
mov
yond
nce m
ing be
nd co
moving be
nd complia
compliance
liance mov
oving beyo
e
p
d
c
m
n
n
m
o
a
o
e
y
li
c
c
e
p
n
d
b
a
m
n
li
g
o
o
ovin
oving bey
mpliance m
yond comp
g beyond c
o
m
e
c
in
b
v
e
d
pliance m
g
o
c
n
n
o
in
m
a
y
v
li
e
o
e
p
b
c
ving
nce m
gb
mplian
yond com
pliance mo
nd complia
beyond co
nce movin
o
m
y
a
o
g
moving be
li
e
c
in
p
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
nd c
liance
ving b
ce m
beyon
oving beyo
yond comp
d complian
pliance mo compliance moving
m
n
m
o
o
y
e
c
c
e
n
b
d
a
n
g
li
o
p
in
y
mov
g beyond
moving be
eyond com
compliance
b
in
d
e
v
g
n
c
o
mpliance
o
n
in
m
y
a
v
li
e
o
p
b
e
m
c
g
m
n
mplia
movin
ing
liance
yond co
beyond co
ance mov
ompliance
yond comp
li
c
moving be
g
e
p
d
b
in
m
n
v
g
o
o
o
c
y
in
m
e
v
d
b
o
n
e
o
lianc
yond
g bey
moving
liance m
yond comp
moving be
nce movin
ompliance
a
e
yond comp
li
c
c
e
p
n
d
b
a
n
m
li
g
o
o
p
y
c
in
e
v
m
d
ce
b
o
o
n
m
beyond c
d complian
ce moving
g
oving beyo
n
n
o
ompliance
in
m
a
y
v
li
e
o
e
p
b
c
m
m
n
g
o
a
e
in
c
li
mov
yond
plianc
comp
oving
moving be
eyond com
compliance
ing beyond
pliance m
b
d
v
m
n
g
o
o
o
in
m
c
y
v
e
d
o
e
b
n
c
m
o
g
n
y
plia
ing beyond
nce movin
ompliance
moving be
v
c
a
li
o
d
e
p
eyond com
m
c
n
m
n
o
o
y
e
a
c
li
c
e
p
n
b
d
a
beyon
ompli
nd com
anc
moving
g beyond c
ce moving
oving beyo
ond compli
n
in
ompliance
y
m
a
v
e
li
o
b
p
e
m
c
g
m
n
in
o
e
a
v
c
li
c
o
p
n
yond
mplia
nce m
d com
movin
moving be
beyond co
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
n
in
e
e
n
a
v
c
pli
moving b
liance mo
oving beyo
d complian
p
e
n
c
m
eyond com
m
o
n
o
y
a
e
c
e
li
c
b
p
d
n
n
a
m
g
li
o
o
in
mov
comp
lian
yond c
ing bey
ing beyond
ance mov
moving be
yond comp
compliance
v
li
e
o
p
e
b
c
m
m
g
n
o
a
in
e
c
li
v
c
d
p
o
n
n
a
m
beyo
movin
compli
ance m
yond co
e moving
ompliance
ond compli
ing beyond
c
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
yon
m
e moving
pliance m
moving be
c
nd complia
m
n
beyond co
o
o
e
a
y
c
li
c
e
p
n
b
d
a
n
m
li
g
o
o
p
in
y
c
v
mo
yond
ing be
nd com
mplia
moving be
compliance
liance mov
oving beyo
beyond co
p
e
m
c
g
m
n
e
in
o
a
c
v
c
li
n
o
p
d
a
m
n
li
m
o
p
o
bey
compliance ond compliance mov
eyond com
g beyond c
b
d
in
n
v
g
ce moving
o
o
in
y
v
m
e
o
b
e
m
g
c
yo
g bey
movin
liance
mplian
moving be
nce movin
beyond co
ompliance
yond comp
a
e
c
e
li
c
b
p
n
d
a
n
m
g
li
o
o
p
in
y
c
v
e
m
o
d
b
o
ce m
oving
beyon
mplia
yond c
d complian
beyond co
moving be
ce moving
mpliance m
g
n
o
e
a
in
c
li
c
v
d
p
n
o
n
a
m
m
o
li
o
y
p
c
e
e
ov
m
c
gb
complian
pliance m
beyond co
ing beyond
d
v
m
n
g
o
nce movin
o
o
in
c
y
m
v
e
d
o
b
e
n
m
c
o
g
n
y
movin
bey
omplia
ving be
mpliance
ce moving
g beyond c
compliance ond compliance mo
n
beyond co
d
a
li
n
g
p
o
in
y
m
v
e
o
o
b
c
m
g
ce
ompli
g bey
movin
beyond
d complian
g beyond c
nce movin
e moving
ompliance
in
a
c
c
v
li
n
o
p
d
a
n
li
m
m
o
p
o
y
e
c
m
e
c
o
d
b
n
mo
c
g
ving beyon
g beyond
mpliance
nd complia
o
o
o
in
nce movin
c
y
v
m
e
o
d
e
b
n
m
c
o
g
n
y
e
a
in
e
li
c
v
b
comp
g be
mplian
ce mo
oving
ng beyond
beyond co
pliance m
nce movin
d complian
a
n
m
g
li
o
o
in
p
y
c
v
e
m
o
d
b
o
n
m
c
g
o
y
d
in
e
nc
moving be
ance mov
yond comp
ving beyon
li
e
o
p
e
b
nd complia
c
m
m
g
n
o
a
in
e
c
li
v
c
p
d
o
n
n
a
m
m
li
m
comp
ance
yond co
ing beyo
ompliance
ond compli
ing beyond
c
ance mov
y
moving be
v
e
d
o
b
e
n
c
m
o
g
n
y
in
a
e
e
li
v
c
b
p
o
n
com
nce m
omplia
ving b
moving
ing beyond
liance mo
nd complia
mpliance
g beyond c
p
o
o
in
y
c
m
v
e
o
d
o
b
c
n
m
g
o
d
y
in
n
e
e
v
o
c
b
mp
y
an
beyond co
pliance mo
moving be
ce moving
g
n
m
ond compli
e
a
o
in
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
yond
ing be
plianc
nd com
moving be
compliance
iance mov
eyond com
oving beyo
d
e
b
n
m
c
g
o
n
y
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
dc
movin
liance
oving b
d comp
ving beyon
pliance m
yond comp
compliance
ving beyon
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
c
o
b
o
m
n
y
a
g
m
li
beyond co
moving be
ce movin
mpliance
g
n
o
yond comp
in
e
a
c
li
v
c
d
p
o
n
n
a
m
m
li
o
o
y
p
c
e
e
m
c
ving b
nce
mplian
beyond
yond co
pliance mo
beyond co
nd complia
moving be
ce moving
o
g
n
y
in
e
a
e
v
li
c
b
o
p
n
g
a
m
m
li
in
o
p
v
g
e
c
m
d
complianc
pliance mo
nce movin
beyond co
d
a
m
ving beyon
li
n
g
o
p
o
c
in
y
m
v
e
d
o
o
b
n
c
o
m
g
d
y
movin
com
beyon
ing be
liance
e moving
ance mov
ompliance
ing beyond
yond comp
li
c
c
v
p
n
o
d
a
m
n
li
m
o
o
p
c
y
e
m
e
c
d
o
b
n
n
c
oving
yond
omplia
g beyo
liance
moving be
mpliance m
g beyond c
nce movin
yond comp
e
a
in
e
li
c
v
b
p
n
o
a
g
m
m
li
o
in
p
c
e
v
g
m
c
o
d
o
n
yon
beyond c
pliance m
nce movin
d complia
a
n
g
m
li
o
o
in
p
y
moving be
c
v
e
m
o
d
b
o
n
m
c
g
o
d
y
in
e
n
e
v
mo
beyo
plianc
d co
ving b
compliance
eyond com
ving beyon
liance mo
ce moving
d
o
p
n
n
a
m
m
li
o
o
y
p
e
c
e
c
m
b
d
n
o
n
a
c
g
o
li
ovin
comp
plianc
beyond
ing bey
mpliance m
ing beyond
eyond com vin
e moving
ance mov
v
b
li
c
o
p
n
g
a
m
m
in
li
o
v
p
e
c
o
c
m
n
d
m
o
a
n
c
yo
ompli
yond
liance
ce mo
moving be
g beyond c
moving be
yond comp
d complian
in
e
n
e
v
b
c
o
o
y
n
g
m
e
a
in
li
b
v
e
p
g
o
c
nd c
m
n
in
m
oving beyo
beyond co
ance mov
nd complia
mpliance
m
li
o
o
p
y
c
e
e
m
c
d
b
o
n
n
c
g
a
o
li
y
d
in
p
e
c
v
n
o
moving b
eyond com
d complian
oving beyo
e
b
n
c
m
mpliance m
o
g
n
y
a
in
e
e
li
v
c
b
p
o
n
g
a
m
m
li
o
in
mov
liance
ovin
yond c
d comp
pliance m
moving be
yond comp
compliance
ving beyon
e
m
d
o
b
o
n
c
m
g
o
d
y
in
e
n
e
v
c
o
b
o
n
y
g
a
m
e
mpli
movin
yond
ving b
liance
beyond co
moving be
liance mo
ompliance
p
yond comp
c
e
e
m
c
d
b
o
n
n
c
a
g
o
li
d
y
in
p
v
n
e
m
o
o
b
an
y
m
beyond co
ond compli
moving be
ce moving
g
y
n
ompliance
e
in
e
a
b
v
li
c
o
p
n
g
a
m
m
in
li
o
v
e
p
c
o
c
ce m
mov
nd com
eyond
mplian
moving bwww.rssb.co.uk
d complian
beyond co
oving beyo
ompliance
n
c
g
o
m
y
d
in
e
v
n
e
b
o
c
o
y
n
g
m
e
a
in
li
b
e
v
mo
omp
oving
beyond
mplianc
g beyond c
pliance m
compliance
e moving
m
c
d
beyond co
o
n
n
g
c
a
o
li
y
in
d
p
e
v
n
b
o
o
m
y
an
o
m
g
e
c
moving b
ond compli
g beyond
nce movin
ompliance
g bey
mplia
lian
yond c
moving
beyond co
nce movin
moving be
yond comp
a
g
mpliance
e
li
e
b
in
p
c
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
beyon
nd co
nce m
movin
mplianc
e moving
oving beyo
nd complia
ompliance
o
beyond co
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
a
in
e
li
m
v
b
p
d
o
om
ompliance
ving beyon
ce moving
pliance m
c
o
n
m
a
d
g beyond c
m
o
li
n
c
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
ompli
yond
ing be
mplia
moving
moving be
g beyond c
liance mov
mpliance
beyond co
e
in
p
c
v
g
n
o
m
in
a
o
m
li
v
c
p
o
e
d
m
m
c
n
o
n
o
i
bey
ompliance
g beyond c
ance mov
nd complia
c
li
o
in
p
d
y
v
n
e
o
m
ce moving
o
b
o
m
y
c
g
e
e
d
b
in
c
n
v
mo
d
g beyo
moving
complian
compliance
ving beyon
mpliance
nce movin
o
d
o
a
n
m
c
li
ng beyond
o
p
d
y
e
n
m
e
c
o
o
b
n
y
c
a
g
e
li
d
movin
comp
beyon
mplia
oving b
ompliance
beyond co
ing beyond
pliance m
ce moving
v
g
n
m
o
a
o
in
li
m
c
v
p
o
d
e
m
n
m
c
o
o
n
c
y
e
a
be
liance mov
nd compli
complianc
ing beyond
p
o
v
d
y
m
o
n
e
ce moving
o
o
b
m
c
y
g
e
d
e
b
n
in
c
v
o
n
g
y
o
movin
ce m
ing be
yon
complia
ance mov
ompliance
d complian
moving be
li
c
n
ng beyond
p
o
e
d
y
c
m
n
e
n
o
o
b
c
a
y
li
e
g
d
p
b
n
in
m
o
mov
nd co
comp
moving
ing bey
ompliance
oving beyo
ance mov
ing beyond
ompliance
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
g
pliance mo
ving beyo
eyond com
nd complia
o
m
b
o
o
m
nce movin
y
c
g
e
e
d
in
b
c
v
n
n
g
o
o
a
y
in
li
m
e
v
mo
ing b
yon
liance
d comp
moving be
compliance ond compliance mov
ving beyon
yond comp
d
e
e
n
c
b
o
n
y
a
g
e
li
in
b
p
v
g
m
o
y
o
m
comp
movin
ing be
yond c
compliance
ompliance
ance mov
ing beyond
moving be
li
c
v
p
o
d
e
m
n
m
c
o
o
n
e
c
y
a
c
e
li
d
n
b
p
n
m
a
o
li
m
ing
oving bey
ond comp
ompliance
beyond co
y
m
c
e
ance mov
g
d
b
e
in
n
c
v
g
o
n
o
y
in
a
e
v
li
m
b
o
p
oving
bey
d com
pliance
ance m
ving beyon
ce moving
mpliance m
eyond com oving beyond compli
n
o
b
a
c
li
g
d
p
n
in
m
o
v
o
y
o
c
e
m
ce
moving b
eyond com
liance m
ing beyond
e
b
p
v
c
g
o
n
m
d complian
a
in
o
m
li
v
c
p
o
e
d
m
c
m
n
o
n
o
m
liance
yond c
omplia
ing bey
moving be
yond comp
compliance
g beyond c
e
iance mov
e
d
in
b
c
v
n
g
n
o
o
a
y
in
m
li
e
v
p
b
o
e
m
g
c
m
nd co
movin
g bey
mplian
liance
oving beyo
beyond co
nce movin
ompliance
yond comp
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
m
c
e
v
b
o
o
d
e
nc
pliance m
ce moving
ving beyon
g beyond c
m
n
o
in
o
a
v
nd complia
m
li
c
o
p
d
e
m
m
n
c
o
o
n
e
c
y
a
c
ompli
ce
ving be
mplian
beyond
g beyond c
d complian
liance mo
beyond co
n
in
ce moving
v
g
o
n
y
o
in
a
e
v
li
m
b
o
p
e
g
m
m
c
in
o
n
v
c
e
nd
omplia
plianc
ving be
ce mo
oving beyo
liance mo
g beyond c
eyond com
d complian
p
b
in
n
v
m
o
g
o
o
y
in
c
e
m
v
b
d
o
e
n
g
co
m
c
o
in
n
oving bey
ance mov
ing beyond
ompliance
m
li
nd complia
v
c
p
o
e
d
m
c
m
n
o
n
o
c
a
y
e
li
c
e
d
p
n
b
n
oving
omplia
g beyo
nd com
ance
pliance m
nce movin
g beyond c
oving beyo
ond compli
a
y
in
li
m
e
v
p
b
o
e
m
g
c
m
o
n
in
c
a
e
v
li
d
c
o
yon
moving be
pliance m
yond comp
d complian
e
e
n
m
c
b
o
o
n
moving be
y
c
a
g
e
li
d
in
b
p
n
v
g
m
o
o
y
o
in
mov
dc
ing be
yond c
ance m
ving beyon
moving be
liance mov
compliance
o
ond compli
p
e
d
m
c
m
n
n
o
o
e
a
c
y
li
c
e
d
p
n
b
n
a
m
o
li
g
comp
movin
pliance
ing bey
yond co
mpliance
ing beyond
ance mov
eyond com
moving be
v
li
b
o
p
e
g
m
m
c
in
o
n
v
c
e
a
o
li
c
b
d
p
n
m
n
a
m
yo
mpliance
nd compli
ce moving
o
o
n
beyond co
c
y
moving be
a
g
li
e
d
p
b
in
n
v
o
m
g
o
y
o
in
e
c
m
v
b
oving
nd c
liance
ce mo
beyond
oving beyo
d complian
yond comp
mpliance m compliance moving
n
m
o
o
c
y
e
e
d
c
b
n
n
o
a
g
y
li
in
e
p
mov
plianc
yond
ving b
d com
mpliance
moving be
eyond com
ving beyon
pliance mo
b
o
e
m
g
c
m
o
n
in
c
a
v
e
d
li
o
c
n
p
n
m
o
g
a
m
y
li
be
beyond co
ompliance
ond comp
ance movin
c
y
li
g
e moving
e
p
d
in
b
n
v
m
o
g
o
o
y
c
in
m
e
v
d
b
o
n
e
lianc
yond
nce m
moving
g beyo
yond comp
moving be
nd complia
nce movin
ompliance
o
e
a
c
y
li
c
d
e
p
n
n
b
a
m
o
li
g
o
y
p
c
e
in
m
n
v
b
d
mo
beyond co
nd complia
ce moving
ving beyon
g
o
n
o
y
a
mpliance
in
li
e
m
v
p
b
o
e
g
m
m
c
o
in
n
c
v
e
a
ce mo
ving
compli
beyond
mplianc
liance mo
d complian
e moving
p
beyond co
ing beyond
n
v
o
m
g
o
y
o
in
e
c
m
v
b
d
o
e
g
n
m
c
o
in
n
plia
mov
liance
beyond
ing bey
eyond com
compliance
yond comp
e moving
ance mov
li
c
e
d
p
n
b
n
a
o
m
g
li
y
o
p
in
e
c
v
b
m
d
o
o
g
an
n
c
m
vin
g beyond
ond compli
oving beyo
y
in
m
e
v
compliance yond compliance mo
b
o
e
g
m
c
n
in
e
a
v
li
c
o
be
mplian
nce m
d comp
movin
beyond co
ce moving
nd complia
ving beyon
mpliance
g
o
o
o
y
c
in
m
e
v
d
b
o
n
e
g
m
c
o
y
in
n
v
n
e
e
a
mpli
moving b
complianc
pliance mo
oving beyo
e
d
m
m
c
n
o
n
o
beyond co
c
e
a
y
li
c
d
e
p
n
n
b
a
o
m
li
g
y
o
comp
lia
movin
yond c
ving be
yond comp
ing beyond
moving be
e
v
compliance yond compliance mo
b
o
e
g
m
c
n
in
e
v
a
li
c
o
p
n
m
a
g be
movi
compli
liance
yond com
nce movin
yond comp
ompliance
ing beyond
c
e
moving be
v
b
d
o
e
n
g
m
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
m
pliance m
oving beyo
d complia
e moving
m
c
n
m
o
n
o
beyond co
c
y
a
e
li
e
d
c
p
b
n
n
o
a
m
g
li
y
o
in
p
e
c
yond
ving b
d com
mpli
ce mov
moving be
ving beyon
pliance mo
beyond co
o
d complian
e
m
g
c
m
o
n
in
c
a
v
e
li
d
o
c
p
n
n
m
o
a
m
y
li
e
o
g be
mov
yond c
d comp
mplianc
nce movin
compliance
moving be
beyond co
ving beyon
d
o
n
g
e
c
o
m
in
y
n
v
e
a
e
o
li
b
c
y
p
m
n
g
a
m
o
moving be
nd compli
ompliance
nce movin
c
o
e
a
y
li
c
g beyond c
d
e
p
n
n
b
a
o
m
li
y
g
o
p
e
c
in
b
m
v
d
o
ce mo
beyon
omp
moving
yond c
d complian
g beyond c
moving be
ce moving
ompliance
n
in
c
e
v
a
li
c
d
o
p
n
n
m
a
o
m
li
y
o
e
p
e
c
c
v
b
m
ing
liance mo
d complian
beyond co
ing beyond
p
n
v
o
g
m
o
y
ance mov
o
in
e
m
c
v
b
o
d
e
g
n
m
c
o
in
n
mov
bey
ing bey
complia
mpliance
compliance
e moving
ance mov
d
li
c
ng beyond
beyond co
n
p
n
o
a
g
m
li
y
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
nce
movin
com
yond
g beyo
nd complia
moving be
ing beyond
compliance
nce movin
v
e
a
o
d
li
c
n
m
p
n
o
a
m
y
li
e
o
e
c
p
c
b
n
m
a
d
g
m
in
beyond co
mpliance
ond compli
ving beyon
g
o
y
o
c
e
liance mov
in
m
b
v
d
o
n
g
e
o
m
c
in
y
v
n
e
e
o
a
c
g be
compli
nce m
oving b
mplian
pliance m
nce movin
beyond co
nd complia
ng beyond
a
o
m
li
g
y
o
p
in
e
c
v
b
m
d
o
o
g
n
c
m
o
in
d
y
v
n
mo
liance
d com
moving be
oving beyo
mplian1ce
ond compRSSB
ving beyon
liance EC1V
d coSquare
o
p
m
Block
2onAngel
Torrens
Street
London
1NY compliance m
m
y
o
e
e
c
c
b
n
d
g
a
n
m
li
in
o
y
ov
yond comp
ompliance
ing beyond
e
moving be
c
v
pliance m
b
o
d
e
g
n
m
www.rssb.co.uk
c
o
in
n
y
v
e
a
e
o
li
c
b
p
n
m
d com
omplia
ing b
liance
moving
ving beyon
ance mov
g beyond c
mpliance
li
yond comp
o
in
p
e
c
v
b
m
o
d
g
o
n
m
c
in
o
v
d
y
e
m
o
n
e
c
m Limited
plian Rail Safety cand
moving b
pliance Board
beyond co
oving beyo
mStandards
e
g
m
c
o
in
ond comCopyright
n
e
v
a
c
d
o
li
n
n
p
m
a
o
li
m
y
e
p
o
e
nd com
mplianc
oving b
eyond c
compliance
beyond co
d
oving beyo
n
mpliance m ompliance moving b
g
m
o
in
y
v
e
e
o
c
b
n
m
g
a
li
dc
movin
comp
pliance
oving
ving beyon
ompliance
pliance m
ing beyond
eyond com
c
v
b
m
d
o
o
g
n
c
m
o
in
y
d
v
e
e
n
o
c
b
o
o
n
m
y
lia
g beyond c
ce moving
moving be
ompliance
n
in
c
a
yond comp
e
v
li
d
c
o
p
n
n
m
o
a
m
li
y
o
e
p
e
c
c
b
m
oving
ce
mplian
beyond
yond co
beyond co
d complian
mpliance m compliance moving
g
n
moving be
o
in
y
v
e
e
o
c
b
n
m
a
g
li
e
in
p
g
m
nc
ov
nd
beyond co
pliance m
nd complia
ance movin
oving beyo
eyond com
oving beyo
ce moving
ond compli