Gdansk International Air & Space Law Conference November 2013 Authority and Organisation Requirements “effective management systems for authorities and organisations” John Vincent Deputy Director for Strategic Safety Introduction – ICAO Annex 19 SMS (Service Providers) Safety Oversight (Authority) State’s Safety Programme (SSP) Safety data collection, analysis and exchange 2 Introduction European Level EASP P = Programme or Plan Two-way dialog SSP 1 SSP 2 Two-way dialog SMS 1 SMS 2 Two-way dialog ... SMS n SMS 1 SMS 2 State Level SSP n ... Two-way dialog ... SMS n SMS 1 SMS 2 ... SMS n Organisation Level ORGANISATIONS: Operators, Air Navigation Service Providers, Aerodromes, Maintenance, Design, Production, etc. Safety Management is done at various levels. ICF November 2013 3 EASA Rule structure – general approach Implementing Rule AR: Authority Requirements OR: Organisation Requirements SSP Subpart GEN: general general requirements requirements AMCs & GM Subpart XXX: Subpart XXX: Specific, additional requirements Specific, additional requirements AMCs & GM Requirements SMS Subpart GEN: AMCs & GM Technical AMCs & GM ICF November 2013 Subpart ABC AMCs & GM Subpart DEF AMCs & GM 4 ARs & ORs: Regulatory references access: http://easa.europa.eu/regulations/regulations-structure.php Implementing Rules related AMCs & GM amending Reg. (EU) No 290/2012 * ARA: Decision 2012/006/R* Subpart GEN to Reg. (EU) 1178/2011 FCL – MED – CC – ARs & ORs for Air Crew (FC & CC) ORA: Decision 2012/007/R* Subpart GEN Regulation (EU) No 965/2012, as last amended by Reg. 800/2013* ARO: Decision 2012/016/R* Subpart GEN Air Operations Commercial Air Transport, ORO: Decision 2012/017/R * Non-commercial CMPA Non-commercial other than CMPA Subpart GEN * Subparts GEN of the Authority and Organisation Requirements respectively are fully aligned. ICF November 2013 5 Authority Requirements Implementing Rule AR: Authority Requirements OR: Organisation Requirements SSP Subpart GEN: general general requirements requirements AMCs & GM Subpart XXX: Subpart XXX: Specific, additional requirements Specific, additional requirements AMCs & GM Requirements SMS Subpart GEN: AMCs & GM Technical AMCs & GM ICF November 2013 Subpart ABC AMCs & GM Subpart DEF AMCs & GM 6 Authority Requirements & SSP ARs do not explicitly refer to SSP ARs support implementation of EASP/SSP, in particular by focussing on the critical elements of an oversight system: •CE-3: State civil aviation system and safety oversight functions •CE-4: Technical personnel qualification and training •CE-5: Technical guidance, tools and the provision of safety-critical information •CE-6: Licensing, certification, authorisation and/or approval obligations •CE-7: Surveillance obligations •CE-8: Resolution of safety concerns. ICF November 2013 7 ARs supporting SSP implementation dedicated Section: MANAGEMENT SYSTEM ARX.GEN.200 Competent Authorities to establish management systems including: Internal audit & safety risk management ARX.GEN.205 Procedures for allocation of tasks to qualified entities: control of ‘contractors’ ARX.GEN.210 Management of changes in the management system and information to the Agency ARX.GEN.220 Record keeping requirements: Storage, accessibility and traceability Register of approved organisations April 20 8 ARs supporting SSP implementation OVERSIGHT, CERTIFICATION, ENFORCEMENT ARX.GEN.300(c) The scope of oversight shall consider safety priorities (as per SSP – EASP) ARX.GEN.300(d) Oversight shall not be limited to the organisations the authority has certified – link with safety priorities ARX.GEN.300(e) Authorities may agree to share audits when the activity of an organisation involves more than one Member State ARX.GEN.300 (c) The 24-month oversight cycle to be extended (max: 48 months) or reduced depending on the safety performance of the organisation ARX.GEN.330 Changes to the organisation: The scope of changes not requiring prior authority approval will depend on the maturity of the organisation’s management system April 20 9 OVERSIGHT: consider Risk & Performance Prioritisation of oversight Significant Risks identified Occurrences April 20 Audit & inspection results EASp Etc… 10 OVERSIGHT: consider Risk & Performance It is all about monitoring and Significant Risks identified managing safety performance Prioritisation of oversight Audit programme (frequency) Inputs (occurrences etc…) April 20 Audit programme (depth) Mgt. of changes Safety performance/maturity of the organisation 11 Authority Requirements - Key points Common, generally applicable requirements adopted for Aircrew and Air Operations set the standard for other areas Authority Requirements • • • • mirror relevant organisation requirements require a management system for competent authorities support the implementation of EASP without explicitly regulating SSP aim towards enhanced efficiency: • optimal use of authority resources • cooperation / exchange of information between authorities & with the Agency • risk & performance based oversight Existing rules will be aligned with these Part-ARX requirements ICF November 2013 12 Organisation Requirements Implementing Rule AR: Authority Requirements OR: Organisation Requirements SSP Subpart GEN: general general requirements requirements AMCs & GM Subpart XXX: Subpart XXX: Specific, additional requirements Specific, additional requirements AMCs & GM Requirements SMS Subpart GEN: AMCs & GM Technical AMCs & GM ICF November 2013 Subpart ABC AMCs & GM Subpart DEF AMCs & GM 13 SMS ./. Management system There is no requirement to implement an SMS, but a requirement to implement a management system with specific features. This is aligned with the essential requirements of the Basic Regulation (see Annex I Art. 3.a.2). ‘The organisation must implement and maintain a management system to ensure compliance … and aim for continuous improvement of the system.’ Existing management systems within the scope of Reg. (EC) 2042/2003 mainly focus on compliance (quality system) ICF November 2013 14 Organisation Requirements - SMS EASA approach – main features Total system approach •Same general management system features for all approved organisations, with the same core requirements Integrated approach •A holistic approach to management will result in more effective operations and safety management. Proportionality •The management system shall correspond to the size, nature and complexity of the organisation. Flexibility •Allow the use of alternative means of compliance by placing implementation aspects at AMC level. Authority and Organisation Requirements ICF November 2013 15 Existing management system & SMS Safety Risk Management Safety Assurance Safety Policy and Objectives Human Resources SMS Facilities Documentatio n & records Compliance monitoring Safety Promotion Contracting Management System Finance & Budget ICF November 2013 16 ICF November 2013 Contracting Facilities Safety Promotion & Training Human Resources Doc. & records Safety Assurance Compliance monitoring Safety risk management Safety policy and objectives Finance & Budget Integrated approach to management Management System 17 Part-ORX Subpart GEN Section II “Management System” Paragraph Title ORX.GEN.200 Management system ORX.GEN.205 Contracted activities ORX.GEN.210 Personnel requirements ORX.GEN.215 Facility requirements ORX.GEN.220 Record-keeping ICF November 2013 18 Management System requirements core elements clearly defined lines of responsibility and accountability safety policy identification of aviation safety hazards evaluation and the management of associated risks, mitigate the risk and verify effectiveness; maintaining personnel trained and competent management system documentation “The management system shall correspond to the size of the organisation and the nature and complexity of its activities, taking into account the hazards and associated risks inherent in these activities.” ICF November 2013 19 From ‘Quality system’ to ‘Management system’: Some new obligations for the organisation: (1) Review the safety policy to ensure it addresses all new elements related to safety management. (2) Identify a person who will fulfil the role of safety manager (3) Establish a Safety Review Board (complex organisations) (4) Implement the new safety management processes: • hazard identification, • risk assessment and mitigation, • performance monitoring, etc…. (5) Document the new safety management processes. (6) Extend the scope of internal auditing to the new processes. (7) Keep records of the output of those new processes. (8) Plan for emergencies « Emergency Response Planning ». ICF November 2013 20 Organisation Requirements - Key points SMS is addressed as part of the Section A Organisation Requirements in a dedicated rule § ‘Management System’ and related AMCs/GM. These organisation requirements: •build upon the existing quality system provisions •address all elements of the ICAO SMS framework •are compatible with existing management systems They ‘set the standard” for implementing SMS in the other areas within the Agency’s remit. •total system approach •encourage integrated management •provide flexibility & proportionality ICF November 2013 21 Thank you for your attention! Questions?