Intro to SMS
advertisement
Introduction to Safety Management System (SMS) Federal Aviation Administration Flight Standards and Industry Roles Presented By: Flight Standards Service Federal Aviation Administration Downloaded from www.avhf.com SL-1 Agenda •Overview •Safety Fundamentals & Case for SMS •SMS Fundamentals - Overview •Policy Component •Safety Risk Management Component •Safety Assurance Component •Safety Promotion Component •Standards, Tools and Implementation Federal Aviation Administration Downloaded from www.avhf.com SL-2 Federal Aviation Administration Overview Federal Aviation Administration Downloaded from www.avhf.com SL-3 What SMS is not and what it is… What it isn’t: What it is: A substitute for compliance Compliance is integral to safety management A substitute for oversight An effective interface for safety management A replacement for system safety SMS completes the systems approach A requirement for a new department A set of decision making processes for senior and line management Federal Aviation Administration Downloaded from www.avhf.com SL-4 What is safety? • Freedom from harm (Dictionary def’n.) • Safety is not equivalent to risk free (U.S. Supreme Court, 1980) • “Risk management” is a more practical term than “safety.” (Jerome Lederer ~1928) • Carelessness and overconfidence are more dangerous than deliberately accepted risk (Wilbur Wright, 1901) • Practical safety is risk management Federal Aviation Administration SL-5 Definition of Safety “Safety is the state in which the risk of harm to persons or property is reduced to, and maintained at or below, an acceptable level through a continuing process of hazard identification and risk management” ICAO Doc 9859 Federal Aviation Administration SL-6 3- Minute SMS Introduction Video Example Safety Promotion Video Federal Aviation Administration SL-7 Safety Management Systems “SMS” A systemic approach to managing safety, including the necessary organizational structures, accountabilities, policies and procedures. ICAO Doc. 9859 Federal Aviation Administration SL-8 SMS Purpose and Methods • Safety management systems provide a systematic way to control risk and to provide assurance that those risk controls are effective • The SMS gives the certificate holder a formal means of meeting statutory safety requirements (title 49) and the FAA a means of evaluating management capability Federal Aviation Administration SL-9 System Safety • "The application of special technical and managerial skills in a systematic, forward looking manner to identify and control hazards throughout the life cycle of a project, program, or activity" (Roland & Moriarty, 1990) • Traditional approach concentrates on technical • SMS adds emphasis on management elements Federal Aviation Administration SL-10 SMS, ATOS, SAS, and QMS Does SMS =ATOS=SAS? • SMS – Management system – Only service provider can manage • ATOS – Oversight system – Used to meet regulator responsibilities Does SMS = QMS? • Same principles but different objectives • QMS Objective – Customer satisfaction • SMS Objective – Aviation safety • SAS – Safety Assurance System – FAA-Future-State system safety oversight across 14CFR parts (121, 135, 145) Federal Aviation Administration SL-11 ICAO Annex 6 • “From 1 January, 2009, States shall require, as part of their safety programme, that an operator implement a safety management system acceptable to the State of the Operator…” • The U.S. has filed a difference with ICAO • Currently, there are no FAA authorized procedures to accept of approve Service Providers’ SMS’s Federal Aviation Administration SL-12 ICAO: State’s “safety programme” • Definition: – An integrated set of regulations and activities aimed at improving safety. – Includes SMS requirements for aviation service providers • The AVSSMS is the U.S. safety program – FAA Oversight • Regulations, Standards & Policy • Assurance (ex; Certification, Surveillance, etc.) – Service Provider SMS Requirements Federal Aviation Administration SL-13 ICAO State Safety Programme (SSP) SSP Framework •Annex 6 •ICAO Doc 9859: Safety Management Manual (SMM) SMS Framework FAA Aviation Safety (AVS) Safety Program=AVS SMS Internal (FAA SMS) •Order 8000.369; FAA SMS Guidance •VS8000.367; Requirements Doc External (Service Provider SMS) Flight Standards AVS LOB’s SSP & FAA Oversight •AC 120-92; SMS Standard •Developmental Guidance Air Operators’/ Service Providers’ SMS Federal Aviation Administration SL-14 Clarifying the “3 R’s”: FAA’s Safety Management (Oversight) (SAS) Operator’s Safety Management System (External SMS) Roles, Responsibilities and Relationships: •FAA •Service Providers Operational Process Federal Aviation Administration SL-15 Federal Aviation Administration Safety Fundamentals & Case for SMS Federal Aviation Administration Downloaded from www.avhf.com SL-16 What is the Fundamental Objective of a Business Organization? To achieve its production objectives! Federal Aviation Administration Downloaded from www.avhf.com SL-17 The Business Case • Aviation organization management requires managing many business processes. • Safety management is a core business function just as financial management, HR management, etc. • This constitutes a management challenge. Federal Aviation Administration SL-18 Protection and Production • Safety Requirements – Title 49 USC…44702 “…the duty of an air carrier to provide service at the highest level of safety in the public interest” • Economic Requirements – [Proposed operation must be] “…consistent with public convenience and necessity” – [Company must be] “…fit, willing and able to provide the service proposed” Federal Aviation Administration SL-19 Safety Space Protection Financial Management Bankruptcy Unrocked Boat Safety Management Catastrophe Production Life of the system Federal Aviation Administration Downloaded from www.avhf.com SL-20 Safety Management System • Infuses safety into all parts of the system – – – – – – People Tools Procedures Materials Equipment Software Management levels Protection Production • To maintain the balance of production and protection Federal Aviation Administration SL-21 Accidents and Incidents Cost! Direct costs • Loss of aircraft • Injuries to or death of flight crewmembers, passengers • Insurance deductibles • Costs not covered by insurance Indirect costs • Loss of use of equipment • Loss of staff – Involved in accident issues – Lower productivity • • • • Investigation & clean-up Legal claims Fines Misplaced/stranded passengers • Negative media exposure Federal Aviation Administration SL-22 Ramp Damage Has Big Price Tag For Airlines Aileron & Tab Assembly $183,545 Outboard Flap Assembly $255,845 Parts prices only Elevator Assembly $264,708 Inboard Flap Assembly $224,872 Cargo Door $58,327 Main Entry Door $171,220 L.E. Slat Assembly $52,863 Radome $19,712 Wingtip Assembly $28,872 TAT Probe $6,583 AOA Vane $4,300 Pitot Static Probe $5,157 Side cowl $161,407 Inlet Cowl $329,203 Inlet Cowl Segment $5,151 8 Federal Aviation Administration Downloaded from www.avhf.com SL-23 Income lost Event Direct Indirect Catering truck hits airplane $17,000 $230,000 Jetway hits airplane $50,000 $600,000 $1,900,000 $4,800,000 Landing event Source: USAir/America West Airlines Federal Aviation Administration SL-24 Accidents Cost Small Operators, Too Claim Flight Training Fixed Wing Air Operation Taxi Operation Helicopter Air Taxi Forced landing (aircraft destroyed) $150,000 $300,000 $900,000 Propeller makes contact with object on ground $20,000 $30,000 $150,000 $5,000 $10,000 $35,000 $500-1,400 $3-5,000 $8-10,000 Hangar Rash Flight cancellation per day Federal Aviation Administration SL-25 … Technical Factors Human Factors1949 British Comet Organizational Factors 1954 Boeing Federal Aviation Administration Downloaded from www.avhf.com SL-26 Traditional approach – Preventing accidents • • • • Focus on outcomes (causes) Unsafe acts by operational personnel Attach blame/punish for failures to “perform safely” Address identified safety concern exclusively Identifies: WHAT? WHEN? WHO? But not always discloses: WHY? HOW? Federal Aviation Administration Downloaded from www.avhf.com SL-27 Human Error and Operations • Human error: a contributing factor in most aviation occurrences. • Even competent personnel commit errors. • Errors are a normal component of any system where humans and technology interact. Federal Aviation Administration Downloaded from www.avhf.com SL-28 Context and outcomes Causes and consequences of operational errors are not linear in their magnitude Source: ICAO SMM Federal Aviation Administration Downloaded from www.avhf.com SL-29 Types of Errors (Active Failures) • Perception Errors – “I didn’t see it,” or “I didn’t notice the difference…” • Memory Lapses – “I forgot to do it…” • Slips – “I didn’t mean to do that…” • Wrong Assumption – “I assumed that the situation was different…” Alan Hobbs, ATSB (2008) Federal Aviation Administration SL-30 Errors (cont.) • Technical Misunderstandings – “I tried to do it right but I didn’t understand what I had to do…” • Procedure Violations – “Nobody follows that procedure here….” – “We can’t get the job done if we do all that…” Alan Hobbs, ATSB (2008) Federal Aviation Administration SL-31 Organizational Accidents Organizational processes Workplace conditions Latent conditions Active failures Defenses Federal Aviation Administration Downloaded from www.avhf.com SL-32 Organizational Culture Values Professional Norms National Culture Psychological •Laws/Regulations •Industry Standards System/ Environment •Industry Norms •Business Relations •Markets Behavioral Outcomes Practices Federal Aviation Administration Downloaded from www.avhf.com SL-33 Safety Management Strategies Reactive (Past) Proactive (Present) Predictive (Future) Responds to events that have already happened, such as incidents and accidents Actively seeks the identification of hazardous conditions through the analysis of the organization’s processes Analyzes system processes and environment to identify potential future problems Federal Aviation Administration Downloaded from www.avhf.com SL-34 Federal Aviation Administration SMS Fundamentals Federal Aviation Administration Downloaded from www.avhf.com SL-35 SMS Concepts • Applying Risk Management • Assuring Safety Risk Controls • Oversight of Design and Performance of Systems – Design Assurance • Using Assessment tools – Performance Assurance • Using Assessment tools Federal Aviation Administration SL-36 SMS Concepts: Risk Management • Understanding the system and environment • Identifying hazardous conditions • Assessing risk • Applying risk controls Federal Aviation Administration SL-37 SMS Concepts: Assurance • Assurance: “something that gives confidence”1 • Quality assurance: “... focused on providing confidence that quality requirements are being met”2 • Likewise, Safety Assurance relates to safety requirements 1 Black’s Law Dictionary 2 ISO 9000-2000 Federal Aviation Administration SL-38 SMS Components (“Pillars”) Policy: (Structure) Risk Safety Assurance Mgmt. Safety Promotion: (Culture) Federal Aviation Administration Downloaded from www.avhf.com SL-39 The 4 SMS Components Policy (Structure) Risk Management Safety Assurance Safety Promotion 1. Policy • All management systems must define policies, procedures, and organizational structures to accomplish their goals. • Policy establishes the structure of the SMS. Federal Aviation Administration SL-40 The 4 SMS Components Policy (Structure) Risk Management Safety Assurance Safety Promotion 2. Safety Risk Management. • A formal system of hazard identification, analysis and risk management is essential in controlling risk to acceptable levels. Federal Aviation Administration SL-41 The 4 SMS Components Policy (Structure) Risk Management Safety Assurance Safety Promotion 3. Safety Assurance. • Once controls are identified, the SMS must assure they are continuously practiced and continue to be effective in a changing environment. Federal Aviation Administration SL-42 The 4 SMS Components Policy (Structure) Risk Management Safety Assurance Safety Promotion 4. Safety Promotion. • The organization must promote safety as a core value with practices that support a positive safety culture. Federal Aviation Administration SL-43 Safety Risk Management (SRM) and Safety Assurance (SA) Workflow SRM SA System Description System Operation Hazard Ident Data Acquisition & Process Specific Information Risk Analysis Analysis (RCA) Analysis Risk Assmt System Assmt Assessment Risk Control Corrective Action Design Performance Downloaded from www.avhf.com Description & Context Action: Problem Resolution Federal Aviation Administration SL-44 Oversight and SMS FAA Oversight Program Management DA PA Protection FAA’s Safety Management (Oversight) (SAS) Production Technical Program Requirements •Systems •Subsystems •Elements Surveillance S R M Cert S A Operator’s Safety Management System Operational Process Public: Users C.O.S. Federal Aviation Administration Downloaded from www.avhf.com SL-45 1 National Aviation System Level 2 Service Provider/Organizational Level 3 Individual (Airman/Aircraft) Level Federal Aviation Administration Downloaded from www.avhf.com SL-46 Policy: QMS Regs./Policy 1 FAA SRM(S) FAA SA(S) Strategic Analysis 2 DA FAA SA S R M CH SRM PA S A 3 FAA SA Designee System SAS Public Users SMS Education & Awareness of Risk (GA) FAA SP Airmen & Aircraft Downloaded from www.avhf.com Federal Aviation Administration SL-47 AVS SMS = FAA Safety Programme FAA Internal SMS (SSP & Oversight) External SMS Flight Standards Air Operators/ Service Providers Policy Policy Safety Risk Management Safety Assurance Safety Promotion FAA Act 44702 CFR’s (aka FAR’s) Field Divisions (Oversight) Safety Risk Management Safety Assurance Design Assurance (Certification, SAS Prgrm. Apprvl./Accept., Cert. Mgt) Safety Promotion Performance Assurance (Surveil., Plus) Federal Aviation Administration SL-48 Safety Management System Provides a systematic way to: 1. Identify hazards and control risk 2. Provide assurance that risk controls are effective Policy (Structure) Safety Risk Managemen t Safety Assurance Safety Promotion (Culture) Federal Aviation Administration SL-49 Federal Aviation Administration SMS Details: Policy Component Federal Aviation Administration Downloaded from www.avhf.com SL-50 SMS Policy • Establishes management commitment and objectives – what the management wants • Sets up framework of organizational structures, accountabilities, plans, procedures, and controls to meet objectives Federal Aviation Administration SL-51 Management Responsibility • Managers should manage safety in the same way that they manage other areas of the business • Safety management involves judgment, assessing priorities, and making decisions – like all management decision making Federal Aviation Administration SL-52 Top Management Involvement Top management stimulates a healthy safety environment • Visible, personal involvement of top management • Setting safety goals and objectives as policy • Allocation of resources to meet safety goals • Clear communication AC 120-92, App. 1 Federal Aviation Administration SL-53 Objectives of the Policy Component Top Management will: • Implement an integrated, comprehensive SMS for entire organization • Define a safety policy and set safety objectives • Define roles, responsibilities, and authorities throughout the organization • Appoint a member of management to implement and maintain the SMS Federal Aviation Administration SL-54 Policy: Other Responsibilities • Emergency response – Develop and implement procedures to respond to accidents and incidents • Control of Documents and Records: – Have a clearly defined document maintenance process – Implement and maintain a safety management plan Federal Aviation Administration SL-55 Safety Policy Requirements: • Commitment to: – – – – Implement an SMS Continually improve safety Manage safety risk Comply with statutory & regulatory requirements • Establish clear standards of acceptable behavior • Documented • Communicated • Periodically reviewed Federal Aviation Administration SL-56 Organizational Structure • Top management with ultimate authority and responsibility • Top management requirement to provide resources • Defined lines of supervision and control • Defined safety responsibilities for all employees • Designated management official to ensure effectiveness of SMS (e.g. DOS) Federal Aviation Administration SL-57 Accountability Defined Accountability = Obligation or willingness to account for one’s actions A SMS shall clearly define lines of safety accountability throughout the provider organization, including direct accountability for safety on the part of senior management. ICAO Doc. 9859 Federal Aviation Administration SL-58 Accountability vs. Liability • SMS promotes an environment that stimulates open reporting • This includes and active involvement of all personnel, starting with top management in safety problem-solving • Barring negligence or deliberate disregard for safety, SMS does not promote blame for error Federal Aviation Administration SL-59 Management Functions Managers must be actively and personally involved in: • Planning: Setting clear goals, guidelines, standards, and timelines for safety • Organizing: Providing clear lines of management and supervisory responsibility, control and communication • Directing: Allocation of resources needed for accomplishment of safety goals • Controlling: Personal involvement in assurance of safety goals and objectives Federal Aviation Administration SL-60 System Attributes Processes must have safety requirements built into their design. a) Responsibility: accountable for quality of activities b) Authority: power to accomplish required activities c) Procedures: clear instructions for members of the organization d) Controls: supervisory controls on processes to ensure activities produce the correct outputs Federal Aviation Administration SL-61 System Attributes In addition, there are process measures and interfaces. e) Process Measures: measurement of both processes & their products f) Interfaces: Recognizing interrelationships between individuals and organizations within the company as well as with contractors, vendors, customers, and other organizations Federal Aviation Administration SL-62 System Attributes in Management • The six attributes are the essence of management: – Planning: Procedures – Organizing: Procedures, Responsibilities & Interfaces – Directing: Responsibilities & Authority – Controlling: Process Measures & Controls • Now also documented in the ICAO SMM Federal Aviation Administration SL-63 SMS Documentation • System documentation conveys management expectations and work instructions to employees • May be a stand-alone manual or integrated into existing documentation systems Federal Aviation Administration SL-64 Federal Aviation Administration SMS Details: Data Quality Federal Aviation Administration Downloaded from www.avhf.com SL-65 Decision Making: Data, Analysis, and Assessment • Reports (Facts): what exists or is happening now • Inferences (Interpretations) – What’s likely to happen in the future, based on what’s happening now – Conclusions based on facts • Judgments: value, quality assessments (e.g. good, bad, acceptable, unacceptable) of what is or will exist or happen Federal Aviation Administration SL-66 Example: • Facts (Conditions): – – – – Duty day is 14 hours Flight schedule is 8 hours Flights have 10 legs, 10 IFR approaches Flights are legal (within regs.) • Inference (Hazard): – Crew fatigue will probably result • Inference (Risk analysis): – Likelihood of crew errors will increase • Judgment (Risk Assessment): – Unacceptable risk Federal Aviation Administration SL-67 Attributes of Data and Measures • Validity: – Does the data/measure address the subject desired? – Does it only address the subject desired? – How completely does it cover the subject desired? • Reliability: – Are data points about the same thing comparable? – Are data points collected by different observers comparable? Data and measures must be reliable to be valid but reliable data is not always valid Training and careful preparation of tools can increase reliability of data Federal Aviation Administration SL-68 Federal Aviation Administration SMS Details: Safety Risk Management Component Federal Aviation Administration Downloaded from www.avhf.com SL-69 Definitions Safety management systems provide a systematic way to control risk and to provide assurance that those risk controls are effective. Safety Risk Management is a formal system of hazard identification, analysis and risk management essential in controlling risk to acceptable levels. Federal Aviation Administration SL-70 Levels of Risk Management • Process Risk Management – Policy (What) – Procedure (How) – Controls • Operational Risk Management – Operational Control (Flight/Task/Mission) – Crew/Team (Real time decision making) Federal Aviation Administration SL-71 System Description System Description Hazard Identification What is System & Task Analysis? • It is a system design function. • It is a predictive method of hazard identification. • It is the foundation for sound safety analysis. Risk Analysis Risk Assmt When is it used? Risk Control • Used during implementation phases of SMS. • Used in conjunction with all operational changes. Who uses System & Task Analysis?: • Personnel within the organization who form an appropriately diverse team: – Stakeholders ICAO Doc. 9859 – Subject Matter Experts Federal Aviation Administration SL-72 SRM System Description System Description Facts Processes Hazard Identification Activities Workplace Conditions: e.g. System Factors & Attributes Risk Analysis Risk Assmt Variable Human Performance • Equipment • Information (Procedures) • Facilities • Phys. Envir. • Other Proc. (Interfaces) • Training • Supv./Mgmt. (Controls) • …. Risk Control Federal Aviation Administration Downloaded from www.avhf.com SL-73 Typical Workplace Conditions • Equipment: Human-Machine Interface, Facilities • Operators: Individual performance • Crew/team performance • Organizational culture • Company/regulator factors Strauch, Barry (2004). Investigating Human Error Federal Aviation Administration SL-74 Process (System) Attributes • Responsibility • Authority • Procedures • Controls • Process Measures • Interfaces Federal Aviation Administration SL-75 Conditions Related to Error • Time pressure • Procedures and documentation • Teamwork/documentation • Shift turnovers/crew briefings • Group norms • Fatigue management (shifts/circadian problems) Alan Hobbs, ATSB (2008) Federal Aviation Administration SL-76 Conditions Related to Error (cont.) • Lack of System Knowledge • Equipment/facilities • Human-machine interface (e.g. design for maintainability) Federal Aviation Administration SL-77 Activities and Conditions: Deicing Activities/Tasks and Actors Workplace Conditions What and Who System and Environment Select type of fluid (Check holdover time) Day/Night Precipitation/cold Position at Aircraft Employee demographics Communicate with crew Apply Fluid Depart Ramp Area Federal Aviation Administration SL-78 Hazard Identification System Description Hazard Identification A hazard is any real or potential condition… Risk Analysis that can result in injury, illness, or death to people; damage to, or loss of, a system (hardware or software), equipment, or property; and/or damage to the operating environment. Risk Assmt Risk Control ICAO Doc. 9859 Federal Aviation Administration SL-79 SRM Hazard Identification from Workplace Conditions System Description Hazard Identification Processes Activities Workplace Conditions: e.g. System Factors & Attributes Risk Analysis Risk Assmt • Equipment • Information (Procedures) • Facilities • Phys. Envir. • Other Proc. (Interfaces) • Training • Supv./Mgmt. (Controls) • …. Deficient Conditions impacting activities = Risk Control Inference Variable Performance Causing… Active Failures Hazards Resulting in… Consequences Federal Aviation Administration Downloaded from www.avhf.com SL-80 Risk Analysis System Description Important to distinguish between: Hazard Identification Risk Analysis Hazard – a condition Risk Assmt Consequence – result Risk Control Risk – likelihood & severity of the consequence Analyzing risk involves the consideration of both the likelihood and the severity of any adverse consequences. ICAO Doc. 9859 Federal Aviation Administration SL-81 SRM From Hazard to Risk System Description Hazard Identification Deficient Conditions impacting activities = Variable Performance Hazards Causing… Risk Analysis Risk Assmt Risk Control Resulting in… Active Failures Consequences L ikelihood S everity Risk Judgment Risk Federal Aviation Administration Downloaded from www.avhf.com SL-82 Failures and Consequences Active failures Potential Consequences Direct results of conditions (e.g. accident/incident severity) Incorrect Fluid Type Take-off accidents due to ice Hold-over time too long Incomplete deicing Federal Aviation Administration SL-83 Risk Analysis Risk is the composite of the predicted likelihood or probability and the severity of each possible consequence of each identified hazard. Hazard Intolerable Active Failure Tolerable Consequence Acceptable Probability Severity Risk Level Adapted from ICAO Doc. 9859 Federal Aviation Administration SL-84 Risk Assessment Risk assessment determines the level of risk to use in making a bottom line decision. System Description Hazard Identification Risk Analysis Risk Assmt Risk Control Risk Likelihood Risk Severity Catastrophi c Hazardo us A B Major Minor Negligible C D E Frequent 5 5A 5B 5C 5D 5E Occasional 4 4A 4B 4C 4D 4E Remote 3 3A 3B 3C 3D 3E Improbable 2 2A 2B 2C 2D 2E Extremely improbable 1 1A 1B 1C 1D 1E A risk matrix is a tool used for risk assessment. It can vary in form yet it accomplishes the same purpose. Federal Aviation Administration SL-85 Risk Control = Risk Mitigation System Description Hazard Identification A major component of any safety system is the defenses (controls) put in place to protect people, property or the environment. Risk Analysis Risk Assmt Risk Control These defenses are used to reduce the likelihood or severity of the consequences associated with any given hazard or condition. ICAO Doc. 9859 Federal Aviation Administration SL-86 SRM Risk Control/Mitigation System Description Hazard Identification Processes Activities e.g. System Factors & Attributes Risk Analysis Risk Assmt Risk Control Workplace Conditions: Variable Human Performance • Equipment • Information (Procedures) • Facilities • Phys. Envir. • Other Proc. (Interfaces) • Training • Supv./Mgmt. (Controls) • …. Risk Controls Federal Aviation Administration Downloaded from www.avhf.com SL-87 Risk Control Order of Precedence: System Description Hazard Identification 1. Modify the system (design hazard out) 2. Physical guards or barriers Risk Analysis Risk Assmt 3. Warnings or alert signal Risk Control 4. Administrative controls • Procedures • Training Federal Aviation Administration SL-88 Federal Aviation Administration SMS Details: Safety Assurance Component Federal Aviation Administration Downloaded from www.avhf.com SL-91 SMS Concepts: Assurance • Assurance: “something that gives confidence”1 • Quality assurance: “... focused on providing confidence that quality requirements are being met”2 • Likewise, Safety Assurance relates to safety requirements 1 Black’s Law Dictionary 2 ISO 9000-2000 Federal Aviation Administration SL-92 SM Strategies – Intervention Levels & Tools Safety management levels Baseline performance Predictive System Analysis Design Assessment Highly efficient Proactive Reactive Surveys Audits Performance Assessment Very efficient “Practical drift” Reactive Organization ASRS SDR Efficient Accident and incident reports Insufficient Desirable management levels Federal Aviation Administration Downloaded from www.avhf.com SL-93 Safety Assurance Functions: • Collect and analyze information to determine that process requirements are continuously being met. • Assess performance and effectiveness of risk controls. • Works in partnership with Risk Management. AC 120-92 Federal Aviation Administration SL-94 S.A. is similar to Q.A. • QA focuses on product conformity & customer satisfaction on a continuous basis. • SA ensures that risk controls, once designed and put to place, perform in a way that continue to meet their safety objectives. • Integration of management systems may be beneficial. AC 120-92 Federal Aviation Administration SL-95 S.A. & Q.A.: “Once controls are in place, quality management techniques can be used to provide a structured process for ensuring that they achieve their intended objectives and, where they fall short, to improve them.” AC 120-92 Federal Aviation Administration SL-96 System Operation System Operation Data Acquisition & Process Written documentation to describe: Analysis System Assmt Who, What, When, Where, Why, How Preventive/ Corrective Action The system operation includes: 1) Monitoring of risk controls during operations; 2) System description, including risk controls added during SRM which form the basis for SA functions such as audits and analysis. AC 120-92 Federal Aviation Administration SL-97 System Operation Data Acquisition & Process Data Acquisition & Process Information Sources Analysis 1. Continuous Monitoring 2. Internal Audits System Assmt Preventive/ Corrective Action 3. Internal Evaluation 4. External Audits 5. Investigations 6. Employee Reporting Systems AC 120-92 Federal Aviation Administration SL-98 Continuous Monitoring System Operation Where SRM and SA interface - risk controls Data Acquisition & Process Analysis Line managers of operational departments: • Accomplish continuous monitoring of day-to-day activities & processes System Assmt Preventive/ Corrective Action • Have direct responsibility for process control • Must ensure that processes in their areas function as designed. Federal Aviation Administration Downloaded from www.avhf.com SL-99 Continuous Monitoring - Operational Data Sources • Flight dispatch records • Flight schedules • Financial data • Crew schedules and records • Warranty return reports • Aircraft discrepancy reports • Flight cancellation and delay reports Federal Aviation Administration SL-100 Internal Audits System Operation The day-to-day responsibility for safety management rests with those who “own” the technical processes. Data Acquisition & Process Analysis System Assmt Preventive/ Corrective Action This is where: • deficiencies in processes contribute to risk • audits provide feedback to process owners • direct supervisory control and resource allocation can help to maintain effectiveness of risk controls Federal Aviation Administration Downloaded from www.avhf.com SL-101 Internal Audits Continued System Operation Data Acquisition & Process • Performed by each department. • Department Director/Manager is responsible. Analysis System Assmt • Regularly scheduled Preventive/ Corrective Action • Include contractors & vendors • Determine: – Conformity with safety risk controls – Performance of safety risk controls – Performance to meet business objectives • Deficiencies always get action! AC 120-92 Federal Aviation Administration SL-102 Internal Evaluation System Operation • Performed by a functionally independent person or organization (e.g. QA, Safety) Data Acquisition & Process Analysis System Assmt • A process-oriented control function Preventive/ Corrective Action • Backs up the internal audit function • Uses sampling to validate SA processes Federal Aviation Administration SL-103 External Audits System Operation Data Acquisition & Process Analysis Conducted by: System Assmt • Code-share partners • Industry organizations (e.g. C.A.S.E.) Preventive/ Corrective Action • Third parties: consultants • The regulator (FAA) = “Safety Oversight” Federal Aviation Administration SL-104 System Operation Safety investigations • For continuity – put the event behind us Data Acquisition & Process Analysis – To put losses behind – To reassert trust and faith in the system System Assmt Preventive/ Corrective Action – To resume normal activities – To fulfil political purposes • For improved system reliability – To learn about system vulnerability – To develop strategies for change – To prioritize investment of resources Federal Aviation Administration Downloaded from www.avhf.com SL-105 Employee Reporting System Operation • Employee safety reporting & feedback system is required. Data Acquisition & Process Analysis System Assmt • Must provide confidentiality. • Employees must be encouraged to use the system. Preventive/ Corrective Action • Data may identify emerging hazards. • Data must be included in analysis. AC 120-92, App. 1 Federal Aviation Administration SL-106 Analysis System Operation Data Acquisition & Process • To be useful, information must be made understandable. Analysis System Assmt • Analysis is used to determine effectiveness of: Preventive/ Corrective Action 1. Risk controls in the organization’s operational processes, and 2. the SMS. AC 120-92 Federal Aviation Administration SL-107 Types of analysis System Operation Data Acquisition & Process • Against criteria/objectives Analysis • Compared to norms System Assmt • Patterns from multiple data points Preventive/ Corrective Action • Trends over time – “Trends” is one of the most misused term in analysis – Must have stable, reliable measures at each time sample for a valid trend Federal Aviation Administration SL-109 Attributes of Data and Measures • Validity: – Does the data/measure address the subject desired? – Does it only address the subject desired? – How completely does it cover the subject desired? • Reliability: – Are data points about the same thing comparable? – Are data points collected by different observers comparable? Data and measures must be reliable to be valid but reliable data is not always valid Training and careful preparation of tools can increase reliability of data Federal Aviation Administration SL-110 System Assessment System Operation • Are objectives being met? (“Happy loop”) • Risk controls failing due to: – – – – Lack of supervision Lack of resources Lack of training Poor job aids Data Acquisition & Process Analysis System Assmt Preventive/ Corrective Action • New Hazard/failed Risk Controls (redesign - back to SRM) • Prioritize according to safety criticality (triage) Federal Aviation Administration SL-111 Preventive/Corrective Actions System Operation • Revised policies Data Acquisition & Process • New procedures Analysis • Equipment changes System Assmt Preventive/ Corrective Action • Enhanced training • Schedule changes • Assignment of responsible persons Federal Aviation Administration SL-112 Management Review Top management will conduct regular reviews of the SMS, including: • The outputs of SRM & SA • Lessons learned • Need for changes Federal Aviation Administration SL-113 Continuous Improvement The organization shall continuously improve the effectiveness of the SMS through: • Safety and Quality Policies • Safety Objectives • Audit & Evaluations • Analysis of Data • Corrective and Preventive Actions • Management Reviews AC 120-92 Federal Aviation Administration SL-114 Federal Aviation Administration SMS Details: Safety Promotion Component Federal Aviation Administration Downloaded from www.avhf.com SL-115 Promotion: Definition Safety promotion = a combination of: • Safety Culture, • Training and • Knowledge Sharing activities that support the implementation and operation of SMS in an organization Organizations must promote safety as a core value with practices that support a positive safety culture. AC 120-92, App. 1 Federal Aviation Administration SL-116 Culture Management Employees Communication Informed: People understand the hazards & risks Learning: The company learns from mistakes. Staff are updated on safety issues by management. Just: Employees know what is acceptable & unacceptable behavior. Reporting: All personnel freely share critical safety information. AC 120-92 Federal Aviation Administration SL-117 What gets communicated upward? 4% Problems known to top management 9% Problems known to middle management 74% Problems known to supervisors 100% Problems known to rank and file MX personnel Source: Yoshida, Shuichi, 2nd Intl Quality Symposium, 1989 Federal Aviation Administration Downloaded from www.avhf.com SL-118 To Support a Sound Safety Culture: 1. Senior management commitment 2. Senior management visibility 3. Safety accountability framework 4. Safety policy, goals, objectives, standards, and performance 5. Effective employee safety reporting system 6. Safety information system 7. Resource commitment Federal Aviation Administration SL-119 Training and Communication! • Employees must understand the SMS • Employees benefit from safety lessons learned • Explain why particular actions are taken • Develop awareness of hazards • Foster open reporting of safety concerns • Initial and ongoing training Example Safety Promotion Video Federal Aviation Administration SL-120 Personnel Competencies and SMS Training • Identification of competency requirements • Selection and hiring criteria and standards • Training • Skill competency – Initial training – Recurrent training – Continuous communication Federal Aviation Administration SL-121 ISD Processes SMS Processes Analyze SRM: System/ Task Description & Analysis Design Develop •Safety Critical Job Tasks •Competencies (KSA’s, etc) •Target audience characteristics •Training Tasks •Qualification Standards (SRM risk Control) •Courseware •Medium •Lessons, Exercises, Activities •Tests, Evaluations SA: Monitoring Implement Evaluate •Training Delivery •Records •Testing/Qualifying SA: Assessment •Student Evaluation/critique •Instructor Critique •OJT & performance observations Federal Aviation Administration Downloaded from www.avhf.com SL-122 Commitment to SMS •Documents alone will not guarantee development of a positive safety culture. •Employees must see evidence of management commitment to SMS. Management Attitudes & Actions = the most important factor. ICAO Doc. 9859 Federal Aviation Administration SL-123 Federal Aviation Administration SMS Guidance, Tools and Implementation Federal Aviation Administration Downloaded from www.avhf.com SL-124 SMS Guidance and Tools • • • • • ICAO Doc 9859: Safety Management Manual (SMM) FAA Order 8000.369: FAA SMS Guidance Order VS 8000.367: AVS Requirements Document SMS Standard: AC 120-92 Appendix 1 Voluntary Implementation Guidance (Multiple Docs) Federal Aviation Administration SL-125 ICAO and FAA SMS Framework Policy (Structure) Safety Risk Managemen t Safety Assurance Elements: 3.1 Safety Performance Monitoring & Measurement •Elements: Process 3.1.1 Continuous monitoring •2.1 Process Internal audits operational depts. Hazard3.1.2 identification andby analysis Elements: • 1.1Process 3.1.3 Internal evaluation Process 2.1.1 System and task analysis Safety Policy • Process 3.1.4 External auditing of the SMS Process 2.1.2 Hazard identification 1.2 Management Commitment & Accountabilities Elements: • Process 3.1.5 Investigation 2.2 assessment and Training control 1.3Risk Key Safety Personnel Competencies and • 4.1 Process 3.1.6 Employee reporting and feedback syst. Process Analyze risk Emergency Preparedness and Response Process 4.1.1 Personnel requirements • 1.4Process 3.1.72.2.1 Analysis of datasafety Process Assess safety risk SMS Documentation and Records • 1.5Process 3.1.82.2.2 System assessment Process 4.1.2 Training • 4.2 Process 3.1.92.2.3 Preventive/corrective Process Control safety action risk Communication and Awareness • Safety Promotion (Culture) Process 3.1.10 Management review 3.2 Management of Change 3.3 Continual Improvement Federal Aviation Administration Downloaded from www.avhf.com SL-126 Federal Aviation Administration SL-127 Start SRM System Analysis (Design) Hazard Ident Risk Analysis Inputs: 2.0(B)(2)(a),(b) & (d) •New System •System Change •New Operational Procedure 2.1.1 2.1 Hazard Identification & Analysis 2.1.2 Inputs: 2.0(B)(2)(c) From SA: 3.1.8(B)(3) 2.2.1 2.2 Risk Assessment & Control 2.2.2 Risk Assmt Evaluate Controls 2.2.3(B) (2) & (3) Risk Control Outputs: To SA 3.0(B)(1)(b) 2.2.3 Federal Aviation Administration Downloaded from www.avhf.com SL-128 SA Inputs: From SRM 2.2.2(B) & 2.2.3 (B)(2)(b) To SA: 3.0(B)(1)(b) System Operation Data Acquisition & Process Analysis Outputs: 3.1.8(B)(3) To SRM 2.0(B)(2)(c) System Assmt Preventive/ Corrective Action Per 2.1.1 including Risk Controls per 3.1.3 * 3.1 Safety Performance Monitoring and Measurement 3.1.1 Continuous Monitoring 3.1.2 Internal Audits 3.1.3 Internal Evaluation 3.1.4 External Evaluation 3.1.5 Investigations 3.1.6 Employee Reporting How is this going to be analyzed? By whom? 3.1.7 Analysis of Data 3.1.8 System Assessment 3.1.10 Management Review 3.1.9 * Note: Each data source should be traceable through analysis (3.1.7(B)(1)), assessment and Corrective Action (3.1.9(B)(1) where necessary. Federal Aviation Administration Downloaded from www.avhf.com SL-129 External Internal Decision by Organization Inputs Previous Process Interface – (I) Process Controls (C) •Procedural •Supervision •Assurance Processes Responsibility (R) Activities •Accountable for process output Authority (A) Procedures (P) Empowered to: •Make key decisions •Alter process Outputs •Deliverable – Performance Measures (PM) •Destination – Interface (I) Federal Aviation Administration Downloaded from www.avhf.com SL-130 Each Element/Process has a Performance Objective that defines the expected outcome of the process. Design expectations are then defined that outline characteristics of a well designed process. Inputs tell us where the process These are organized in terms of the starts: Management tells us: six •Aattributes. decision Responsibility on the part of the •Who is accountable for process company completion (Responsibility) Each process has a number of •The output of a previous Finally, the “Bottom Line Assessment” takes us Every process has an output. There are two activities –objective theis“things peopleto: do” •Who empowered (Interface) back to process the – will/does the process aspects to outputs: (Procedures) Make key decisions in the achieve its intended outcome? (Affirmation) •Evidence of accomplishment (Process process (Authority) Measures) Alter or deviate from the process •Destination of (Authority) the output (Interfaces) Some critical processes also have Controls Federal Aviation SL-131 Administration Downloaded from www.avhf.com SMS Implementation • Should follow a Phased Approach • The processes underlying the four components will be modularized • “Growth” or “increasing maturity” will then be emphasized for each process and the system as a whole Federal Aviation Administration SL-132 SMS Voluntary Implementation: Pilot Projects • Pilot Project activities commenced in 2007 • Voluntary SMS development • AFS combined effort • Objectives are to Develop: – Implementation strategies, – Oversight interfaces, and – Gain experience for FAA and Service Providers Federal Aviation Administration SL-134 SMS Implementation Process 4 3 2 1 0 Continuous Improvement Proactive Processes Reactive Processes Planning & Organization Orientation & Commitment Federal Aviation Administration Downloaded from www.avhf.com SL-135 Who’s Involved in Implementation? • The Operator/Service Provider • The Certificate Management Organization (CMO, FSDO, CHDO) • The SMS Standardization and Assistance Team (STAT) Federal Aviation Administration Downloaded from www.avhf.com SL-136 SMS Transition Assistance Team (STAT) • Provides Standardization and Assistance to operators and CMT’s in voluntary SMS projects • Under direction of AFS SMS Program Office (PO) – Team members currently from: • SMS PO • FAASTeam • HQ Policy Divisions • All activities coordinated with appropriate certificate oversight offices Federal Aviation Administration SL-137 Safety Management System Focus Group (SMSFG) Voluntary implementation user’s group • Provides a two-way communications mechanism between SMS PO and participants in voluntary implementation • Provides a forum for knowledge sharing among participants Federal Aviation Administration SL-138 Level 1: Planning & Organization Charting the Course • Preliminary Gap Analysis: Evaluating existing processes, programs, and practices for safety management • Develop Safety Policy • Develop Implementation Plan • Organizing for Implementation Federal Aviation Administration SL-140 Level 1 - Meetings Session 1 is a 2-day event • Day 1- STAT Briefing: – – – – • SMS Tutorial – 4-Hr. In-Depth Overview In-depth walk-through of the Framework & Assurance Guide Preliminary Audit/Gap Analysis Tool Detailed Audit/Gap Analysis Tools Day 2 - Service Provider & CMT jointly Perform Preliminary Gap Analysis – – Schedule Operator’s Detailed Gap Analysis The operator may require 4 to 6 months to complete the detailed gap analysis. STAT and CMT will be available on call while the operator is performing this task. Federal Aviation Administration Downloaded from www.avhf.com SL-142 Level 1 - Expectations • Service Provider/Certificate Holder – Sessions 1 • – Session 2 • • • • – Complete preliminary gap analysis Completed detailed gap analysis utilizing the detailed audit/gap analysis tools Brief gap analysis results Brief gaps and how they will be addressed Provide evidence of conformity Session 3 • • • • Present implementation plan Complete the required documents Meet the requirements of the exit criteria for this phase Provide process inputs to the STAT Federal Aviation Administration Downloaded from www.avhf.com SL-146 Level 1 - Expectations Oversight Organization – Review and utilize audit/gap analysis tools – Attend audit/gap analysis meetings with the operator – Participate in meetings with the STAT and operator – Review the operator’s implementation plan and other documents – Discuss the requirements of the exit criteria for this phase with the operator and STAT – Provide input to the STAT regarding the SMS implementation, documents and audit tools Federal Aviation Administration Downloaded from www.avhf.com SL-147 Level 2: Reactive Processes Basic Risk Management • Setting up the information infrastructure and processes • Going after known problems: Reactive Hazard Identification • Designing and implementing risk controls • Non-punitive voluntary employee reporting system • Documentation • Training – Training commensurate with this level of implementation phase maturity Federal Aviation Administration Downloaded from www.avhf.com SL-149 Level 3: Proactive Processes Looking Ahead • System and task analysis of the operational (production) systems • Proactive Hazard identification • Updating: – Risk controls – Documentation • Additional specialist training Federal Aviation Administration SL-151 Level 4: Continuous Improvement Continued Assurance • Mature safety assurance process – Analysis of data – System performance assessment – Corrective/Preventive action: Maintaining the controls – Identifying new and emerging hazards • Management Reviews: Formal involvement • Documentation & Training as required Federal Aviation Administration SL-153 SMS Studies and Analysis 4 Phase 2: 2 1 0 Proactive Processes 3 Experience Continuous Improvement Reactive Processes Planning & Organization Orientation & Commitment Phase 1: Readiness Federal Aviation Administration Downloaded from www.avhf.com SL-155 Organizations Federal Aviation Administration SL-156 AFS SMS Program Office (PO) Authorized by Order FS1100.1A: – AFS SMS Policy – Focal point for SMS rulemaking – Oversight and coordination of voluntary SMS implementation and testing – Integration with oversight systems – Policy, guidance, and tool development – Training and outreach development and coordination Federal Aviation Administration SL-157 FAASTeam (FAA Safety Team) • Participate in STAT team efforts • Conduct outreach sessions for CMTs and service providers • Assist SMS PO in development of: – – – – Guidance material Promotional Material Development and Delivery of Training Promotional web presence for SMS Federal Aviation Administration SL-158 SMS Transition Assistance Team (STAT) • Provides Standardization and Assistance to operators and CMT’s in voluntary SMS projects • Under direction of AFS SMS Program Office (PO) – Team members currently from: • SMS PO • FAASTeam • HQ Policy Divisions • All activities coordinated with appropriate certificate oversight offices Federal Aviation Administration SL-159 MITRE Corporation Involvement • MITRE is a Federally-Funded Research and Development Corporation (FFRDC) • MITRE assists the AFS SMS PO in: – SMS Pilot Project (SMSPP) activities – Studies and analysis to support development of SMS implementation and oversight strategies Federal Aviation Administration SL-161 Federal Aviation Administration Summary Federal Aviation Administration Downloaded from www.avhf.com SL-163 Safety Management System Provides a systematic way to: 1. Identify hazards and control risk 2. Provide assurance that risk controls are effective Policy (Structure) Safety Risk Managemen t Safety Assurance Safety Promotion (Culture) Federal Aviation Administration SL-164 Roles, Responsibilities & Relationships AVS SMS = FAA Safety Programme (SSP) FAA Internal SMS (SSP & Oversight) External SMS Flight Standards Air Operators/ Service Providers Safety Policy Safety Policy Safety Risk Management Safety Assurance Safety Promotion FAA Act 44702 CFR’s (aka FAR’s) Field Divisions (Oversight) Safety Risk Management Safety Assurance Design Assurance (Certification, SAS Prgrm. Apprvl./Accept., Cert. Mgt) Safety Promotion Performance Assurance (Surveil., Plus) Federal Aviation Administration SL-165 Safety Management System Provides 1. Increased Safety 2. International Harmonization 3. Improved Organizational Effectiveness Federal Aviation Administration SL-166 “Carelessness and overconfidence are more dangerous than deliberately accepted risk” Wilbur Wright, 1901 Contact: SMS Program Office Manager Don Arendt, Ph.D. (703) 661-0516 don.arendt@faa.gov Wilbur Wright gliding, 1901 Photographs: Library of Congress Federal Aviation Administration SL-167
