CAMO.A.200(a) Management system
The organisation shall establish, implement, and maintain a management system that includes:
(1) clearly defined lines of responsibility and accountability throughout the organisation, including a direct safety accountability of the accountable manager;
AMC1 CAMO.A.200(a)(1) Organization and accountabilities
(a) The management system should encompass safety by including a safety manager, and a safety review board in the organisational structure. The functions of the safety manager are those defined in AMC1 CAMO.A.305(a)(4);(a)(5).
(b) Safety review board
(1) The safety review board should be a high-level committee that considers matters of strategic safety in support of the accountable manager’s safety accountability.
(2) The board should be chaired by the accountable manager and composed of the person or group of persons nominated under point CAMO.A.305(a) and (b).
(3) The safety review board should monitor:
(i) safety performance against the safety policy and objectives;
(ii) that any safety action is taken in a timely manner; and
(iii) the effectiveness of the organisation’s management system processes.
(4) The safety review board may also be tasked with:
(i) reviewing the results of compliance monitoring;
(ii) monitoring the implementation of related corrective and preventive actions.
(c) The safety review board should ensure that appropriate resources are allocated to achieve the established safety objectives.
(d) The safety manager or another person designated by the safety manager may attend, as appropriate, safety review board meetings. He or she may communicate to the accountable manager all information, as necessary, to allow decision-making based on safety data.
(e) Notwithstanding point (a), where justified by the size of the organisation and the nature and complexity of its activities and subject to a risk assessment and agreement by the competent authority, the organisation may not need to establish a formal safety review board. In this case, the tasks normally allocated to the safety review board should be allocated to the safety manager.
GM1 CAMO.A.200(a)(1) Safety action group
(a) Depending on the size of the organisation and the nature and complexity of its activities, a safety action group may be established as a standing group or as an ad hoc group to assist, or act on behalf of the safety manager or the safety review board.
(b) More than one safety action group may be established, depending on the scope of the task and the specific expertise required.
(c) The safety action group usually reports to, and takes strategic direction from, the safety review board, and may be composed of managers, supervisors and personnel from operational areas.
(d) The safety action group may be tasked with or assist in:
(1) monitoring safety performance;
(2) defining actions to control risks to an acceptable level;
(3) assessing the impact of organisational changes on safety;
(4) ensuring that safety actions are implemented within agreed timescales;
(5) reviewing the effectiveness of previous safety actions and safety promotion.
GM2 CAMO.A.200(a)(1) Meaning of the terms “accountability” and “responsibility”
In the English language, the notion of accountability is different from the notion of responsibility. Whereas ‘accountability’ refers to an obligation which cannot be delegated, ‘responsibility’ refers to an obligation that can be delegated.
(2) a description of the overall philosophies and principles of the organisation with regard to safety, referred to as the safety policy;
AMC1 CAMO.A.200(a)(2) Safety polity & objectives
(a) The safety policy should:
(1) reflect organisational commitments regarding safety, and its proactive and systematic management, including the promotion of a positive safety culture;
(2) include internal reporting principles, and encourage personnel to report continuing airworthiness-related errors, incidents and hazards;
(3) recognise the need for all personnel to cooperate with the compliance monitoring and internal investigations referred to under point (c) of AMC1 CAMO.A.200(a)(3);
(4) be endorsed by the accountable manager;
(5) be communicated, with visible endorsement, throughout the organisation; and
(6) be periodically reviewed to ensure it remains relevant and appropriate for the organisation.
(b) The safety policy should include a commitment to:
(1) comply with all applicable legislation, to meet all the applicable requirements, and adopt practices to improve safety standard;
(2) provide the necessary resources for the implementation of the safety policy.
(3) apply HF principles;
(4) enforce safety as a primary responsibility of all managers; and
(5) apply ‘just culture’ principles to internal safety reporting and the investigation of occurrences and, in particular, not to make available or use the information on occurrences:
(i) to attribute blame or liability to front line staff or other persons for actions, omissions or decisions taken by them that are commensurate with their experience and training; or
(ii) for any purpose other than the maintenance or improvement of aviation safety.
(c) Senior management should continually promote the safety policy to all personnel, demonstrate its commitment to it, and provide necessary human and financial resources for its implementation.
(d) Taking due account of its safety policy, the organisation should define safety objectives. The safety objectives should:
(1) form the basis for safety performance monitoring and measurement;
(2) reflect the organisation’s commitment to maintain or continuously improve the overall effectiveness of the management system;
(3) be communicated throughout the organisation; and
(4) be periodically reviewed to ensure they remain relevant and appropriate for the organisation.
GM1 CAMO.A.200(a)(2) Safety policy
(a) The safety policy is the means whereby the organisation states its intention to maintain and, where practicable, improve safety levels in all its activities and to minimise its contribution to the risk of an aircraft accident or serious incident as far as is reasonably practicable. It reflects the management’s commitment to safety, and should reflect the organisation’s philosophy of safety management, as well as be the foundation on which the organisation’s management system is built. It serves as a reminder of ‘how we do business here’. The creation of a positive safety culture begins with the issuance of a clear, unequivocal policy.
(b) The commitment to apply ‘just culture’ principles forms the basis for the organisation’s internal rules describing how ‘just culture’ principles are guaranteed and implemented.
(c) For organisations having their principal place of business in a Member State, Regulation (EU) No 376/2014 defines the ‘just culture’ principles to be applied (refer in particular to Article 16(11) of that Regulation).
(3) the identification of aviation safety hazards entailed by the activities of the organisation, their evaluation and the management of associated risks, including taking actions to mitigate the risks and verify their effectiveness;
AMC1 CAMO.A.200(a)(3) Safety management key processess
(a) Hazard identification processes
(1) A reporting scheme for both reactive event and proactive hazards should be the formal means of collecting, recording, analysing, acting on, and generating feedback about hazards and the associated risks that may affect safety.
(2) The identification should include:
(i) hazards that may be generated from HF issues that affect human performance; and
(ii) hazards that may stem from the organisational set-up or the existence of complex operational and maintenance arrangements (such as when multiple organisations are contracted, or when multiple levels of contracting/subcontracting are included).
(b) Risk management processes
(1) A formal safety risk management process should be developed and maintained that ensures that there is:
(i) analysis (e.g. in terms of the probability and severity of the consequences of hazards and occurrences);
(ii) assessment (in terms of tolerability); and
(iii) control (in terms of mitigation) of risks to an acceptable level.
(2) The levels of management who have the authority to make decisions regarding the tolerability of safety risks, in accordance with (b)(1)(ii), should be specified.
(c) Internal investigation
(1) In line with its just culture policy, the organisation should define how to investigate incidents such as errors or near misses, in order to understand not only what happened, but also how it happened, to prevent or reduce the probability and/or consequence of future recurrences (refer to AMC1 CAMO.A.202).
(2) The scope of internal investigations should extend beyond the scope of the occurrences required to be reported to the competent authority in accordance with point CAMO.A.160, to include the reports referred to in CAMO.A.202(b).
(d) Safety performance monitoring and measurement
(1) Safety performance monitoring and measurement should be the process by which the safety performance of the organisation is verified in comparison with the safety policy and the safety objectives.
(2) This process may include, as appropriate to the size, nature and complexity of the organisation:
(i) safety reporting, addressing also the status of compliance with the applicable requirements;
(ii) safety reviews, including trends reviews, which would be conducted during the introduction of new products and their components, new equipment/technologies, the implementation of new or changed procedures, or in situations of organisational changes that may have an impact on safety;
(iii) safety audits focusing on the integrity of the organisation’s management system, and on periodically assessing the status of safety risk controls; and
(iv) safety surveys, examining particular elements or procedures in a specific area, such as problem areas identified, or bottlenecks in daily continuing airworthiness management activities, perceptions and opinions of management personnel, and areas of dissent or confusion.
(e) Management of change
The organisation should manage the safety risks related to a change. The management of change should be a documented process to identify external and internal changes that may have an adverse effect on the safety of its continuing airworthiness management activities. It should make use of the organisation’s existing hazard identification, risk assessment and mitigation processes.
(f) Continuous improvement
The organisation should continuously seek to improve its safety performance and the effectiveness of its management system. Continuous improvement may be achieved through:
(1) audits carried out by external organisations;
(2) assessments, including assessments of the effectiveness of the safety culture and management system, in particular to assess the effectiveness of the safety risk management processes;
(3) staff surveys, including cultural surveys, that can provide useful feedback on how engaged personnel are with the management system;
(4) monitoring the recurrence of incidents and occurrences;
(5) evaluation of safety performance indicators and review of all the available safety performance information; and
(6) identification of lessons learnt.
(g) Immediate safety action and coordination with the operator’s Emergency Response Plan (ERP)
(1) A procedure should be implemented to enable the organisation to act promptly when it identifies safety concerns with the potential to have immediate effect on flight safety, including clear instructions on who to contact at the owner/operator, and how to contact them, including outside normal business hours. These provisions are without prejudice to the occurrence reporting required by point CAMO.A.160.
(2) If applicable, a procedure should be implemented to enable the organisation to react promptly if the ERP is triggered by the operator and it requires the support of the CAMO.
GM1 CAMO.A.200(a)(3) Safety risk management- interfaces between organizations
(a) Safety risk management processes should specifically address the planned implementation of, or participation of the organisation in, any complex operational and maintenance arrangements (such as when multiple organisations are contracted, or when multiple levels of contracting/subcontracting are included).
(b) Hazard identification and risk assessment start with an identification of all the parties involved in the arrangement, including independent experts and non-approved organisations. This identification process extends to cover the overall control structure, and assesses in particular the following elements across all subcontract levels and all parties within such arrangements:
(1) coordination and interfaces between the different parties;
(2) applicable procedures;
(3) communication between all the parties involved, including reporting and feedback channels;
(4) task allocation, responsibilities and authorities; and
(5) the qualifications and competency of key personnel with reference to point CAMO.A.305.
(c) Safety risk management should focus on the following aspects:
(1) clear assignment of accountability and allocation of responsibilities;
(2) that only one party is responsible for a specific aspect of the arrangement, with no overlapping or conflicting responsibilities, in order to eliminate coordination errors;
(3) the existence of clear reporting lines, both for occurrence reporting and progress reporting;
(4) the possibility for staff to directly notify the organisation of any hazard that suggests an obviously unacceptable safety risk as a result of the potential consequences of this hazard.
(d) The safety risk management processes should ensure that there is regular communication between all the parties involved to discuss work progress, risk mitigation actions, and changes to the arrangement, as well as any other significant issues.
GM2 CAMO.A.200(a)(3) Management of change
(a) Unless they are properly managed, changes in organisational structure, facilities, the scope of work, personnel, documentation, policies and procedures, etc. can result in the inadvertent introduction of new hazards, and expose the organisation to new or increased risk. Effective organisations seek to improve their processes, with conscious recognition that changes can expose the organisation to potentially latent hazards and risks if they are not properly and effectively managed.
(b) Regardless of the magnitude of change, large or small, its safety implications should always be proactively considered. This is primarily the responsibility of the team that proposes and/or implements the change. However, a change can only be successfully implemented if all the personnel affected by the change are engaged, are involved and participate in the process. The magnitude of a change, its safety criticality, and its potential impact on human performance should be assessed in any change management process.
(c) The process for the management of change typically provides principles and a structured framework for managing all aspects of the change. Disciplined application of the management of change can maximise the effectiveness of the change, engage the staff, and minimise the risks that are inherent in a change.
(d) The introduction of a change is the trigger for the organisation to perform their hazard identification and risk management process.
Some examples of change include, but are not limited to:
(1) changes to the organisational structure;
(2) the inclusion of a new aircraft type in the terms of approval;
(3) the addition of aircraft of the same or a similar type;
(4) significant changes in personnel (affecting key personnel and/or large numbers of personnel, high turn-over);
(5) new or amended regulations;
(6) changes in the security arrangements;
(7) changes in the economic situation of an organisation (e.g. commercial or financial pressure);
(8) new schedule(s), location(s), equipment, and/or operational procedures; and
(9) the addition of new subcontractors.
(e) A change may have the potential to introduce new, or to exacerbate pre-existing, HF issues. For example, changes in computer systems, equipment, technology, personnel changes, including changes in management personnel, procedures, work organisation, or work processes are likely to affect performance.
(f) The purpose of integrating HF into the management of change is to minimise potential risks by specifically considering the impact of the change on the people within a system.
(g) Special consideration, including any HF issues, should be given to the ‘transition period’. In addition, the activities utilised to manage these issues should be integrated into the change management plan.
(h) Effective management of change should be supported by the following:
(1) Implementation of a process for formal hazard identification/risk assessment for major operational changes, major organisational changes, changes in key personnel, and changes that may affect the way continuing airworthiness management is carried out.
(2) Identification of changes that are likely to occur in business which would have a noticeable impact on:
(i) resources — material and human;
(ii) management direction — policies, processes, procedures, training; and
(iii) management control.
(3) Safety cases/risk assessments that are aviation-safety focused.
(4) Involvement of key stakeholders in the change management process as appropriate.
(i) During the management of change process, previous risk assessments, and existing hazards are reviewed for possible effect.
(4) maintaining personnel trained and competent to perform their tasks;
AMC1 CAMO.A.200(a)(4) Communication on safety
(a) The organisation should establish communication about safety matters that:
(1) ensures that all personnel are aware of the safety management activities, as appropriate, for their safety responsibilities;
(2) conveys safety-critical information, especially related to assessed risks and analysed hazards;
(3) explains why particular actions are taken; and
(4) explains why safety procedures are introduced or changed.
(b) Regular meetings with personnel at which information, actions, and procedures are discussed, may be used to communicate safety matters.
GM1 CAMO.A.200(a)(4) Safety promotion
(a) Safety training, combined with safety communication and information sharing, forms part of safety promotion.
(b) Safety promotion activities support:
(1) the organisation’s policies, encouraging a positive safety culture, creating an environment that is favourable to the achievement of the organisation’s safety objectives;
(2) organisational learning; and
(3) the implementation of an effective safety reporting scheme and the development of a just culture.
(c) Depending on the particular safety issue, safety promotion may also constitute or complement risk mitigation actions.
(d) Qualification and training aspects are further specified in the AMC and GM to CAMO.A.305.
(5) documentation of all management system key processes, including a process for making personnel aware of their responsibilities and the procedure for amending this documentation;
GM1 CAMO.A.200(a)(5) Management system documentation
(a) The organisation may document its safety policy, safety objectives and all its key management system processes in a separate manual (e.g. Safety Management Manual or Management System Manual) or in its CAME (cf. AMC1 CAMO.A.300, Part 2 ‘Management system procedures’). Organisations that hold multiple organisation certificates within the scope of Regulation (EU) 2018/1139 may prefer to use a separate manual in order to avoid duplication. That manual or the CAME, depending on the case, should be the key instrument for communicating the approach to the management system for the whole of the organisation.
(b) The organisation may also choose to document some of the information that is required to be documented in separate documents (e.g. policy documents, procedures). In that case, it should ensure that the manual or the CAME contains adequate references to any document that is kept separately. Any such documents are to be considered as integral parts of the organisation’s management system documentation.
(6) a function to monitor compliance of the organisation with the relevant requirements. Compliance monitoring shall include a feedback system of findings to the accountable manager to ensure effective implementation of corrective actions as necessary;
AMC1 CAMO.A.200(a)(6) Compliance monitoring- General
(a) The primary objectives of compliance monitoring are to provide an independent monitoring function on how the organisation ensures compliance with the applicable requirements, policies and procedures, and to request action where non-compliances are identified.
(b) The independence of the compliance monitoring should be established by always ensuring that audits and inspections are carried out by personnel who are not responsible for the functions, procedures or products that are audited or inspected.
AMC2 CAMO.A.200(a)(6) Compliance monitoring- Independent audit
(a) An essential element of compliance monitoring is the independent audit.
(b) The independent audit should be an objective process of routine sample checks of all aspects of the CAMO ability to carry out continuing airworthiness management to the standards required by this Regulation. It should include some product sampling as this is the end result of the process.
(c) The independent audit should provide an objective overview of the complete set of continuing airworthiness management-related activities.
(d) The organisation should establish an audit plan to show when and how often the activities as required by Part-M, Part-ML and Part-CAMO will be audited.
(e) The audit plan should ensure that all aspects of Part-CAMO compliance are verified every year, including all the subcontracted activities, and the auditing may be carried out as a complete single exercise or subdivided over the annual period. The independent audit should not require each procedure to be verified against each product line when it can be shown that the particular procedure is common to more than one product line and the procedure has been verified every year without resultant findings. Where findings have been identified, the particular procedure should be verified against other product lines until the findings have been closed, after which the independent audit procedure may revert to a yearly interval for the particular procedure.
(f) Provided that there are no safety-related findings, the audit planning cycle specified in this AMC may be increased by up to 100 %, subject to a risk assessment and/or mitigation actions, and agreement by the competent authority.
(g) Where the organisation has more than one location approved, the audit plan should ensure that each location is audited every year or at an interval determined through a risk assessment agreed by the competent authority and not exceeding the applicable audit planning cycle.
(h) A report should be issued each time an audit is carried out describing what was checked and the resulting non-compliance findings against applicable requirements and procedures.
AMC3 CAMO.A.200(a)(6) Compliance monitoring- contracting of the independent audit
(a) If external personnel are used to perform independent audits:
(1) any such audits are performed under the responsibility of the compliance monitoring manager; and
(2) the organisation remains responsible for ensuring that the external personnel have the relevant knowledge, background, and experience that are appropriate to the activities being audited, including knowledge and experience in compliance monitoring.
(b) The organisation retains the ultimate responsibility for the effectiveness of the compliance monitoring function, in particular for the effective implementation and follow-up of all corrective actions.
AMC4 CAMO.A.200(a)(6) Compliance monitoring- feedback system
(a) An essential element of the compliance monitoring is the feedback system.
(b) The feedback system should not be contracted to external persons or organisations.
(c) When a non-compliance is found, the compliance monitoring function should ensure that the root cause(s) and contributing factor(s) are identified (see GM1 CAMO.A.150), and that corrective actions are defined. The feedback part of the compliance monitoring function should define who is required to address any non-compliance in each particular case, and the procedure to be followed if the corrective action is not completed within the defined time frame. The principal functions of the feedback system are to ensure that all findings resulting from the independent audits of the organisation are properly investigated and corrected in a timely manner, and to enable the accountable manager to be kept informed of any safety issues and the extent of compliance with Part-CAMO.
(d) The independent audit reports referred to in AMC2 CAMO.A.200(a)(6) should be sent to the relevant department(s) for corrective action, giving target closure dates. These target dates should be discussed with the relevant department(s) before the compliance monitoring function confirms the dates in the report. The relevant department(s) are required to implement the corrective action and inform the compliance monitoring function of the status of the implementation of the action.
(e) Unless the review of the results from compliance monitoring is the responsibility of the safety review board (ref. AMC1 CAMO.A.200(a)(1) point (b)(4)), the accountable manager should hold regular meetings with staff to check the progress of any corrective actions. These meetings may be delegated to the compliance monitoring manager on a day-to-day basis, provided that the accountable manager:
(1) meets the senior staff involved at least twice per year to review the overall performance of the compliance monitoring function; and
(2) receives at least a half-yearly summary report on non-compliance findings.
(f) All records pertaining to the independent audit and the feedback system should be retained for the period specified in point CAMO.A.220(b) or for such periods as to support changes to the audit planning cycle in accordance with AMC2 CAMO.A.200(a)(6), whichever is the longer.
GM1 CAMO.A.200(a)(6) Compliance monitoring function
The compliance monitoring function is one of the elements that is required to be in compliance with the applicable requirements. This means that the compliance monitoring function itself should be subject to independent monitoring of compliance in accordance with point CAMO.A.200(a)(6).
GM1 CAMO.A.200(a)(6) and CAMO.B.300 The use of information and communication technologies (ICT) for performing remote audits
Similar provisions to those in GM1 145.A.65(c)(1) and 145.B.30 apply.
Does the CAMO or CAO compliance monitoring/quality system need to be subject to internal audit?
Yes, the compliance monitoring/quality system is part of the activities of the CAMO or CAO and therefore it should be monitored by internal audit. Points M.A.712(b), CAMO.A.200(a)(6) or CAO.A.100(b) requires that the compliance monitoring/quality system monitors the compliance of the organisation with its relevant requirements and procedures. The compliance monitoring/quality procedures are considered to be within the scope of this monitoring function. Therefore, the compliance monitoring/quality system should also be subject to audits and the CAMO or CAO audit programme/plan needs to reflect this. Besides that, the audits conducted in respect of the compliance monitoring/quality system should satisfy the requirement of independence. This means that audits should be carried out by personnel not responsible for the functions, procedures or products being checked. So, the compliance monitoring/quality staff cannot audit the compliance monitoring/ quality system themselves because of the necessary independence of the audit. Therefore, to audit the compliance monitoring/quality system, it is acceptable: - to use competent personnel from a different section/department in the same organisation not responsible for the compliance monitoring/quality function/ procedure, or, - to contract the independent audit element of the compliance monitoring/quality system to another organisation or a qualified competent person, or, - that the compliance monitoring/quality system is monitored and certified against an internationally recognised standards by a certification organisation. The way the compliance monitoring/quality system is going to be audited has to be described in the CAME or CAE and approved by the competent authority.
(7) any additional requirements that are laid down in this Regulation.
The management system shall correspond to the size of the organisation and the nature and complexity of its activities, taking into account the hazards and associated risks inherent in these activities.
CAMO.A.200(c) Integrated management system
Where the organisation holds one or more additional organisation certificates within the scope of Regulation (EU) 2018/1139 and its delegated and implementing acts, the management system may be integrated with that required under the additional certificate(s) held.
CAMO.A.200(d) AOC-CAMO management system
Notwithstanding point (c), for air carriers licensed in accordance with Regulation (EC) No 1008/2008, the management system provided for in this Annex shall be an integrated part of the operator’s management system.
GM1 CAMO.A.200 General
Safety management seeks to proactively identify hazards and to mitigate the related safety risks before they result in aviation accidents and incidents. Safety management enables an organisation to manage its activities in a more systematic and focused manner. When an organisation has a clear understanding of its role and contribution to aviation safety, it can prioritise safety risks and more effectively manage its resources and obtain optimal results.
The principles of the requirements in points CAMO.A.200, CAMO.A.202, CAMO.A.205 and the related AMC constitute the EU management system framework for aviation safety management. This framework addresses the core elements of the ICAO safety management system (SMS) framework defined in Appendix 2 to Annex 19, and it promotes an integrated approach to the management of an organisation. It facilitates the introduction of the additional safety management components, building upon the existing management system, rather than adding them as a separate framework.
This approach is intended to encourage organisations to embed safety management and risk-based decision-making into all their activities, instead of superimposing another system onto their existing management system and governance structure. In addition, if the organisation holds multiple organisation certificates within the scope of Regulation (EU) 2018/1139, it may choose to implement a single management system to cover all of its activities. An integrated management system may not only be used to capture multiple certification requirements, but also to cover other business management systems such as security, occupational health and environmental management systems. Integration will remove any duplication and exploit synergies by managing safety risks across multiple activities. Organisations may determine the best means to structure their management systems to suit their business and organisational needs.
The core part of the management system framework (CAMO.A.200) focuses on what is essential for safety management, by mandating the organisation to:
(a) clearly define accountabilities and responsibilities;
(b) establish a safety policy and the related safety objectives;
(c) implement safety reporting procedures in line with just culture principles;
(d) ensure the identification of aviation safety hazards entailed by its activities, ensure their evaluation, and the management of associated risks, including:
(1) taking actions to mitigate the risks;
(2) verifying the effectiveness of the actions taken to mitigate the risks;
(e) monitor compliance, while considering any additional requirements that are applicable to the organisation;
(f) keep their personnel trained, competent, and informed about significant safety issues; and
(g) document all the key management system processes.
Compared to the previous Part-M Subpart G quality system ‘framework’, the new elements that are introduced with Part-CAMO are, in particular, those addressed under points (b) to (d). Points (c) and (d)(1) address component 2 ‘Safety Risk Management’ of the ICAO SMS framework. Points (d)(2) and (e) address component 3 ‘Safety Assurance’ thereof.
Point CAMO.A.200 defines the following as key safety management processes; these are further specified in the related AMC and GM:
— Hazard identification;
— Safety risk management;
— Internal investigation;
— Safety performance monitoring and measurement;
— Management of change;
— Continuous improvement;
— Immediate safety action and coordination with the aircraft operator’s Emergency Response Plan (ERP).
It is important to recognise that safety management will be a continuous activity, as hazards, risks and the effectiveness of safety risk mitigations will change over time.
These key safety management processes are supported by a compliance monitoring function as an integral part of the management system for safety. Most aviation safety regulations constitute generic safety risk controls established by the ‘regulator’. Therefore, ensuring effective compliance with the regulations during daily operations and independent monitoring of compliance are fundamental to any management system for safety. The compliance monitoring function may, in addition, support the follow-up of safety risk mitigation actions. Moreover, where non-compliances are identified through internal audits, the causes will be thoroughly assessed and analysed. Such an analysis in return supports the risk management process by providing insights into causal and contributing factors, including HF, organisational factors and the environment in which the organisation operates. In this way, the outputs of compliance monitoring become some of the various inputs to the safety risk management functions. On the other hand, the safety risk management processes may be used to determine focus areas for compliance monitoring. In this way, internal audits will inform the organisation’s management of the level of compliance within the organisation, whether safety risk mitigation actions have been implemented, and where corrective or preventive action is required. The combination of safety risk management and compliance monitoring should lead to an enhanced understanding of the end-to-end process and the process interfaces, exposing opportunities for increased efficiencies, which are not limited to safety aspects.
As aviation is a complex system with many organisations and individuals interacting together, the primary focus of the key safety management processes is on the organisational processes and procedures, but it also relies on the humans in the system. The organisation and the way in which it operates can have a significant impact on human performance. Therefore, safety management necessarily addresses how humans can contribute both positively and negatively to an organisation’s safety outcomes, recognising that human behaviour is influenced by the organisational environment.
The effectiveness of safety management largely depends on the degree of commitment of the senior management to create a working environment that optimises human performance and encourages personnel to actively engage in and contribute to the organisation’s management processes. Similarly, a positive safety culture relies on a high degree of trust and respect between the personnel and the management, and it must therefore be created and supported at the senior management level. If the management does not treat individuals who identify hazards and report adverse events in a consistently fair and just way, those individuals are unlikely to be willing to communicate safety issues or to work with the management to effectively address the safety risks. As with trust, a positive safety culture takes time and effort to establish, and it can be easily lost.
It is further recognised that the introduction of processes for hazard identification and risk assessment, mitigation and verification of the effectiveness of such mitigation actions will create immediate and direct costs, while related benefits are sometimes intangible and may take time to materialise. Over time, an effective management system will not only address the risks of major occurrences, but also identify and address production inefficiencies, improve communication, foster a better organisation culture, and lead to more effective control of contractors and suppliers. In addition, through an improved relationship with the authority, an effective management system may result in a reduced oversight burden.
Thus, by viewing safety management and the related organisational policies and key processes as items that are implemented not only to prevent incidents and accidents, but also to meet the organisation’s strategic objectives, any investment in safety should be seen as an investment in productivity and organisational success.