State and regional civil aviation authorities are changing their approach to regulatory oversight with the evolution of safety management systems (SMS), and some have struggled with confusion and inconsistencies. Recognizing this, the Safety Management International Collaboration Group (SM ICG), a group of regulators, has responded with experience-based advice about the transition.
Members of the SM ICG have begun sharing experiences and lessons learned to provide better guidance on the interpretation of safety management requirements. One key objective is to deliver guidance on how to implement a state safety program (SSP) and SMS at both the state and operator levels. Essential to the successful implementation of SMS is the realization that SMS builds on years of prescriptive requirements written as a result of lessons learned from past events (reactively). This has produced a safe industry, but we must also ensure that we do not become complacent as the aviation system changes.
SMS continues our shared journey toward an even safer industry, in which prescriptive rules do not fit every organization or operation. However, if SMS is misinterpreted, this can create its own safety risk rather than the safety benefits intended.
As former Flight Safety Foundation President and CEO William R. Voss wrote in a recent article (ASW, 5/13, p. 7), SMS does not have to be complicated. At the same time, regulators need to protect the public while industry has a responsibility to offer safe products and services. Together, we must provide the right level of safety assurance in a proportionate manner that reflects the size, nature, inherent risk and complexity of the organization.
SMS at the operator level is about managing risk — current, future and third-party. Within the operator’s system, third parties are extensively used for safety-critical services such as contracted maintenance, ground handling, fueling, deicing and aircraft loading.
The surveillance and oversight of these third-party organizations are paramount for states and operators, as such organizations not only generate risks but also manage and control some of the risks faced by the primary organization. This involves not only looking at how they meet the regulations but also at the effectiveness of the safety barriers they control and knowing the safety risks that could be transferred onto others. Important conversations on risk should take place between these organizations.
An effective SMS has to bring organizations together, as the management of risk often is shared. It also should bring the regulator and the regulated together in a collaborative relationship as part of the state safety program. The International Civil Aviation Organization (ICAO) SMS framework was a good starting point, but now that we understand SMS better, one question arises: Are the current regulations still fit for purpose?
More and more states are recognizing the need to address the total system rather than provide oversight to isolated parts. Indeed, many of the risks sit in the gaps and interfaces between different parts of the system. Safety management of the individual parts does not necessarily equal the safety management of the whole system.
SMS requires a change of approach from industry and the regulators. As regulators, we want to see organizations implement an effective SMS that is adding safety value. This includes organizations having a better risk picture and a means to monitor their safety performance, so they know that they are taking the right actions for the risks they face. We also want to see the industry reduce its safety risks and get a return on its investment.
One of the greatest challenges for everyone is the shift in organizational cultures. An SMS will not be effective without the right safety culture, but this key point is missing from most SMS regulations. This is because culture is subjective and difficult to regulate. However, this should not stop the regulator from assessing safety culture (even subjectively) and providing that independent view to the organization’s accountable executive and senior management. Moreover, this assessment should contribute to determining the level of surveillance needed for performance-based oversight.
As regulators move toward risk-based oversight or performance-based oversight, they need to consider not only how well an organization complies with regulations but also how well it understands and manages its safety risks and monitors its safety performance. As regulators, our confidence in the organization to manage safety is also based on our view of its safety culture.
It is not just the regulated organizations that need to ensure they have the right culture to enable their SMS to deliver. Each regulator is on its own journey, too. Inspectors need to consider the performance and effectiveness of the SMS in addition to compliance.
This requires a different way of thinking on the part of the inspector. Having a well-crafted safety management manual and delivering SMS training won’t itself produce an effective SMS. It is how the organization manages safety in practice that adds most value.
Does it do what it says it does? Are these strategies effective? How does the inspector evaluate the effectiveness? It starts with the organization’s risk register and focuses on the biggest risks. Do they reflect the same risks that the state has identified in its own SSP, and do they reflect those of similar organizations in the same sector? Has the organization identified its risks correctly? This is where the SSP feeds into the SMS oversight and the SMS oversight feeds back into the SSP.
The competencies expected of the regulatory inspector are changing. Inspectors are now being required to understand risk, safety performance, safety culture and human factors, and judge the performance and effectiveness of an SMS. They will need to acquire new skills and a shift in the culture of the inspection staff, which will take time.
Furthermore, the ICAO SSP/SMS frameworks have been around for a while, and there are still areas of confusion and inconsistent interpretation. We need to make sure that other states learn from those that have already been on the SMS journey and have uncovered issues and pitfalls on the way so others don’t make the same mistakes. This was one key reason that the SM ICG was established.
The state safety program, in conjunction with the cumulative effects of individual organizations’ SMS, can provide that extra layer of safety. However, this will only happen if it meets the original intent and doesn’t get lost in unnecessary complexity and language that not everyone understands. We need to avoid the jargon of SMS and communicate so that everyone understands what safety management is trying to achieve.
We need to consolidate our understanding and our application of safety management before we move on to something new. We are a long way from reaping the full rewards of effective safety management. That doesn’t mean we should give up, it just means we should manage our expectations about progress and celebrate each critical step forward on the SMS journey.
The Safety Management International Collaboration Group (SM ICG) is a joint partnership of many regulatory authorities for promoting a common understanding of safety management principles and requirements and facilitating their implementation across the international aviation community. Further information regarding SM ICG can be located at <www.skybrary.aero/index.php/Safety_Management_International_Collaboration_Group_(SM_ICG)>.