FAA’s Safety Risk Management (SRM) Process for Risk Analysis
Thankfully, the Federal Aviation Administration’s (FAA) SRM compliance requirement for Risk Analysis is fairly clear.
The "Risk Analysis" component description in the Advisory Circular provides most of the information you need to fulfill the requirement.
Risk Analysis Center of Safety Risk Management
The Risk Analysis element may be seen as the centerpiece of the SRM process for a couple of reasons:
- The FAA’s SRM System Description and Hazard Identification elements culminate in Risk Analysis; and
- Risk Assessment and subsequent control measures arise from Risk Analysis.
The whole purpose of the FAA's SRM Risk Analysis element is to establish:
- Potential safety incidents (i.e., accidents) that can arise from hazardous conditions;
- Effectiveness of existing risk controls;
- Basis and justification for risk assessment; and
- Need for risk control measures.
While the FAA discusses likelihood and severity quite a bit in the Advisory Circular, the Risk Analysis element should not involve making any conclusions about risk yet – that is what the SRM Risk Assessment element is for. What the FAA didn’t quite make clear, but what they are getting at, is that analysis of risk:
- Naturally flows into assessing risk;
- Should analyze elements of likelihood and severity without actually conducting a risk assessment (there’s an intermediary step between SRM Risk Analysis and Risk Assessment); and
- Should result in a list of potential negative outcomes (i.e. consequences) that can arise from a hazard.
To develop the list of risks, you must also establish your documentable process for analyzing risk (SRRs. Section 5.55(a)). This process should be something you can visually show an auditor if need be, such as using aviation risk management software or flow chart diagram.
Your Process to Analyze Safety Risk and What FAA Actually Means
It can be frustrating for safety managers in new aviation safety management systems that the Federal Aviation Administration requires that “The certificate holder must develop and maintain process to analyze safety risk…”, but the FAA fails to actually explain what this means.
Fortunately, it’s not difficult to glean what they want. A process to analyze risk:
- Is a demonstrable procedure that you use for risk analysis;
- Can be shown step by step in a flow chart, diagram, etc.;
- Is repeatable; and
- Results in documentable outcomes – your list of potential incidents.
As long as your steps for analyzing risk are consistent with the above points, then you satisfy the requirement of SRRs. Section 5.55(a). As said, a good best practice is to simply create a workflow diagram of risk analysis processes.
Moreover, what the FAA really means when they say “safety risk,” is “consequence” or “negative outcome.” Negative outcomes and consequences are the same thing. As the FAA says, “e.g. error, failure, accident, or incident.”
How to Define Potential for Injury and Damage – What FAA Really Wants
The FAA wants you to “define potential for injury and damage that may result from an accident related to operating while exposed to the hazard.” This is a long winded way of saying:
- For each hazard, list the consequences that can arise from the hazard.
Remember, a hazard is a “condition…or circumstance” which is another way of saying a hazard is a temporary state of being. So, in the condition of a hazard,
- What problems can realistically arise?
- What are credible risk scenarios?
Understanding what is a hazard is critical for this process – read the section on “what is a hazard” as defined by the FAA from the linked article for more information.
When the FAA says “define potential for injury…” they do not want a definition. Instead of define, they could have easily said:
- List potential injury…
- State potential injury…
- Describe potential injury…
- Indicate potential injury…
- Delineate potential injury…
All of the above points are probably more to the point of what the FAA wants. Especially, “delineate,” which indicates that something should be indicated precisely. In this case, indicate precisely which likely consequences can arise from the hazard.
How FAA Defines Likelihood and Severity
The FAA says that you need to “understand the basis for the estimates of severity and likelihood.” Here the FAA does a good job describing exactly what they want. The basis for likelihood and severity does NOT mean assess the likelihood and severity yet. It means understanding:
- Definitions of likelihood and severity;
- Relevant factors of the hazard that contribute/remove likelihood of consequence occurring; and
- Factors involved in the severity of consequence (loss of life, financial loss, etc.).
It’s important to remember that the likelihood and severity factors are being established for the each negative outcome (consequence) and NOT the hazard:
- Likelihood: chance of the negative consequence happening; and
- Severity: how bad are the damages, loss of life, etc.
The need to understand likelihood and severity factors is what makes the FAA’s SRM System Description component so important. As the FAA points out, “If risk analysis is not based upon a thorough understanding of the system, you may miss important details that could cause the system to fail.”
Evaluating SRM Risk Analysis Performance
Now the important question is, how do you prove that your risk analysis technique is working? The bad news is there is no objective, fool-proof way to prove this. The good news is that there is no expectation to “prove it” so much as to demonstrate you know what you are doing and that you have documentation proving you have analyzed risk initially and on a recurring basis.
Audit findings typically result when operators neglect to offer documentation of their risk analysis activities. We frequently see that operators will have documentation resulting from their initial risk analysis efforts, but subsequent reviews are overlooked.
The FAA acknowledges that “risk analysis in operations are often based on expertise…” This is a less direct way of communicating that if you know what you are doing, then you know what you are doing. Granted, your risk analysis activities should also be influenced by, as the FAA says:
- Failure data;
- Error data;
- Equipment reliability data; and
- Other expertise in the industry.
The long as short of it is that your SRM Risk Analysis technique is probably effective if:
- It is fully documented;
- You can easily create strong arguments for risk analysis decisions;
- Your risk analysis activities take into account information from your SRM System Description; and
- You can justify your analysis with the above bullet points.
If you wanted to go beyond expectations, you might simply document relevant factors for each hazard’s consequence.
If you've come this far, chances are this information was helpful. The good news is we have much more guidance to offer in this free ebook that offers FULL coverage what you need to know to comply with each element of the FAA's Safety Risk Management process: