Transparency Is a Philosophical Question
- A Just Culture.
- A reporting culture.
- A culture of safety.
I think most, if not all, aviation safety managers would agree with me on this. Aviation safety data security is commonly under control of an SMS administrator, who may also be the director of safety. These managers are safety professional and not data security professionals.
This is probably why safety managers have so many questions about how to set up users in their aviation safety management system (SMS) database program. For starters, they may be managing users' safety roles and permissions in different parts of their aviation safety database program. For example, one SMS software program may use:
- Individual User Security Roles; and
- Custom User-Access Roles.
The million dollar question is: "what is the best practice for organizing access to safety information?"
Data Access Goes Beyond a Single Aviation Safety Software Solution
While this seems like a more practical, "how-to-use-the-software" question, it’s actually more a philosophical question:
- How transparent should my organization be?
But what exactly do we mean when we talk about transparency?
Definition of Transparency in Aviation Safety Cultures
It all comes down to information and what people (are allowed to) know. Transparent safety cultures are cultures that:
- Give high latitudes of relevant access to all employees – even with fairly sensitive safety information
- Do not restrict relevant information except in rare cases
- Employees have access to managerial safety issues that may affect them
The catchword here is relevant. Transparency does not mean everyone has access to all information – it means that if a piece of information affects an employee, he/she has a means of being aware of it. Period.
Of course, there are certain practical considerations here, such as issues that require investigation, etc. With that in mind, what are some best practices for User Roles/Security set up to maintain data security in aviation SMS programs? Some of the roles described herein relate to SMS Pro's aviation SMS solution. Your software may have something similar.
Security Roles Setup
The first thing that should be done is to, initially, try and set up your security roles for different users as they function in real life. Before assigning any roles, consider and perhaps even map out an org chart of your company with a brief description of what each management personnel is responsible for. Organizational charts are useful for visualizing the layout and workflow of safety information within an organization. Here is a good resource to create an org chart for your aviation safety program.
For example, your org chart may lead you to have:
- 1 Admin user who controls the portal
- Safety Manager(s) of the organization who is in charge of overseeing safety issues of a division
Note that one Safety Manager may also have the Admin role if he/she is in charge of maintaining the portal.
- SMS Department Heads should be assigned to each designated department head of the organization who will be managing safety issues within their department
- An executive who is typically in charge of operations, such as a CEO
Can also assign SMSExecutive roles depending on organization’s set up, such as the head of HR, CEO, and CFO, as may all likely have vested interests in the SMS program.
In this case, as well, an executive may be given a department head role if he/she performs such in real life.
- SMS auditor role can be given to an individual(s) in the organization for internal use, but are often temporarily reserved and assigned to external users, such as regulatory auditors.
- SMS users are the basic role that all users will by default have, giving access to only the essential features of SMS Pro (such as hazard reporting, electronic message bulletin board, lessons learned library, policies, and procedures, etc.)
We can consider SMS users as being best suited for general employees.
Custom User Roles in Aviation SMS Programs
Some aviation safety software programs allow custom roles. Custom user roles are designed to control what issues users can/can not see. Again, setting this up properly entails that you have a solid stance on what transparency means for your organization, as well as some common sense. What follows is an example of how one program handles data security. Other programs may do something similar but in a different fashion.
For SMS Pro, the first thing to note is that if the SMS users role has “View All Divisions” checked, every user will be able to see all divisions because every user has the SMS users role by default once they are trained and inducted into the system.
The ability of users to access information from different divisions is of primary concern to how much transparency an organization has.
It involves questions like:
- Do you want general SMS users to only be able to see issues that they have submitted (no "View" checks), only in their own division, or all divisions?
- Do you want safety managers/department heads to be notified of reported issues from other divisions?
- Do you want safety managers or department heads to be able to view issues from other divisions?
- Should SMS users be notified whenever an issue is reported in their division?
- Whom do you want to be notified on high-risk issues?
- Should anyone else but the SMS admin user be able to delete issues?
Your answers to these questions will determine how transparent (and liberal) your organization is.
Obviously, a balance between what is practical/ideal is the perfect setup. Some things, such as SMS users receiving notification of reported issue from all divisions, are both unwise and impractical. Other things, such as only letting SMS users view their own issues (no checks on “View” column) clearly subscribes to a lower level of transparency, but may be prudent.
Deciding the proper set up will take:
- Some serious consideration
- A hard look at how information is currently distributed in practice
Every check (or lack of check) should be carefully considered. A good rule of thumb for this question is to work from the highest level of access (SMS admin) to the lowest (SMS users).
Remember that designing security access of roles follows a pretty linear process:
- Give security roles to users that best mimics real life responsibility
- Consider organization’s stance on transparency at all levels of
- Assign levels of access in User Roles Setup
- Modify security roles and user roles if needed
Also, remember that granting access down the road will look a lot better than restricting access later on, so perhaps a conservative approach to start is a good idea.
To see an aviation SMS software solution and its benefits in action, you may be interested in these demo videos.