Safety Assurance is designed to ensure that aviation service providers have the ability to manage safety risks effectively using a structured, prescribed approach to managing identified safety concerns.
The purpose of aviation safety management systems (SMS) is to provide operators with a "systematic approach to managing safety. Yet there are no standards that every operator must follow, as the range of aviation industry segments is vast, just as the size and complexity of the thousands of service providers around the world. Even if there were a standardized, one-size-fits-all aviation SMS model, aviation regulatory authorities would still need to provide oversight to ensure that operators were following the prescribed "model SMS."
Safety Assurance processes in aviation SMS implementations are designed to not only assist civil aviation authorities in providing regulatory oversight but also for individual operators to self-monitor their SMS implementations.
Self-monitoring each operator's aviation SMS will be required to demonstrate "continuous improvement of the SMS." Without self-monitoring activities, the accountable executive would have no assurance that the aviation SMS is implemented across the entire organization and is performing as designed.
Safety Assurance is one of the Four Pillars of SMS. Safety assurance philosophies have strong overlaps with quality management systems, after which safety management systems have been modeled.
If you have just started your SMS implementation, don't focus too heavily on Safety Assurance activities, except for your safety reporting system. In the early stages of SMS implementation, your focus will naturally turn to
As aviation SMS implementations mature, the Safety Assurance pillar will gradually become more important until it becomes a center point of the SMS implementation. Not only will Safety Assurance activities take center stage, but they will also become critical to the long-term success of the SMS.
The first two elements of Safety Assurance, as defined by the Federal Aviation Administration, are:
These two elements are tightly intertwined, and as such the FAA considers them together. Here are the FAA’s Safety Performance Monitoring and Data Acquisition components.
The FAA’s Part 5 (5.71(a)(1)) indicates that you need to develop a process for monitoring operational processes on a day-to-day basis.
These operational processes include:
It goes without saying that the larger the organization, the more complex these monitoring activities will be. In smaller organizations, monitoring operational processes may be fulfilled by only one person. As organizations grow, the burden of this monitoring will transfer to multiple people (such as a safety team), and eventually to multiple tiers of management. In addition, larger operators may employ automated systems that can report "exceptions" to the aviation SMS, thereby initiating reactive risk management processes.
Having a solid risk management process is one way to fulfill this element. The most common inputs from day-to-day monitoring of operational processes are:
It is the responsibility of all employees to identify hazards and immediately report safety concerns. Taken from this vantage point, we could say the entire organization is actively monitoring operational processes. But why stop there? Your aviation SMS' safety reporting system should be available to stakeholders outside your organization, which may include, depending on your type of operation:
The second part of the FAA’s Safety Performance Monitoring and Data Acquisition in Part 5 (5.71(a)(2)) is monitoring the operational environment to detect changes. This element is a bit troubling because:
The FAA’s Advisory Circular admits that this element involves “practices that are similar to those of operational processes.” However, the important point is that:
As in the previous case, documented risk management processes will fulfill this element.
Auditing operational processes, Part 5 (5.71(a)(3)), is a straightforward data acquisition action that safety professionals are familiar with. One doesn’t often think of aviation SMS audits as having the goal of “data acquisition,” however they do have one primary goal:
This component is three-fold:
This is explicitly stated in Part 5. Auditing can be completed by documenting the audit results:
The Advisory Circular indicates that the frequency of audits should scale with the size of the organization (a larger company means more audits).
Evaluation of the aviation SMS – Part 5 (5.71(a)(4)) – is a tough nut to crack because of seemingly conflicting information. The AC says that evaluations are usually carried out by an independent party. This indicates that the primary difference between Auditing and Evaluation is:
However, the AC goes on to say that an “…evaluation is an internal oversight tool…” So, which is it: an internal or external function? The happy medium here is that:
Organizations will need to list their specific criteria or for how to conduct evaluations, clarifying things like:
The goal of evaluations is to provide a summary of the entire SMS implementation, such as a list of what is “working” and what “isn’t working” that can be presented to the accountable executive to direct remedial actions.
Part 5 (5.71(a)(5)) further points to a different data acquisition process, and investigations, which is somewhat similar to Evaluations and Audits. However, the difference between Investigations and Evaluations/Audits is that Investigations are performed:
Both Audits and Evaluations can be tailored to analyze the SMS implementation in parts, or as a whole. Investigations are designed for specific cases, such as an accident with a fatality. In the same manner, Part 5 (5.71(a)(6)) calls for investigations of non-compliance. These investigations also are done on a case-by-case basis. Of course, this requirement entails that you have a way for employees to report potential non-compliance, and this is typically performed through the organization's safety reporting system.
The last component of the Part 5 requirements for Safety Monitoring and Data Acquisition is the requirement for SMS implementations to have a confidential reporting system (5.71(a)(7)). All this entails is that employees can report:
Of course, the “confidential” portion of this requirement also entails that employees can report confidentially. “Confidential” should be defined by each organization, but generally means that employees can report:
SMS implementations under FAA jurisdiction need to define AND document a safety reporting process and ensure that it works for employees.
During this discussion on FAA's Safety Assurance requirements, four recurring data-intensive elements should cause you to look inward and consider your own SMS implementations. These recurring elements include:
For safety professionals who are very conversant in aviation SMS requirements, we know that an aviation SMS' data management requirements are far more complex than safety reports, audit findings, and risk management processes to investigate and treat the safety reports and audit findings. Other important sub-systems are also important when verifying the success of your aviation SMS implementation. Systems with relevant SMS data may include but are not limited to:
The point I wish to stress is that your SMS data management strategy will dictate how successful you are in demonstrating compliance with FAA's Safety Assurance requirements. By now, I'm hoping you will realize that spreadsheets are not a good option. An SMS database is better aligned to store many years worth of disparate risk management data.
To learn how your organization can benefit from a low-cost commercially available SMS database, please watch these short demo videos.
For a full overview of FAA compliance, you will find these resources valuable:
Last updated in June 2024.