An Aviation Safety Policy is a document in aviation safety management systems (SMS) that outlines:
ICAO's Doc 9859 writes that your Safety Policy is used to, “Describe the organization’s intentions, management principles and commitment to improving aviation safety in terms of the…service provider.”
Your company’s SMS Safety Policy should be the “bottom line” on all safety questions. When employees have questions regarding the SMS or safety, you should be able to send them to your Safety Policy for an answer.
The SMS' safety policy is the foundation upon which high-performing safety cultures rest. Trust in management's commitment toward safety and not toward retaliation is explicitly documented in the safety policy. An insincere safety policy breeds:
Further criteria outlined by ICAO for your Safety Policy are that it should:
An SMS' Safety Policy needs to fulfill each of the above points to have a compliant policy. In fulfilling these requirements, you also address much of the Safety Policy component of the 4 Pillars of SMS.
ICAO states that your Safety Policy should be based on the size of the complexity of your organization. In some ways this is true, but in other ways, this is not true in the actual practice of developing safety policies.
The fact is that most Safety Policies will be about the same size as any other company’s Safety Policy. This is because many of the required Safety Policy elements are static items that contain the "expected" sections with an appropriate number of words in each section, such as:
Your Safety Policy needs to include such items. So the sections of the safety policy are finite and guidance about the sections has been fairly well standardized. After all, there have to be some expectations as to what should go into the safety policy to allow SMS auditors to objectively evaluate an SMS implementation. Without guidance and expectations, there would be no control - a complete "free-for-all."
Consequently, the number of sections in safety policies will hardly vary in size among different organizations. Where a Safety Policy tends to differ in size from other companies’ Safety Policies will be seen in the subsections under:
Larger organizations will need to account for (i.e., document) a greater number of roles, responsibilities, policies/procedures, and accountabilities that interact in complex ways. Their Safety Policy needs to capture more detail that comes with increased size and complexity. Smaller operations, with fewer employees and a less diverse operational environment, will need to account for less.
You just need to make sure that your Safety Policy includes all required elements, and that the accountabilities, roles, policies, and procedures capture what actually exists in your operational environment. In this manner, your Safety Policy will naturally develop to be the right size. Using the safety policy from another company is fine as long as you actually practice what is described in the adopted safety policy.
Among the most common audit findings is that the operator is not conducting operations according to policies and procedures. There is a reason for policies and procedures. They are your design - your assurance that risk controls are designed and implemented to ensure risk is as low as reasonably practical (ALARP). When employees are not following documented policies and procedures, unnecessary and uncontrolled risks are introduced into the operations.
This last point is the most important point I wish to communicate.
Safety policies (and other policies and procedures) are designed to allow the organization to operate safely as long as everyone follows "certain steps," also known as procedures. When someone does not follow the policies and procedures, management must be alerted and the reactive risk management process begins. An investigation should then be initiated to discover why?
Once management investigates to discover the root cause as to why the policy or procedure was neglected or not followed, management can implement risk controls to prevent a recurrence using their documented risk management processes. This process is both
Publicly submitting a safety report on yourself declaring that you "messed up" and made a mistake is difficult even on your best day. Managers and peers may look at you as if you are:
An SMS' safety policy affords assurances to the employees that "it is all right to make mistakes." Of course, managers don't like it when you make mistakes, but in the interests of safety, management must address the correct mindset of system safety. "Tell us what went wrong so we can improve the system so it will not happen again." There are of course where an employee should not receive immunity from management. That will not be discussed here.
This above describes modern aviation risk management. Safety policy tells employees that they are expected to report ALL
Once employees report these safety concerns, management can run these safety issues through their reactive and proactive risk management processes. However, when employees don't know about the SMS, or they don't know what is expected from them in the SMS, the safety reporting culture will remain substandard or nonexistent. There will be no way for management to address system design flaws in the SMS risk management cycle of safety risk management (SRM = Design) and safety assurance (SA = monitor).
Obtaining as much data on valid safety concerns is extremely valuable for management to improve the system and reduce losses. The more data, the better. As your company gathers more data and has a way to store, categorize, and retrieve this risk management data, the organization becomes more efficient in decision-making processes and will be able to benefit from predictive risk management processes.
Though we have already covered some of these important items listed below, your Safety Policy should include:
There may be more items you should include in your Safety Policy based on your size and complexity, but these items cover the core elements to help you reach Safety Policy compliance. Evaluating the safety policy by SMS auditors is not an easy task as there is a degree of subjectivity. As long as you have the "expected" elements covered, there should be no valid complaints from the SMS auditor.
Your Safety Policy is not a static document.
Safety policies will change in size and scope over time as you review and update them.
When aviation service providers begin their SMS implementations, among the first tasks to be completed is the Safety Policy. It is considered a "low-hanging fruit" from the safety manager's perspective. All he has to do is grab one of many templates that can be found on the web and slap the accountable executive's name at the bottom. Of course, he should read it and modify the template to ensure it aligns with the company's goals and objectives.
In extreme cases, the safety manager may forget to remove the names on the original safety policy template. While this neglectful oversight is not common, it happens more than we like.
A best practice is for your accountable executive, safety manager, and safety committee/team to perform a comprehensive audit of your Safety Policy once per year. Beyond this, any anomalies discovered in the policy when referencing it during normal operations should be promptly fixed, rather than waiting until the comprehensive review.
Another best practice is to have a reminder in your SMS database or calendar to ensure the policy is reviewed regularly. When I see safety policies that have not been reviewed in five years, this is an excellent safety culture indicator. It also indicates this operator has a "paper SMS" that was implemented to only "check the box" without regard to the tangible benefits offered by a performing SMS.
Last updated March 2024.