Safety Management System PDF
Document Details
Uploaded by NobleAlder
Tags
Related
Summary
This presentation provides an overview of safety management systems, including their purpose, integration with other systems, and reporting mechanisms. It details the process of safety risk analysis and mitigation strategies.
Full Transcript
SAFETY MANAGEMENT SYSTEM What is the purpose of Safety Management System (SMS)? The purpose of an SMS is to provide service providers with a systematic approach to managing safety. Integration of management systems Safety management should be considered as part of a management system (and...
SAFETY MANAGEMENT SYSTEM What is the purpose of Safety Management System (SMS)? The purpose of an SMS is to provide service providers with a systematic approach to managing safety. Integration of management systems Safety management should be considered as part of a management system (and not in isolation). A typical integrated management system may include a: a) quality management system (QMS); b) safety management system (SMS); c) security management system (SeMS), further guidance may be found in the Aviation Security Manual (Doc 8973 — Restricted); d) environmental management system (EMS); e) occupational health and safety management system (OHSMS); f) financial management system (FMS); g) documentation management system (DMS); and h) fatigue risk management system (FRMS). A service provider may choose to integrate these management systems based on their unique needs. Risk management processes and internal audit processes are essential features of most of these management systems. It should be recognized that the risks and risk controls developed in any of these systems could have an impact on other systems. In addition, there may be other operational systems associated with the business activities that may also be integrated, such as supplier management, facilities management, etc. To maximize the benefits of integration and address the related challenges, senior management commitment and leadership is essential to manage the change effectively. It is important to identify the person who has overall responsibility for the integrated management system. SMS and QMS integration Some service providers have both an SMS and QMS. These sometimes are integrated into a single management system. The QMS is generally defined as the organizational structure and associated accountabilities, resources, processes and procedures necessary to establish and promote a system of continuous quality assurance and improvement while delivering a product or service. SMS and QMS integration both the SMS and the QMS: a) should be planned and managed; b) involve all organizational functions related to the delivery of aviation products and services; c) identify ineffective processes and procedures; d) strive for continuous improvement; and e) have the same goal of providing safe and reliable products and services to customers. SMS and QMS integration The SMS focuses on: The QMS focuses on: a) identification of safety-related a) compliance with regulations and hazards facing the organization; requirements; b) assessment of the associated b) consistency in the delivery of safety risk products and services; c) implementation of effective c) meeting the specified performance safety risk controls to mitigate standards; and safety risks; d) measuring safety performance; d) delivery of products and services that are “fit for purpose” and free of defects or error and e) maintaining an appropriate resource allocation to meet safety performance requirements SAFETY REPORTING SYSTEM One of the main sources for identifying hazards is the safety reporting system, especially the voluntary safety reporting system. Mandatory system is normally used for incidents that have occurred, the voluntary system provide an additional reporting channel for potential safety issues such as hazards, near misses or errors. They can provide valuable information to the State and service provider on lower consequence events. Voluntary safety reporting systems should be confidential, requiring that any identifying information about the reporter is known only to the custodian to allow for follow-up action Identified hazards and their potential consequences should be documented. This will be used for safety risk assessment processes. Accident and incident investigations Annex 13 requires States to establish and maintain an accident and incident database to facilitate the effective analysis of information on actual or potential safety deficiencies and to determine any preventive actions required. State authorities responsible for the implementation of the SSP should have access to the State accident and incident database to support their safety responsibilities. Additional information on which to base preventive actions may be contained in the Final Reports on accidents and incidents that have been investigated. Typical safety data and safety information sources MANDATORY SAFETY REPORTING SYSTEM Annex 19 (safety )requires States to establish a management mandatory safety reporting system that includes, but is not limited to, the reporting of incidents. Mandatory occurrence reporting systems tend to collect more technical information (e.g. hardware failures) than human performance aspects. To address the need for a greater range of safety reporting, States should also implement a voluntary safety reporting system. This aims to acquire more information, such as human factors related aspects, and enhance aviation safety. Voluntary safety reporting systems Voluntary safety reporting systems should be established to collect safety data and safety information not captured by the mandatory safety reporting system. These reports go beyond typical incident reporting. Voluntary reports tend to illuminate latent conditions, such as inappropriate safety procedures or regulations, human error, etc. One way to identify hazards is through voluntary reporting. Self-disclosure reporting systems Service providers’ systems for the collection of safety data through self-disclosure reporting systems, including automatic data capture such as aviation safety action programme (ASAP) and FDA programmes (flight operations quality assurance (FOQA) programme, line operations safety audit (LOSA) and the normal operations safety survey (NOSS)), are examples of systems that capture safety data through direct observations of flight crews or air traffic controllers, respectively. https://caap.gov.ph/wp-content/uploads/2021/04/ac_01- 005_voluntary_disclosure_caap_a2011.pdf Results of inspections, audits or surveys Results of interactions between State representatives and service providers, such as inspections, audits or surveys, can also be a useful input to the pool of safety data and safety information. The safety data and safety information from these interactions can be used as evidence of the efficacy of the surveillance programme itself. SAFETY DATA PROCESSING Safety data processing refers to the manipulation of safety data to produce meaningful safety information in useful forms such as diagrams, reports, or tables. There are a number of important considerations related to safety data processing, including: data quality, aggregation, fusion, and filtering. Data quality Data quality relates to data that is clean and fit for purpose. Data quality involves the following aspects: a) cleanliness; b) relevance; c) timeliness; and d) accuracy and correctness. SAFETY DATA AND SAFETY INFORMATION MANAGEMENT Safety data and safety information management can be defined as the development, execution and supervision of plans, policies, programmes and practices that ensure the overall integrity, availability, usability, and protection of the safety data and safety information used by the organization. Safety data and safety information management which addresses the necessary functions will ensure that the organization’s safety data and safety information is collected, stored, analysed, retained and archived, as well as governed, protected and shared, as intended. Specifically, it should identify: a) what data will be collected; b) data definitions, taxonomy and formats; c) how the data will be collected, collated and integrated with other safety data and safety information sources; SAFETY DATA AND SAFETY INFORMATION MANAGEMENT d)how the safety data and safety information will be stored, archived and backed up; for example, database structure, and, if an IT system, supporting architecture; e) how the safety data and safety information will be used; f) how the information is to be shared and exchanged with other parties; g) how the safety data and safety information will be protected, specific to the safety data and safety information type and source; and h) how quality will be measured and maintained. SAFETY ANALYSIS Safety analysis is the process of applying statistical or other analytical techniques to check, examine, describe, transform, condense, evaluate and visualize safety data and safety information in order to discover useful information, suggest conclusions and support data-driven decision-making. Organizations should include a range of appropriate information sources in their safety analysis, not just “safety data”. Examples of useful additions to the data set include: weather, terrain, traffic, demographics, geography, etc. Having access to and exploiting a broader range of data sources will ensure analysts and safety decision makers are aware of the bigger picture, within which the safety decisions are made. TYPES OF ANALYSIS Analysis of safety data and safety information also allows decision makers to compare information to other groups (i.e. a control or comparison group) to help draw conclusions from the safety data. Common approaches include descriptive analysis (describing), inferential analysis (inferring) and predictive analysis (predicting), as illustrated in this Figure (Common statistical analysis types) SAFETY RISK MANAGEMENT Safety Risk Management (SRM) is a key component of safety management and includes hazard identification, safety risk assessment, safety risk mitigation and risk acceptance. Introduction to hazards In aviation, a hazard can be considered as a dormant potential for harm which is present in one form or another within the system or its environment. This potential for harm may appear in different forms, for example: as a natural condition (e.g. terrain) or technical status (e.g. runway markings). Understanding hazards and their consequences Hazard identification focuses on conditions or objects that could cause or contribute to the unsafe operation of aircraft or aviation safety- related equipment, products and services (guidance on distinguishing hazards that are directly pertinent to aviation safety from other general/industrial hazards Hazard identification and prioritization Hazards exist at all levels in the organization and are detectable through many sources including reporting systems, inspections, audits, brainstorming sessions and expert judgement. The goal is to proactively identify hazards before they lead to accidents, incidents or other safety- related occurrences. An important mechanism for proactive hazard identification is a voluntary safety reporting system. The following should be considered when identifying hazards: a) system description; b) design factors, including equipment and task design; c) human performance limitations (e.g. physiological, psychological, physical and cognitive); d) procedures and operating practices, including documentation and checklists, and their validation under actual operating conditions; e) communication factors, including media, terminology and language f) organizational factors, such as those related to the recruitment, training and retention of personnel, compatibility of production and safety goals, allocation of resources, operating pressures and corporate safety culture; g) factors related to the operational environment (e.g. weather, ambient noise and vibration, temperature and lighting); h) regulatory oversight factors, including the applicability and enforceability of regulations, and the certification of equipment, personnel and procedures; i) performance monitoring systems that can detect practical drift, operational deviations or a deterioration of product reliability; j) human-machine interface factors; and k) factors related to the SSP/SMS interfaces with other organizations. Occupational safety health and environment hazards. Safety risks associated with compound hazards that simultaneously impact aviation safety as well as OSHE may be managed through separate (parallel) risk mitigation processes to address the separate aviation and OSHE consequences, respectively. Alternatively, an integrated aviation and OSHE risk mitigation system may be used to address compound hazards. Hazard identification methodologies Methodologies Reactive - analysis of past outcomes or events Proactive - existing or real-time operational situations Hazards related to SMS interfaces with external organizations Organizations should also identify hazards related to their safety management interfaces. This should, where possible, be carried out as a joint exercise with the interfacing organizations. The hazard identification should consider the operational environment and the various organizational capabilities (people, processes, technologies) which could contribute to the safe delivery of the service or product’s availability, functionality or performance. Hazards can be identified from: Accident/ incident investigation reports (Reactive) Audit, inspection or survey reports (Proactive) Voluntary hazard/ incident reports (Proactive) Operational data monitoring systems, etc (proactive) SAFETY RISK PROBABILITY Safety risk probability is the likelihood that a safety consequence or outcome will occur. It is important to envisage a variety of scenarios so that all potential consequences can be considered. The following questions can assist in the determination of probability: a) Is there a history of occurrences similar to the one under consideration, or is this an isolated occurrence? b) What other equipment or components of the same type might have similar issues? c) What is the number of personnel following, or subject to, the procedures in question? d) What is the exposure of the hazard under consideration? For example, during what percentage of the operation is the equipment or activity in use? SAFETY RISK PROBABILITY Safety risk severity Once the probability assessment has been completed, the next step is to assess the severity, taking into account the potential consequences related to the hazard. Safety risk severity is defined as the extent of harm that might reasonably be expected to occur as a consequence or outcome of the identified hazard. The severity classification should consider: fatalities or serious injury which would occur as a result of: 1) being in the aircraft; 2) having direct contact with any part of the aircraft, including parts which have become detached from the aircraft; or 3) having direct exposure to jet blast; and damage: 1) damage or structural failure sustained by the aircraft which: i) adversely affects the structural strength, performance or flight characteristics of the aircraft; ii) would normally require major repair or replacement of the affected component; 2) damage sustained by ATS or aerodrome equipment which: i) adversely affects the management of aircraft separation; or ii) adversely affects landing capability Safety risk severity The severity assessment should consider all possible consequences related to a hazard, taking into account the worst foreseeable situation. In the table it presents a typical safety risk severity table. It includes five categories to denote the level of severity, the description of each category, and the assignment of a value to each category. As with the safety risk probability table, this table is an example only. Table 2 (Safety risk severity table) Safety risk severity Safety risk tolerability The safety risk probability and severity assessment process can be used to derive a safety risk index. The index created through the methodology described above consists of an alphanumeric designator, indicating the combined results of the probability and severity assessments. The third step in the process is to determine safety risk tolerability. First, it is necessary to obtain the indices in the safety risk assessment matrix. The safety risk index rating is created by combining the results of the probability and severity scores. In the example above, it is an alphanumeric designator. The respective severity/probability combinations are presented in the safety risk assessment matrix in Table 3. The safety risk assessment matrix is used to determine safety risk tolerability. Consider, for example, a situation where the safety risk probability has been assessed as Occasional (4), and the safety risk severity has been assessed as Hazardous (B), resulting in a safety risk index of (4B). Safety risk matrix Table 3 Safety risk matrix The index obtained from the safety risk assessment matrix should then be exported to a safety risk tolerability table that describes — in a narrative form — the tolerability criteria for the particular organization. Table 4 presents an example of a safety risk tolerability table. Using the example above, the criterion for safety risk assessed as 4B falls in the “intolerable” category. In this case, the safety risk index of the consequence is unacceptable. The organization should therefore take risk control action to reduce: a) the organization’s exposure to the particular risk, i.e., reduce the probability component of the risk to an acceptable level; b) the severity of consequences related to the hazard, i.e., reduce the severity component of the risk to an acceptable level; or c) both the severity and probability so that the risk is managed to an acceptable level. Safety risks are conceptually assessed as acceptable, tolerable or intolerable. Safety risks assessed as initially falling in the intolerable region are unacceptable under any circumstances. The probability and/or severity of the consequences of the hazards are of such a magnitude, and the damaging potential of the hazard poses such a threat to safety, that mitigation action is required or activities are stopped. Safety risk mitigation strategies Safety risk mitigation is often referred to as a safety risk control. Safety risks should be managed to an acceptable level by mitigating the safety risk through the application of appropriate safety risk controls. This should be balanced against the time, cost and difficulty of taking action to reduce or eliminate the safety risk. The level of safety risk can be lowered by reducing the severity of the potential consequences, reducing the likelihood of occurrence or by reducing exposure to that safety risk. It is easier and more common to reduce the likelihood than it is to reduce the severity. Safety risk mitigations are actions that often result in changes to operating procedures, equipment or infrastructure. Safety risk mitigation strategies fall into three categories: a) Avoidance: b) Reduction c) Segregation: Safety risk mitigation strategies A safety risk mitigation strategy may involve one of the approaches described above or may include multiple approaches. It is important to consider the full range of possible control measures to find an optimal solution. The effectiveness of each alternative strategy must be evaluated before a decision is made. Each proposed safety risk mitigation alternative should be examined from the following perspectives: A) Effectiveness B) Cost/benefit C) Practicality D) Acceptability E) Enforceability F) Durability G) Residual safety risks H) Unintended consequences I) Time Safety risk management documentation Safety risk management activities should be documented, including any assumptions underlying the probability and severity assessment, decisions made, and any safety risk mitigation actions taken. This may be done using a spread sheet or table. Some organizations may use a database or other software where large amounts of safety data and safety information can be stored and analyzed. An example of a safety risk decision aid Cost-benefit analysis Cost-benefit or cost-effectiveness analysis is normally carried out during the safety risk mitigation activities. It is commonly associated with business management, such as a regulatory impact assessment or project management processes. However, there may be situations where a safety risk assessment may have a significant financial impact. In such situations, a supplementary cost-benefit analysis or cost-effectiveness process to support the safety risk assessment may be warranted. This will ensure cost- effectiveness analysis or justification of recommended safety risk control actions has been taken into consideration, with the associated financial implications THANK YOU FOR LISTENING!
