IOSA Pre-Audit Visit (IPV)

2020
Presented by IATA
To represent, lead and serve the airline industry
Introduction to the IPV
Module 1
1.1 Introduction
Welcome to the IOSA Pre-audit Visit (IPV) presentation
Will cover the all aspects for an operator to undergo an
IOSA audit
Presentation in person or through media
Is made by IATA

3
1.2 Learning Objective
Participants will get familiar with:
 The philosophy, methodology and terminology of the
IATA Operational Safety Audit (IOSA) program
 The preparation, conduct and follow-up of an IOSA audit

4
1.3 Reference Material
 IOSA Program Manual
 IOSA Audit Handbook – Procedures and Guidance
 IOSA Standards Manual
 IATA Reference Manual for Audit Programs

5
Introduction to IOSA
Module 2
2.3 Applicability
The IOSA program is applicable only for the Audit of an
operator that utilizes
 At least one multiple non-piston engine two-pilot aircraft
with MTOW in excess of 5,700 kg
 Passenger flights with or without cabin crew
 Cargo flights with or without the carriage of
supernumeraries
 The IOSA program is applied only to aircraft on the AOC.

14
2.4 Conditional Applicability
 Limited airplanes
 Conditional Phrases within ISARPs

15
2.5 Exclusions, Exemptions
 Operational Exclusions
 Fleet(s) &/or Aircraft Exemption
 Fleet(s) Out of Scope

16
Management of the IOSA
Program
Module 3
3.1 The IOSA Headquarters
 Based in Montreal
 Operates under the rules of IATA
 Undergoes regular audits

20
3.2 Audit Organizations (AOs)
 Annually accredited by IATA
 Undergo audits by IATA
 Responsible for the conduct of all audits

21
3.4 Conflict of Interest (COI)
 IOSA Program Manual lays down strict rules on COI
 A violation could annul the IOSA audit
 The IPV is exempt

23
IOSA Documentation
Module 4
4.1 Introduction
 All IOSA Documents and Forms on the IATA website,
www.iata.org/iosa
 Some are specific to IOSA while others are common to
all programs
 All documentation is in English

26
4.2 IOSA Program Manual (IPM)
 Primary manual of IOSA
 IPM contains policies and processes
 Responsibilities of IATA, the Audit Organization & the
Operator
 IOSA Registration & Renewal
 Dispute resolution, Audit Sharing, etc.

27
4.3.1 IOSA Standards Manual (ISM)
 The book of IOSA Standards and Recommended
Practices
 The ISARPS are divided into 8 sections: ORG, FLT,
DSP, MNT, CAB, GRH, CGO, SEC
 All sections (except Cargo) are further divided into 4 sub-
sections:
 Appendix A to the ISM

28
4.3.2 IOSA Standards Manual (ISM)
 The ISM is revised on a regular basis.
 The ISARPS are derived from:
 Relevant ICAO Annexes and Documents

 Major Regulatory bodies

 Industry proven best practices and Standards

 Relevant IATA Manuals

29
4.3.4 IOSA Standards Manual (ISM)
The ISARPs may have some of these symbols:
 <AC> symbol
 [SMS] symbol
 [PCO] symbol
 (GM) symbol
 ► symbol
 ◄ symbol
 ▲ symbol

31
4.4 IOSA Audit Handbook (IAH) –
Procedures and Guidance
Contains:
 Procedures for AOs and Operators
 Guidance on Audit Methodology and Technique
 Description of Program Options

32
4.5 IOSA Audit Handbook (IAH) –
Interlinked and Repeated ISARPs
Contains
 List of Interlinked and Repeated Standards
 List of PCOs and AIs in effect

33
4.6 IATA Reference Manual (IRM)
Contains
 A list of Abbreviations, and
 A Glossary of all the terms used in Audit Programs

34
4.7 Conformance Report (CR)
 Used to report the conduct of an internal audit against
IOSA standards
 The CR must contain all the ISARPs and associated
information
 IATA provides an optional template in Excel
 CR must be sent to the AO at least 14 days prior to the
IOSA audit

35
4.8 Equipment Tables
 Used for reporting the installation of various equipment
on the airplanes
 This is a new form that came into effect in September
2017
 Filling of table by the Operator
 Verification by the auditor

36
4.9 IOSA Audit Report (IAR)
 Final report of the audit
 Owned by the operator, kept in safe custody by IATA
 Consists of
 Completed Audit Checklists, Auditor Comments and Document
References;
 General information on the Airline and

 The history of each corrective action

37
IOSA Terminology
Module 5
5.1 IOSA Standards
 IOSA Standards and Recommended Practices are
termed ISARPS
 Standards always contain the word “shall”
 Standards are operational necessities
 A non-conformity with a Standard leads to a ‘Finding’
 ISARPs may have a Note

40
5.2 IOSA Recommended Practices
 Recommended Practices always contain the word
“should”
 A Recommended Practice is considered operationally
desirable
 A non-conformity with a Recommended Practice leads to
an ‘Observation’

41
5.3 Conditional Statements
 Some ISARPs have conditional phrases
 Then, the ISARP applies only if the condition(s) are met
 Caution when multiple conditions are separated by an
‘or’

42
5.4 ISARP Guidance Material (GM)
 Appended to most ISARPS
 Informatory in nature
 Some offer acceptable methods of conformity
 Not part of the ISARP

43
5.5 ISARP Auditor Actions
 Auditor Actions are available for all ISARPs
 AAs follow a pattern
 Require completion by auditors
 Auditors have the option to carry out actions beyond the
list given by IATA

44
5.6.1 Policy, Program, Process,
Procedure, Forms

45
 5.6.2 Policy, Program, Process,
Procedure, Forms
Name Definition Example
System A combination of interacting or interrelated System of records; a
elements within an organization functioning in documentation system
a coordinated manner to achieve desired
outcomes
Policy The stated intentions and direction of the Airline policy regarding
company. safe flight
Program An organized set of processes directed toward a Flight Dispatch Manual
common purpose, goal or objective.

46
 5.6.3 Policy, Program, Process,
Procedure, Forms
Name Definition Example
Process One or more actions or procedures implemented in a Analyzing new
coordinated manner to achieve a goal, a defined result or airports
to satisfy a requirement.
A process must have the ‘input’, the action and the
‘output’.
Procedu An organized series of actions accomplished in a Methodology
re prescribed or step-by-step manner to achieve a defined of the analysis
result.
Forms Lowest step used to complete a procedure, often with a Used to keep a
record of the person who requested or took the action record
47
5.7 Controlled document
 Definition from the IRM: “A document that is subject to
processes that provide for the positive control of content,
revision, publication, distribution, availability and
retention.”
 Numbering of manuals not needed
 Letters, emails, flyers or posters are generally not
‘controlled’

48
5.8.1 Electronic Documentation
 Acceptable
 Must be protected
 Described in the IRM
 Three types of Electronic documentation

49
5.8.2 Electronic Documentation
Types
 1. URL based
 2. Software based
 3. Server based

50
5.9 Documented
 The state of an operational specification as published
and accurately represented in a Controlled document by
the Operator.
 Should not be a copy-paste of ISM
 Can be in paper or electronic form
 Available to those that need it

51
5.10 Implemented
 The state of an operational specification as being
established, activated, integrated, incorporated,
deployed, installed, maintained and/or made available as
part of the operational system and monitored and
evaluated, as necessary, for continued effectiveness.

52
5.10 Implemented
 The state of an operational specification as being
established, activated, integrated, incorporated,
deployed, installed, maintained and/or made
available as part of the operational system and
monitored and evaluated, as necessary, for continued
effectiveness.
 Implemented is accepted, if
 It is integral part of the operation
 The process or procedure is used
 Activity is controlled and measured

53
5.11.1 Evidence
 Data or information discovered during an Audit
 Evidence collection is done by
 Reviewing documentation (reading)

 Interviewing personnel (hearing)

 Surveying conditions, facilities and equipment (observing)

 Assessing operational activities and processes (observing)

54
5.11.2 Evidence
 Evidence verification is done by
 Additional interviews (different departments, different persons)

 Technical records (maintenance, training, completed checklists

& forms)
 Activity records (agendas, minutes)

 Reports (accidents, incidents)

 Statistical summaries (failure rates, events)

 First hand observation of front line operations

55
5.12 Conformity
 Definition: The state of fulfilment of specifications is
Documented and Implemented by the Operator
 The conformity is determined by the Auditor

56
5.13 Non-conformity
Each Non-conformity (finding or observation) is:
 Generated against a specific ISARP
 Based on objective evidence or lack thereof, discovered
during the audit
 Discussed with and agreed-to within the Audit Team
 Documented along with supporting objective evidence
(on Audit Checklist and CAR)
 Discussed with the Operator during the Audit with the
intention of achieving agreement
57
5.14 Finding
 Definition: A documented statement based on factual
Evidence that describes non-conformity with an IOSA
Standard
 Only against a Standard
 Requires Corrective Action

58
5.15 Observation
 Definition: The documented statement based on factual
Evidence that describes non-conformity with an IOSA
Recommended Practice
 Only against a Recommended Practice
 Corrective action is optional

59
5.16 Checking of Interlinked &
Repeated ISARPS
At the end of the audit, auditors will check for
 Interlinked and repeated ISARPs
 To assess overall conformity of each group of provisions

60
5.17 Parallel Conformity Option
 Operator constrained to conform to an ISARP
 A Parallel Conformity Option (PCO) may be available
 Then the Operator could achieve conformity with other
methods
 Limited to just a few ISARPS
 Identified by a note
 The PCO have an expiry date

61
5.18.1 Active Implementation
 If the operator is constrained by time…
 And is able to demonstrate active progress towards
implementation
 Then, Active Implementation (AI) is allowed for a few
ISARPs denoted by the ▲ symbol,
 AIs have an expiry date

62
5.18.2 Active Implementation – IAP
 The IAP must map the road to conformity
 It must specify
 The Schedule

 The resources

 Milestones

 The completion date

 The AI Plan is checked in the subsequent audit

63
Safety Management
System (SMS)
Module 6
6.1 History
 Derived from ICAO Doc 9859 & Annex 19
 States can overrule
 IOSA adopted the SMS by 2016
 SMS symbol

66
6.2 Essential Principles & Elements
 Documented policy
 Active communication & awareness
 Free flow of information
 Trust
 Review and Improvement
 Quality Assurance

67
6.4 Groups of SMS ISARPS
SMS ISARPs are divided into 3 groups
 Overall controlling ISARP
 ORG ISARPs repeated in other scopes
 ORG ISARPs not repeated in other scopes

69
6.5 Extract from IAH – Interlinked
and Repeated ISARPs

70
Preparation for the IOSA
Audit
Module 7
7.1 Check the QA program
Ensure the Organization Charts are accurate
Ensure Job descriptions are available for key positions
If on the IOSA registry, ensure the QA program includes
all ISARPS
 Ensure oversight of the outsourced functions.

73
7.2 Conduct a Gap Analysis
 Conduct an internal audit of the airline against the IOSA
checklist
 Record the exact reference to the controlled document
 A note of the proof of implementation.
 Assess the fleets for technical conformity
 Make an accurate assessment of the non-conformities

74
7.3 Amend the Manuals
 Amend the manuals, based on the results of the gap
analysis.
 Statements copy-pasted from the ISARPs to the
Operator’s manuals cannot be considered as
conformity
 Don’t mix up policy, process and procedure
 Make the documentation simple and easy to follow
 If required, ensure the manuals are approved or
accepted

75
7.4 Get the certificates!
IOSA audits will require the
 AOC issued by the regulator
 Ops Specs issued by the regulator

76
7.5 Provide Access to IOSA Manuals
 Provide access to the current (or proposed to be used)
manuals & documents of IOSA
 The manuals & documents are:
 IOSA Program Manual (IPM)
 IOSA Standards Manual (ISM)
 IOSA Auditor Handbook (IAH)
 IATA Reference Manual (IRM)
 IOSA Checklists,
 Equipment Table Excel sheet

77
7.6 Get Resources
 Get access to the restricted areas for the auditors
 Ensure logistical support is available to the auditors
(travel, hotel, translators, etc.)
 Plan the simulator sessions well in advance

78
7.7 Identify Staff
 Get senior management commitment to IOSA
 Identify key staff
 Prepare for the audit
 Understand the ISARPs
 Allocate responsibility for sections

79
7.8 Give Awareness Training
 Give specific training on the reading and understanding
of the ISM
 Give awareness training to the concerned managers on:
 The essential definitions: System, Policy, Process, Procedure
and Practice
 Controlled documents
 Documented and Implemented status
 Mandatory Observations

80
7.9 Plan the time
 Give yourself enough time to close the findings from the
gap analysis
 Plan the IOSA audit with sufficient time to close the
findings.

81
Common Problems in
Audit Preparation
Module 9
9.1 The usual suspects
 Audit Planning was not optimum
 Ops Management
 Quality Functions

90
9.2.1 Defining a Supernumerary
 Supernumerary: A person in addition to the flight crew
that is not a cabin crew member, but is on board either a
cargo or passenger aircraft during commercial or non-
commercial operations, and is not classified as a
passenger by the operator or the Authority.

91
9.2.1 Defining a Supernumerary
 Supernumerary: A person in addition to the flight crew
that is not a cabin crew member, but is on board
either a cargo or passenger aircraft during commercial
or non-commercial operations, and is not classified as
a passenger by the operator or the Authority.

92
9.2.2 Examples
A supernumerary is typically any of the following:
 Assigned to the flight by the operator as necessary for
the safety of operations
 An inspector, auditor or observer authorized by the
operator and the State to be on board
 Assigned to a passenger flight by the operator to
conduct certain customer service activities
 Full definition in the IRM

93
9.3 Oversight of Outsourced
Functions (OOF)
An Operator may elect to outsource any operational
function, but
 The Operator retains the responsibility
 The Operator must perform suitable quality oversight
 For auditors, if any operational function, process,
service, facility, etc. has been outsourced, the audit
methodology changes
 The ISARP cannot be assessed as N/A

94
9.4 Outsourced Operational
Functions – Operator Preparation
 Identify outsourced functions
 Check that there is a contract
 Check that the contract has measurable specifications
 Check that it is part of your QA Program

95
9.5 Measurable Specifications
 Needed in every contract with a Provider of services
 The measurable specifications should be:
 Clear, Complete, Quantifiable and

 Contained in a contract or agreement as basis for monitoring

96
The IOSA Audit

Module 10
10.1.1 Opening Meeting
 Denotes the commencement of the audit
 Will address the following:
 Introduction

 Roles and responsibilities of the Audit Team and the Operator

 Establishing the lines of communication during the Audit

 Defining Audit Objective & Scope

 Audit Plan

 Methods and procedures used to conduct the Audit

…Continued

99
10.1.2 Opening Meeting
 Will address the following (continued):
 Administrative arrangements and facilities to be used during the
Audit;
 Arrangements for observations of operational activities;

 Conditions that may lead to termination of the Audit

 IOSA Dispute Resolution Process

 Confidentiality of the IOSA program

 IOSA Audit Feedback Survey

100
10.2 Daily Management Meetings
 Conducted by the Lead auditor
 Report about overall progress
 Clear potential ambiguities
 Adjust audit schedule (if required)

101
10.3.2 List of the MOs
 FLT - Line Flight MO
 FLT - Simulator MO
 DSP - Flight Planning & Flight Monitoring MO
 MNT - AD/ASB process & Maintenance processes
 CAB - Line Flight MO
 GRH - Weight & balance Calculation; GRH activities
 CGO - Aircraft loading & unloading
 SEC - Baggage reconciliation

103
10.4 Interlinked and Repeated ISARPs
 Derived from the IAH – Interlinked and Repeated
ISARPs tables published by IATA
 May cause a change in the number of findings /
observations

105
10.5.1 Closing Meeting
 Formal closure of on-site auditing
 Closing meeting will address:
 An overview of the actual audit activities

 Number of Findings and/or observations

 Follow-up process, including timelines for corrective action

 Process for verification of corrective action implementation

 Closure of findings

 The IAR

 IAR quality control process

…Continued

106
10.5.2 Closing Meeting
 Closing meeting will address (continued):
 Requirements for IOSA registration

 Confidentiality of the IOSA program

 IATA policy for marketing of IOSA registration

 The IOSA Audit Feedback Survey (sent by IATA)

107
10.6 Changes to the Findings and/or
Observations
 The findings / observations cannot be withdrawn, except
in very special cases
 The number of findings / observations can change in the
QC process

108
10.7 Adjourned Closing Meeting
 Can happen if one or more MO has not been completed
on-site
 Possibility of a non-conformity that will be raised
subsequent to the delayed MO
 The official date of the ‘Closing Meeting’ does not
change

109
11.1 Corrective Action Record (CAR)
The logical steps in a Corrective Action Record:
1. The Auditor describes what was wrong
2. The Operator states the reasons for the non-conformity (Root Cause)
3. The Operator suggests actions to solve the non-conformity (Planned
Corrective Action or PCA).
4. The Auditor / AO agrees to the PCA
5. The Operator undertakes the corrective action and notifies the Auditor
/ AO
6. The Final Action Taken (FAT) is presented to the Auditor / AO
7. The Auditor signs the Verification Of Implementation (VOI) and closes
the non-conformity

112