National Authorities

• Within each country, the national authority is the

main point of contact with a regulatory body.
• Almost every country in the world has a Department
of Civil Aviation (sometimes called DCA).
• It can be referred to as the DCA, with the head
called the Director General of Civil Aviation (DGCA).
• In the USA the specialist team is the Federal Aviation
Administration (FAA)
• In Britain the Civil Aviation Authority (CAA).
• Safety Regulations
• Risk Assessment
• Human Factors and Safety
• Security Regulations
• Environmental Regulations
Safety Regulations
• There are two models that can be applied by a national authority
in terms of exercising their authority as a safety regulator:
• One is to apply onerous and detailed technical regulation
rigorously, giving little leeway and showing no favour.
• This was the almost universal practice for many decades, but the
model was challenged from the late 1980s.
• The newer, alternative, policy is to give participants freedom to
interpret regulations that are principles rather than expressions
of adherence, and to let the users apply the regulations within a
safety management system (SMS) that they have created.
• In approving the SMS the regulator and the user will define
criteria that the regulator can monitor and set attainment targets
against each one.
• Safety regulation starts with the approval of organisations and licensing of
facilities and personnel.
• Hence airlines have to meet operating standards and qualify for an Air
Operator’s Certificate (AOC) while airports have to qualify for an Aerodrome
Licence.
• Equivalently, maintenance and other operational service organisations have to
appropriately ‘approved’.
• Hence, when an application is made to create any organisation whose
operations will have safety implications (whether that be an airline, airport or
contractor), the organisation must declare staff, by name, that are acceptable to
the national authority, to fulfil certain leading roles.
• In effect, these are people who are empowered to act on behalf of the
approving authority on a daily basis.
• They can be Chief Pilot, Airport Operations Manager, Head of Fleet
Maintenance, and so on.
• They must keep a clear and complete record of their decisions and if any
decisions that they take they feel are controversial, they are expected to discuss
them with the regulator immediately.
• The national authority will look for patterns in these reports and might use
them as a guide to whether operational issues are legislated suitably.
• Deeper within organisations the responsibility for safe operations is vested in staff
on a hierarchical basis.
• Pilots, mechanics and technicians, despatchers and air traffic controllers, to quote
the most well-known examples, are given full responsibility in specific operational
situations and expected to maintain currency of their qualifications through regular
training.
• Their periodic checks might be conducted internally by a licensed individual, who in
turn will be checked regularly by the national authority.
• They obtain their certificates of competency through a succession of training stages;
these are principally stages that address, respectively, fundamental procedures,
complex procedures and situations specific to the job (type rating of aircraft-related
staff, station validation of ATC staff, etc).
• It is common practice for some operational staff in the regulatory organisations to
be active within an organisation, perhaps as a fully qualified airline pilot, because
that would have been what they were before they became a regulator and they can
thus claim exposure to real-world issues, hazards and burning issues.
• It is a rare, but very carefully policed, situation that bears fruit provided mutual
respect is maintained between the regulator and organisations.
• On the whole, such a policy contributes to such respect, and it can considerably
shorten the time needed to invoke and clear suddenly required legislation.
• While this layered approach is now a well-established practice and the procedures are well
defined, the trend towards SMS-based regulatory power implies that a safety system can be
run on many different lines, ranging from the established, rather authoritarian, approach to
implementations that are less well structured and in which individuals at all levels take a more
personal responsibility for monitoring and reacting to changing circumstances.
• As an example, this can lead to an airline engineer, on encountering an unexpected problem,
formulating a unique solution. It will have to be countersigned, and thus checked by a
colleague, but it might lead to a solution in less time than having to feed information through
a chain of command and awaiting the authorisation of an individual further up the hierarchy.
• The staff that have taken the decision in the organisation, in this case, would be duty-bound to
report the details, and only upon hearing of the events does the technical authority decide if
they need to respond or simply accept the work undertaken.
• This leaves regulators more free to regulate, rather than to interfere in daily decision-taking,
and should lead to leaner and more cost-effective national regulatory processes.
• This approach has been used extensively and has worked well, on the whole, in recent years.
• Many would regard this as a first-class example of how to apply a ‘systems approach’ to
problem-solving.
• The individual in the firing line is left to exercise his or her own judgement, which will be
based on experience, and yet he or she is not made to feel alone – the hierarchical system is
still there to support those who prefer to seek advice. Responsibility has been passed down
the chain of command.
Risk Assessment
• In respect of having a justification system for action or inaction, or to act as a
stimulus for change, the most far-reaching principles in safety regulation are in
risk assessment.
• It is a framework that is simple in terms of its philosophy and is a prime
example of taking a ‘systems approach’, in that a key property of the system is
recognised and managed through regulation.
• Examples of the latter are FARs (Federal Airworthiness Requirements)
administered by the Federal Aviation Administration (FAA) in the USA and JARs
(Joint Airworthiness Requirements) administered by the Joint Airworthiness
Authority (JAA) in Europe, which declare objectives that govern the latitude for
judgement in the design and operation of aircraft and their components.
• In assessing the applicability of procedures an organisation has to submit a
functional hazard analysis (FHA) to the regulator.
• This can take many forms, but it will invoke several defined steps, and thus it
might range from involving a panel of specialists with different but relevant
disciplines to being a competent mathematical model based on acceptable
data and analytical criteria.
• These regulations are justified according to a numerically assessed level of risk, which
must be shown to surpass a threshold of acceptability in the event of a particular failure.
• It can come as a surprise to find that an acceptable level of failure is associated with such
an event as an aircraft crash.
• Quite simply, to say that an aircraft must never crash is to say that aircraft should never
fly.
• The four criteria in below Table are used to assess a possible failure in any system, within
or supporting an aircraft’s (or several aircrafts’) operation:
• A minor failure is one that has no impact on the actual operation
• A major failure will have an impact, but it must be so well understood that anticipatory
procedures, or system redundancy, has been used to make the failure survivable without
serious consequences.
- An example would be the loss of an engine at the safety decision speed on take-off.
• A hazardous failure will be investigated in detail.
– Good design practice is to avoid this category.
– Thus an aircraft wing will have multiple-spars so that the failure of any one, while it will have an
impact, will be survivable.
– If the failure was undetectable in normal service, the inspection regime, imposed as a condition of
the certificate of airworthiness, should ensure there is an acceptable likelihood of it being found by
a mechanic.
– If the investigated potential cause of a hazardous failure can be eliminated by design, re-design is
often regarded as a necessary adjunct to getting an airworthiness certificate.
• A catastrophic failure will be assumed to lead inevitably to the loss of the aircraft
and all of its occupants. The acceptable failure rate of 1 x 10–9 per hour suggests
that, on average, a catastrophic failure will occur in every 1000 million flying
hours.
– This is equivalent to about 12 000 aircraft flying 24 h per day, every day, for 10 years.
• Traditional engineering design is governed almost exclusively by the desire to
maximise or minimise the value of a controlled issue; this is then expressed as an
efficiency.
• However, systemic approaches, like those used in technical regulations that
address design and operations, encourage the development of solutions that meet
objectives with the best use of resources.
• This defines the effectiveness of a solution.
• This is mentioned because, all too often, it is assumed that engineers and
operators look for a high-efficiency solution, at the expense of good performance
in all other regimes.
• In good design, risk-assessment procedures will ensure that all the necessary
qualities are taken into account and balanced.
• Risk assessments (often called ‘safety cases’) are an essential component of a
safety management system (SMS), and without the capability to perform these
functions any operational team will be regarded as deficient.