Sms+With+Template Potx

SMS Safety
Management System
MODULE TITLE / NUMBER
LEARNING OBJECTIVE
C.O 1 - Apply the Basic Safety Concepts
C.O 2 - Analyze and asses safety risks to mitigate it to
an acceptable level.
C.O 3 - Distinguish the understanding of flight hazards
C.O 4 – Analyze the approach and procedures in SMS
Implementation.
COURSE CONTENT
EXAMPLE EXAMPLE example example EXAMPLE

LESSON 1
TITLE OF LESSON 1
(PICTURES)
Example
Description
Safety Management System
ICAO Safety Management Systems (SMS) Course 05/31/18

Course contents
• Module 1 – SMS course introduction
• Module 2 – Basic safety concepts
• Module 3 – Introduction to safety management
• Module 4 – Hazards
• Module 5 – Risks
• Module 6 – SMS regulation
• Module 7 – Introduction to SMS
• Module 8 – SMS Planning
• Module 9 – SMS Operation
• Module 10 – Phased approach to SSP and SMS
implementation
Safety Management Systems (SMS) Course
Module N° 1 – SMS
course introduction
Revision N° 11 ICAO Safety Management Systems (SMS) Course 01/01/08

Course goals
• The goals of the ICAO Safety Management Systems
(SMS) Course are to:
Provide participants knowledge of safety management
concepts and ICAO Standards and Recommended Practices
(SARPs) on safety management.
Develop participants’ knowledge to accept and oversee

the key components of an SMS, including their
implementation, and the establishment of the State safety
programme (SSP) in compliance with relevant ICAO SARPs.
Module N° 2 – Basic safety concepts

Objective
• At the end of this module, participants will be able to
explain the strengths and weaknesses of traditional
methods to manage safety, and describe new
perspectives and methods for managing safety
Concept of safety
• What is safety?
• Zero accidents or serious incidents (a view widely held by
the travelling public)
• Freedom from hazards (i.e. those factors which cause or
are likely to cause harm)
• Attitudes towards unsafe acts and conditions by
employees of aviation organizations
• Error avoidance
• Regulatory compliance
CIVIL AVIATION REGULATIONS (CAR) PART 1
GENERAL POLICIES, PROCEDURES, and DEFINITIONS
Accident:An occurrence associated with the Incident:

operation of an aircraft which takes An occurrence, other than an
place between the times any person accident, associated with the
boards the aircraft with the intention of
operation of an aircraft which
flight until such time as all such persons
affects or could affect the
have disembarked, in which:
safety of operation.
• (a) a person is fatally or seriously
injured
• (b) the aircraft sustains damage or
structural failure which:
• (c) the aircraft is missing or is
completely inaccessible.
Concept of safety
• Consider (the weaknesses in the notion of perfection)
• The elimination of accidents (and serious incidents) is
unachievable
• Failures will occur, in spite of the most accomplished
prevention efforts
• Controlled risk and controlled error are acceptable in an
inherently safe system
• Acceptable Level of Safety (ALOS)
What is an SMS?
• Safety Management System

• A systematic approach to
managing safety, including the
necessary organizational
structures, accountabilities,
policies and procedures
Concept of safety (Doc 9859) - SMSM
• Safety is the state in which the risk of harm to persons
or property damage is reduced to, and maintained at
or below, an acceptable level through a continuing
process of hazard identification and risk management

Safety
 Traditional approach – Preventing accidents
 Focus on outcomes (causes)
 Unsafe acts by operational personnel
 Attach blame/punish for failures to “perform safely”
 Address identified safety concern exclusively
 Regulatory compliance
 Identifies:
WHAT? WHO? WHEN?
But not always discloses:
WHY? HOW?
The evolution of safety thinking
TECHNICAL FACTORS
HUMAN FACTORS
TODAY
ORGANIZATIONAL FACTORS
1950s 1970s 1990s 2000s

Fuente: James Reason
A concept of accident causation
Organization Workplace People Defences

Regulations
Management Working conditions Errors Training
Technology
decisions and and
ORGANIZATION
organizational violations
processes
Latent conditions trajectory

Actions
Activities
Factors
Resources ortoinactions
Conditions
that
over directly
protect
present
which by
in people
influence
any
against
the (pilots,
organization
system
the
the risks controllers,
efficiency
before
has
thata maintenance
organizations
the
of
reasonable
people
accident,
in degree
made
involved
engineers, aerodrome staff, etc.) that have an immediate adverse
in production evident
activities
aviation
byoftriggering
direct
generate
workplaces.
effect. control
factors.
and must control.
The organizational accident
Organizational processes
Workplace Policy-making Latent

conditions Planning conditions
Communication
Allocation of resources
Active Supervision
Defences
failures  ...
Activities over which any organization has a reasonable degree

of direct control
Workplace  Inadequate hazard Latent

conditions identification and risk conditions
management
 Normalization of
Active deviance
Defences
failures
Conditions present in the system before the accident, made evident by

triggering factors.
Workplace Latent
conditions conditions
Technology
Training
Active
failures
Regulations Defences
Resources to protect against the risks that organizations involved

in production activities generate and must control.
 Workforce stability
Workplace  Qualifications and Latent
conditions experience conditions
 Morale
 Credibility
Active  Ergonomics Defences
failures  ...
Factors that directly influence the efficiency of people in

aviation workplaces.
Workplace Latent
Errors
Active
Violations Defences
failures
Actions or inactions by people (pilots, controllers, maintenance engineers,

aerodrome staff, etc.) that have an immediate adverse effect.
The perspective of the organizational accident
Improve Identify
Monitor
Workplace Latent
Reinforce
Contain
Active
Defences
failures
People and safety
• Aviation workplaces
involve complex
interrelationships among
its many components
• To understand
operational performance,
we must understand how
it may be affected by the
interrelationships among
the various components
of the aviation work
places Source: Dedale
• A conceptual framework proposed in ICAO Circular 216-AN31.
ICAO SHELL Model • The concept was first developed by Edwards in 1972, with a
modified diagram to illustrate the model developed by
Hawkins in 1975 – Human Factors.
• Software - the rules, procedures, written documents etc.,
which are part of the standard operating procedures.
• Hardware - the Air Traffic Control suites, their configuration,
controls and surfaces, displays and functional systems.
• Environment - the situation in which the L-H-S system must
function, the social and economic climate as well as the
natural environment.
• Liveware - the human beings - the controller with other
controllers, flight crews, engineers and maintenance
personnel, management and administration people - within in
the system.
S
H L L
15
Source: Dedale
Processes and outcomes
Causes and
consequences
of operational
errors are not
linear in their
magnitude
Source: Dedale
Operational performance and technology
• In production-intensive
industries like
contemporary aviation,
technology is essential
• As a result of the massive
introduction of technology,
the operational
consequences of the
interactions between
people and technology are
often overlooked, leading
to human error
SHELL MODEL
• Liveware – Hardware (L-H)
• Relationship between the human vs. the physical attributes of equipment,
machines and facilities.
• With reference to human performance in the context of aviation operations,
there is natural human tendency to adapt to L-H mismatches.
SHELL MODEL
• Liveware – Software (L-S)
• Relationship between the human and the supporting systems found in the
workplace.
• Regulations
• Manuals
• Checklists
• SOPs
• Computer Software
SHELL MODEL
• Liveware – Liveware (L-L)
• Communication and interpersonal skills, as well as group dynamics play a role
in determining human performance.
• Relationships among people in the work environment, especially those who
function in groups.
• Flight crews
• Air traffic controllers
• Other operational personnel
SHELL MODEL
• Liveware – Environment (L-E)
• Relationship between the human and both the internal and external
environments.
• The aviation work environment includes disturbances to normal biological
rhythms and sleep patterns.
• Additional environmental aspects maybe related to organizational attributes
that may affect decision making process and create pressure to develop
“workarounds”
SHELL MODEL: A Summary
• A mismatch between liveware and the other four

components contributes to Human Error.
• These interactions must be assessed and considered

in all sectors of the aviation system.
Understanding operational errors
• Human error is
considered contributing
factor in most aviation
occurrences
• Even competent
personnel commit errors
• Errors must be accepted
as a normal component
of any system where
humans and technology
interact
Investigation of accidents and incidents.
• When an accident or serious incident occurs, the accident
investigation process is set in motion to find out any possible failure
within the system , the reasons therefore to generate counter
measures.
• In a safety management environment, the accident investigation
process has a distinct role.
Investigation of accidents and incidents.
• An essential process that deploys when safety

defenses, barriers, checks and counterbalances in the
system have failed.
ERRORS and VIOLATIONS
• Effective SMS implementation by the product or service provider is
dependent upon a clear and mutual understanding of errors and
violations and the differentiation between the two.
• The difference between errors and violations lies in intent.
ERRORS and VIOLATIONS
• An error is unintentional.
• A violation is a deliberate act or omission to deviate

from established procedures, protocols, norms or
practices.
ERRORS
• An action or inaction by an operational person that leads to deviation
from organizational or the operational person’s intentions or
expectations.
• Humans will commit errors regardless of the level of technology used,
the level of training or the existence of regulations, processes and
procedures.
ERRORS
• An important goal is to set and maintain defenses to reduce the
likelihood of errors and, just as importantly, reduce the
consequences of errors when the do occur.
• To effectively accomplish this task, errors must be identified,
reported and analyzed so that appropriate remedial action can be
taken.
ERRORS
• Errors can be divided into two categories:
• Mistakes: are failures in the person’s plan of action.
• Even if execution of the plan were correct, it would not have been possible to achieve
the intended outcome,
• Slips and lapses: are failures in the execution of the intended action.
• Slips are actions that do not go as planned, while lapses are memory failures.
VIOLATIONS
• A deliberate act of willful misconduct or omission resulting in a
deviation from established regulations, procedures, norms, or
practices.
• Non compliance is not necessarily the result of a violation because
deviations from regulatory requirements or operating procedures
maybe the result of an error.
• Stating his Swiss Cheese Model
Professor of Psychology
University of Manchester (1962)
Swiss Cheese Model
Illustrates that, although many layers of defenses lie between
hazards and accidents, there are flaws in each layer that, if
aligned, can allow the accident to occur.
Accident investigation – Once in a million flights
Unh Inci
Fla
ps o
Che
ckl i eed acc dent /
mitt s t fa ed iden
ed ilure w arn t
ing
Error Deviation Amplification Degradation /

breakdown
Safety management – On almost every flight
Fla Che Effe

ps o ckl i ctiv
mitt st w ew
ed ork arn
s ing
Error Deviation Amplification Normal flight

Three strategies for the control of human error
• Error reduction strategies
intervene at the source of
the error by reducing or
eliminating the
contributing factors
• Human-centred design
• Ergonomic factors
• Training
•…
• Error capturing strategies
intervene once the error
has already been made,
capturing the error
before it generates
adverse consequences
• Checklists
• Task cards
• Flight strips
• …
• Error tolerance strategies
intervene to increase the
ability of a system to
accept errors without
serious consequence
• System redundancies
• Structural inspections
•…
Understanding violations – Are we ready?
ology Accident
High hn
Tec aining ns
Tr
ulatio
Incident
Reg
System’s
production
objective(s)
Exceptional violation space

Risk
ORGANIZATION
Violation space
Low
Safety space
Minimum System output Maximum
Culture
• Culture binds people together as members of groups
and provides clues as to how to behave in both normal
and unusual situations
• Cultural influences the values, beliefs and behaviours

that people share with other members of various
social groups
Three cultures
National
Organizational
National
Professional
Three distinct cultures
• National culture encompasses the value system of
particular nations
• Organizational/corporate culture differentiates the
values and behaviours of particular organizations (e.g.
government vs. private organizations)
• Professional culture differentiates the values and
behaviours of particular professional groups (e.g.
pilots, air traffic controllers, maintenance engineers,
aerodrome staff, etc.)
• No human endeavour is culture-free
Organizational/corporate culture
• Sets the boundaries for acceptable behaviour in the
workplace by establishing norms and limits
• Provides a frame work for managerial and employee
decision-making
• “This is how we do things here, and how we talk about the
way we do things here”
• Organizational/corporate culture shapes – among
many others – safety reporting procedures and
practices by operational personnel
COMMITMENT
TRAINING AWARENESS
SAFETY CULTURE
LEARNING AND
RESPONSIBILITY
REPORTING
COMMUNICATION
AND TRUST
SAFETY CULTURE
• Encompasses the commonly held perceptions and beliefs of an
organization’s members pertaining to the public’s safety;
• Can be a determinant of the behavior of the members.
• A healthy safety culture relies on a high degree of trust and respect
between personnel and management and therefore must be created
and supported at the senior management level.
HEALTHY SAFETY CULTURE
• Actively seeks improvements,
• Vigilantly remains aware of hazard and
• Utilizes systems and tools for continuous monitoring, analysis and
investigation.
• It must exist in:
• State aviation organizations, and
• Service provider organizations.
HEALTHY SAFETY CULTURE
• Shared commitment by personnel and management

to personal safety responsibilities.
• Confidence in the safety system.
• Documented set of rules and policies
Effective way to promote safe operations:
• Ensure that an organization has developed an environment where all
staff feel responsible for safety.
• This becomes evident when staff:
• Consider the impact of safety in everything that they do,
• Report all hazards, errors, and threats.
• Support the identification and management of all their associated risks.
National
Organizational
Safety
Culture
Professional
Safety culture
• A trendy notion with potential for misperceptions
and misunderstandings
• A construct, an abstraction
• It is the consequence of a series of organizational
processes (i.e., an outcome)
• Safety culture is not an end in itself, but a means to
achieve an essential safety management
prerequisite:
• Effective safety reporting
Safety Culture
• Safety culture is not an end in itself but a means to achieve an
essential safety management prerequisite:
• Effective Safety Reporting

REPORTING SYSTEMIC SAFETY
DEFICIENCIES
• To be effective, REPORTING OF SYSTEMIC SAFETY DEFICIENCIES will
depend upon:
• Continuous flow of information from front line personnel
• Policies that distinguish willful acts of misconduct from inadvertent
errors, providing for an appropriate punitive or non punitive policy.
REPORTING SYSTEMIC SAFETY
DEFICIENCIES
• An absolute no blame culture is unreasonable and not even feasible.
• While management gains safety information, the system will be
ineffective if it interferes with appropriate punitive actions.
• Conversely, a culture that fails to distinguish unintentional
errors/mistakes from acts of willful misconduct will inhibit the
reporting process.
VOLUNTARY REPORTING SYSTEM
• Should be confidential and operated in accordance with appropriate
non punitive policies.
• Should provide feedback to personnel on safety improvements
achieved as a result of the reports received.
• Requires secure and easy access to safety reporting systems.
SAFETY INFORMATION COLLECTION
• Protection of safety information:
• Essential in ensuring the continued availability of information.
• Realized when a safety reporting system is:
• Confidential
• Voluntary
• Non-punitive.
SAFETY INFORMATION COLLECTION
• The benefits of a voluntary reporting system:
• The reporting system enables the personnel to actively
identify hazards.
• Management is able to gather pertinent safety hazard
information and also build trust with personnel.
Errors ...
… are like mosquitoes …

To fight them …
... drain their breeding swamps.

Basic safety concepts
Questions and answers

• Q: Enumerate the five building blocks of the
organizational accident.
• A:
Workplace Latent
Active
Defences
failures
Slide number: 16
Points to remember
1. The organizational accident.
2. Operational contexts and human performance
3. Errors and violations.
4. Organizational culture and effective safety reporting.
5. The management of safety information.

Module N° 3 – Introduction
to safety management

Outline
• The Safety Stereotype
• The Management Dilemma
• Need for Safety Management
• Strategies for Safety Management
• The imperative of change
• 8 blocks of Safety Management
• 4 responsibilities for managing safety
Objective
explain the need for, the strategies and the key
features of safety management.

The safety stereotype
What is the fundamental objective of a business
organization?
Safety management – Rationale
• In order to achieve its production objectives, the
management of any aviation organization requires the
management of many business processes.
• Managing safety (protection) is one such business
process.
• Safety management is a core business function just as
financial management, HR management, etc.
• This brings about a potential dilemma for management.
The management dilemma
Management levels
Resources Resources
Protection Production
Man
age
m en
t lev
els
Resources
Protection
Production
Catastrophe
vels
nt le
me
n age
Ma
Resources
Production
Protection
Bankruptcy
Safety space
Financial
management ?
Bankruptcy
ce
Protection
spa
ety
Saf
Catastrophe
Safety
Production
management
The evolution of safety thinking
TECHNICAL FACTORS
HUMAN FACTORS
TODAY
ORGANIZATIONAL FACTORS
1950s 1970s 1990s 2000s

Fuente: James Reason
THE EVOLUTION OF SAFETY
THINKING
• History of the progress in aviation safety
• The Technical Era: From the early 1900s until the late 1960s.
• Aviation emerged as a form of Mass Transportation in which identified safety
deficiencies were initially related to technical factors and technological
failures.
• Focus of safety endeavors was placed on the investigation and improvement
of technical factors.
THE EVOLUTION OF SAFETY THINKING
• The Human Factors era – from the early 1970s until the mid – 1990s.
• Frequency of aviation accidents was significantly reduced due to
major technological advances and enhancements to safety
regulations.
• Aviation became a safer mode of transportation; the focus on safety
was extended to include human factor issues including the man and
machine interface.
• Despite the investment of resources in error mitigation, human
performance continued to be cited as a recurring factor in accidents.
THINKING
• The Organizational Era – from the mid-1990s to the early 2010s
• Safety began to be viewed from a systemic perspective, which to
encompass organizational factors in addition to human and technical
factors.
• The notion of the organizational accident was introduced, considering
the impact of organizational culture and policies on the effectiveness
of safety risk controls.
• This new approach is based on routine collection and analysis of data
using proactive as well as reactive methodologies to monitor known
safety risks and detect emerging safety issues.
THINKING
• Total System Era
• From the beginning of the 21st century, many states
and service providers had embraced the safety
approaches of the past and evolved to a higher level
of safety maturity.
• They have begun implementing SSP or SMS and are
reaping the safety benefits.
Safety management – The response to the
dilemma
• Safety issues are a by-product of activities related to
production/services delivery.
• An analysis of an organization's resources and goals
allows for a balanced and realistic allocation of
resources between protection and production goals,
which supports the needs of the organization.
• The product/service provided by any aviation
organization must be delivered safely (i.e. protecting
users and stakeholders).
Why SM ? – The first ultra-safe
industrial system
Technological era - Fragile system (1920’s -1970’s)
Focus in technical factors
Accident investigation
10-3
Human Factors era - Safe system (1970’s
– mid 1990’s)
Human factor issues including man and machine
10-5 interface; technology and regulations
Incident investigation
Organizational era - Ultra-safe system
(mid 1990’s onwards)
 Business management approach to safety
(SMS)
Less than one catastrophic  Routine collection and analysis of
10 -7
breakdown per million operational data
production cycles
The Theory of Practical Drift
• Baseline Performance
• Initial system design – based on 3 fundamental assumptions:
• Technology needed to achieve the system production goals is available.
• Properly Trained People to operate the technology, and
• Regulations and procedure will dictate system and human behaviour.
• Once operationally developed, the system performs
as designed, following baseline performance most of
the time.
• In reality, operational performance is different from

baseline performance.
• No matter how careful and well thought out its design planning have
been, practical drift from baseline performance is foreseeable in any
system.
• Reasons for Practical drift:
• Technology doesn’t always operate as predicted.
• Procedures that cannot be executed as planned under certain operational
conditions.
• Regulations that are not applicable within certain contextual limitations.
• Introduction of changes to the system, including the addition of new
components.
• The interaction with other systems
Why SM? An imperfect system
SMS
Baseline performance
System
design
“Practical drift”
Operational Operatio
n al perfor
deployment m ance
Op
e
• Capture and analyze the informationrawithin
tion the practical drift for the
control and mitigation of safety risks. al pe
rfor
• The closer to the beginning of the practical drift mthat
anc the information
can be systematically captured, the greater number of e hazards and
safety risks that can be predicted and addressed.
• This leads for re design or improvements to the system.
• HOWEVER, THE UNCHECHECKED PROLIFERATION OF
LOCAL ADAPTATIONS AND PERSONAL STRATEGIES MAY
LEAD THE PRACTICAL DRIFT TOO FAR FROM THE
BASELINE PERFORMANCE LEADING TO A GREATER
The essential is invisible to the
eyes
Number of occurrences
1–5 Accidents
30 – 100 Serious incidents
100 – 1000 Incidents
Latent conditions
1000 – 4000
The focus of hazard identification
 Hazard identification is a wasted effort
if restricted to the aftermath of rare
occurrences where there is serious
Accidents injury, or significant damage.
1–5
“Practical drift”
Reg Tech
Serious incidents ulaTtrai nol
ionnisng ogy
30 – 100
Incidents
100 – 1000
Latent conditions
1000 – 4000 “Practical drift”
SMS
Reactive safety management
• Investigation of accidents and serious incidents
• Based upon the notion of waiting until something breaks to
fix it.
• Most appropriate for:
• situations involving failures in technology.
• unusual events.
• The contribution of reactive approaches to safety
management depends on the extent to which the
investigation goes beyond the triggering cause(s), and
includes contributory factors and findings as to risks.
Proactive safety management
• Mandatory and voluntary reporting systems, safety
audits and surveys.
• Based upon the notion that system failures can be
minimized by:
• identifying safety risks within the system before it fails; and
• taking the necessary actions to reduce such safety risks.
Predictive safety management
• Confidential reporting systems, flight data analysis,
normal operations monitoring.
• Based upon the notion that safety management is best
accomplished by looking for trouble, not waiting for it.
• Aggressively seek information from a variety of sources
which may be indicative of emerging safety risks.
Navigating the drift
Baseline performance
Op “Practical drift”
er a
tion
al p
e r fo
r ma
nce Organization
Navigational aids
Reactive Proactive Predictive

Strategies – Levels of intervention and tools
Safety management levels
Baseline performanceigh
H id dle Low
M
OpPredictive “Practical drift”
Hazards
era Proactive Reactive Reactive
tion
al p
er form
FDA/FDM an Organization
ce ASR/ASRS ASR/ASRS Accident
Direct Surveys MOR and incident
observation Audits reports
system
Highly efficient Very efficient Efficient Insufficient
Desirable management
levels
SAFETY DATA COLLECTION AND
ANALYSIS
Safety Data: Collection and quality
• Validity – Data collected are acceptable as per established criteria for their
intended use.
• Completeness – No relevant data are missing.
• Consistency – The extent to which measurement of a given parameter is
consistent can be reproduced and avoids error.
• Accessibility – Data readily available for analysis.
• Timeliness – Data are relevant to the time period of interest and available
promptly.
• Security – Data are protected from inadvertent or malicious alteration.
• Accuracy – data are error free.
Safety Database
• Safety database may include the following data or information (safety
data collection to support data analysis)
• Accident investigation data
• Mandatory incident investigation data
• Voluntary reporting data
• Continuing airworthiness reporting data
• Safety risk assessment data
• Data from audit findings/reports
• Data from safety studies/reviews and
• Safety data from other states, regional safety oversight organizations. Or
regional accident and incident investigation org.
Safety Data Analysis
• After collecting safety data through various sources, organizations
should then perform the necessary analysis to identify hazards and
control their potential consequences.
• Safety data analysis may be used to :
• Assist in deciding what additional facts are needed;
• Ascertain latent factors underlying safety deficiencies;
• Assist in reaching valid conclusions; and
• Monitor and measure safety trends or performance
Analytical Methods and tools
• Statistical Analysis – method used to assess the significance of
perceived safety trends often depicted in graphical representations of
analysis results.
• Trend Analysis – predictions may be made about future events by
monitoring trends in safety data.
• Normative comparisons – sampling of real world experience under
similar operating conditions.
Types of Analysis
• Descriptive Analysis – What is happening?
• Inferential Analysis – What is the possible explanation
for what is happening right now?
• Predictive Analysis – How can future decisions be
made based upon what is happening now?
Analytical Methods and Tools
• Simulation and testing – Hazards may become evident through
simulation as well as lab testing to validate safety implications of
existing new types of operations, equipment, and procedures
• Expert Panel – The views of peers and specialists can be useful in
evaluating the diverse the diverse nature of hazards.
• Cost benefit analysis – the acceptance of recommended control
measures may be dependent on credible cost benefit analysis.
Safety Management Strategies –
A Summary
• Reactive method – Responds to the events that already happened,
such as incidents and accidents.
• Proactive – Looks actively for the identification of safety risks through
the analysis of the organization’s activities
• Predictive – Captures system performance as it happens in real time
normal operations.
The imperative of change
• As global aviation activity and complexity continues to
grow, traditional methods for managing safety risks to
an acceptable level become less effective and
efficient.
• Evolving methods for understanding and managing

safety risks are necessary.
The changing of the guard
• Traditional – Accident/serious incident investigation
• Aviation system performs most of the time as per design
specifications (base line performance).
• Compliance based.
• Outcome oriented.
• Evolving – Safety management
• Aviation system does not perform most of the time as per
design specifications (practical drift).
• Performance based.
• Process oriented.
Responsibilities for managing safety
• These responsibilities fall into four basic areas:

 Definition of policies and procedures regarding safety.
 Allocation of resources for safety management activities.
 Adoption of best industry practices.
 Incorporating regulations governing civil aviation safety.
8 building blocks of Safety Management
• Commitment of Senior Management to the management of safety.
• Effective safety reporting
• Continuous monitoring through systems for collection, analysis and
sharing of safety related data arising from normal operations.
• Investigation of safety occurrences with the objective of identifying
systemic safety deficiencies rather than assigning blame.
• Sharing safety lessons learned and best practices through active
exchange of safety information.
8 building blocks of Safety Management
• Integration of Safety training for operational personnel.
• Effective implementation of Standard operating procedures including
the use of checklists and briefings.
• Continuous improvement of the overall level of safety.
In a nutshell…
• The result of implementing the 8 building blocks:
• An organizational culture that fosters safe practices, encourages effective
safety communication, and actively manages safety with the same attention
to results as as financial management.
The safety management process at a glance
Identify
hazards
Re-evaluate Collect
additional Assess
control hazard risks
strategies data
Implement Safety Prioritize

control management risks
strategies process
Approve Develop
Assign control elimination/
responsibilities mitigation
strategies strategies
Question and answers
Introduction to safety management
• Q: Explain the management dilemma regarding
safety management.
• A:
Management levels
Resources Resources
Protection Production
Module N° 4 – Hazards

Two definitions:
• Hazard – Condition or object with the potential of
causing injuries to personnel, damage to equipment or
structures, loss of material, or reduction of ability to
perform a prescribed function.
• Consequence – Potential outcome(s) of the hazard.
• A wind of 15 knots blowing directly across the runway is a
hazard.
• A pilot may not be able to control the aircraft during takeoff
or landing is one of the consequences of the hazard.
AIRPORTS: APRON OPERATION
HAZARDS
• Improper foreign object debris (FOD) Control.
• Improper fuel spill containment and cleanup.
• Improper marshalling.
• Improper ram control and tie down procedures.
• Insufficient protective pylons around aircraft.
• Jet Blast or Prop. Blast
• Limited or incorrect type of aircraft parking.
• Poor Refueling procedures.
First fundamental – Understanding hazards
• There is a natural tendency to describe hazards as
their consequence(s).
• “Unclear aerodrome signage” vs. “runway incursion”
• Stating a hazard as consequence(s) :
• disguises the nature of the hazard
• interferes with identifying other important consequences.
• Well-named hazards :
• allow to infer the sources or mechanisms of the hazard
• allow to evaluate the loss outcome(s)
First fundamental – Understanding hazards
• Types of hazards
• Natural
• Technical
• Economic
Natural Hazards (examples)
• Severe weather or climatic events.
• Adverse weather conditions.
• Geophysical events.
• Geographical conditions.
• Environmental events.
• Public health events.
Technical Hazards (examples)
• Deficiencies regarding:
• Aircraft components and systems.
• An organization’s facilities, tools and equipment.
Economic Hazard (example)
• Growth
• Recession
• Cost of material or equipment.

Second fundamental – Hazard identification
• In order to identify hazards, consider:
• Design factors, including equipment and task design
• Procedures and operating practices, including
documentation and checklists
• Communications, including means, terminology and
language
• … consider:
• Organizational factors, such as company policies for
recruitment, training, recurrency, remuneration and
allocation of resources
• Work environment factors, such as ambient noise and
vibration, temperature, lighting and protective equipment
and clothing
• … consider:
• Regulatory factors, including the applicability and
enforceability of regulations; certification of equipment,
personnel and procedures; and the adequacy of oversight
• Defences including detection and warning systems, and the
extent to which the equipment is resilient against errors and
failures
• Human performance, including medical conditions and
physical limitations
Sources of hazard identification
• Internal
• Flight Data Analysis
• Company voluntary
reporting system
• Audits and surveys
• External
• Accident reports
• State mandatory
occurrence system
• As a reminder
• Predictive
• Proactive
• Reactive
Hazard identification
• By whom?
• By anybody
• By designated personnel
• How?
• Through formal processes
• Depends on the organization
• When?
• Anytime
• Under specific conditions
Hazard identification
• Specific conditions
• Unexplained increase in
safety-related events or
infractions.
• Major operational
changes are foreseen.
• Periods of significant
organizational change.
Hazard Identification and Prioritization
• Hazards exists at all levels in the organization and are detectable
through the use of reporting systems, inspections or audits.
• Mishaps may occur when hazards interact with certain triggering
factors.
• As a result, hazards should be identified before they lead to
accidents, incidents or other safety – related occurrences.
Hazard Identification and Prioritization
• Hazards can also be identified from the review or study of
investigation reports, especially those hazards which are deemed to
be indirect contributing factors and which may not have been
adequately addressed by corrective action resulting from the
investigation process.
Hazard Identification Methodologies
• Reactive – An analysis of past outcomes or events.
• Hazards are identified through investigation of safety occurrences.
• Incident and accidents are clear indicators of system deficiencies and
therefore can be used to determine the hazards that either contributed to
the event or are latent.
• Proactive – Actively seeking hazards in the existing process.
• Involves analysis of existing or real time situations which is the primary job
of the safety assurance function with its audits, evaluations, employee
reporting, and associated analysis of assessment processes.
• Predictive – It involves data gathering in order to identify possible
negative future outcomes or events, analyzing system processes and
the environment to identify potential future hazards and initiating
mitigating actions.
Third fundamental – Hazard analysis
ABC of hazard analysis
AB
State the generic
hazard Identify specific
(Hazard statement) components of the Naturally leading to
C
hazard specific
 Airport construction  Construction
consequence(s)
equipment  Aircraft colliding
 Closed taxiways with construction
 … equipment
 Aircraft taking wrong
taxiway
 …
Third fundamental – Hazard analysis
• Efficient and safe operations or provision of service
require a constant balance between production
goals...
• maintaining regular aerodrome operations during a runway
construction project
• ...and safety goals
• maintaining existing margins of safety in aerodrome
operations during runway construction project.
• Aviation workplaces may contain hazards which may
not be cost-effective to address even when operations
must continue.
Fourth fundamental – Documentation of hazards
• Appropriate
documentation
management is
important as:
• It is a formal procedure to
translate operational
safety data into hazard-
related information.
• It becomes the “safety
library” of an
organization.
• Tracking and analysis of
hazards is facilitated by
standardizing:
• Definitions
• Understanding
• Validation
• Reporting
• Measurement
• Management
Method Identification Management Documentation Information
Reactive method Assess the Safety

• ASR consequences Assign management
and prioritize the responsibilities information
• MOR
• Incident reports risks
Hazards
• Accident reports Trend analysis
Proactive method
• ASR
Develop control
and mitigation
Implement
strategies
“Safety Safety bulletins
• Surveys
• Audits
strategies
library”
Hazards
Report
Predictive method distribution
• FDA Inform person(s) Re-evaluate
• Direct responsible for strategies
observation implementing and Seminars and
strategies processes workshops
systems
Feedback
Hazards

• Q: Define the concept of hazard.
• A:
• Hazard – Condition or object with the potential of causing
injuries to personnel, damage to equipment or structures,
loss of material, or reduction of ability to perform a
prescribed function.
• Q: Provide three examples of areas/factors to consider
when identifying hazards.
• A:
• Design factors, including equipment and task design.
• Procedures and operating practices, including
documentation and checklists.
• Communications, including means, terminology and
language.
• Q: Name three specific circumstances when hazard
identification is essential.
• A:
• Unexplained increase in safety-related events or infractions.
• Major operational changes are foreseen.
• Periods of significant organizational change
Points to remember
1. Hazards have potential consequences
2. Sources of hazard identification
3. ABC of hazard analysis
4. Hazard documentation: the “safety library” of an

organization
Module N° 5 – Risks

Definition of risk
• Safety Risk – The assessment, expressed in terms of
predicted probability and severity, of the
consequence(s) of a hazard taking as reference the
worst foreseeable situation.
hazard.
or landing is one of the consequences of the hazard.
• The assessment of the consequences of the potential loss of
control of the aircraft by the pilot expressed in terms of
probability and severity is the risk.
Safety Risk Management:
First fundamental – Risk management
• What is it?
• The identification, analysis and elimination, and/or
mitigation to an acceptable level of risks that threaten the
capabilities of an organization.
• What is the objective?
• Aims at a balanced allocation of resources to address all
risks and viable risk control and mitigation.
• Why is it important?
• A key component of safety management systems.
• Data-driven approach to safety resources allocation, thus
defensible and easier to explain.
Risk management
The risk is
Intolerable region
unacceptable
at any level
As The risk is
ORGANIZATION
acceptable
Low based on
As Tolerable region mitigation.
Cost benefit
Reasonably analysis
Practicable is required.
Acceptable
region The risk is
acceptable as it
currently stands
Second fundamental – Risk probability
• Definition
• Probability – The likelihood that an unsafe event or condition might
occur
• Questions for assessing the probability of an occurrence:

• Is there a history of occurrences like the one being assessed, or is the
occurrence an isolated event?
• What other equipment, or similar type components, might have similar
defects?
• What number of operating or maintenance personnel must follow the
procedure (s) in question?
• Any factors underlying these questions will help in assessing
the likelihood that a hazard may exist, taking into
consideration all potentially valid scenarios.
• The determination of likelihood can then be used to assist in
determining safety risk probability.
Probability of occurrence
Qualitative
definition Meaning Value
Frequent Likely to occur many times (has occurred frequently) 5
Occasional Likely to occur some times (has occurred infrequently) 4
Remote Unlikely, but possible to occur (has occurred rarely) 3
Improbable Very unlikely to occur (not known to have occurred) 2
Extremely
improbable Almost inconceivable that the event will occur 1
Third fundamental – Risk severity
• Definition
• Severity – The possible effects of an unsafe event or
condition, taking as reference the worst foreseeable
situation
• Safety Risk Severity – is defined as the extent of harm that
might reasonable occur as a consequence or outcome of
the identified hazard.
• The severity assessment can be based upon:

• Fatalities or injury
• Damage
• Define the severity in Questions for assessing the severity of an
terms of effects for: occurrence:
• Property How many lives may be lost?

• Finance Employees
• Liability Passengers
• People General public
• Environment What is the environmental impact?
• Image
Spill of fuel or other hazardous
• Public confidence product
Physical disruption of natural
habitat
Severity of occurrences
Aviation definition Meaning Value
Equipment destroyed.
Catastrophic Multiple deaths. A
A large reduction in safety margins, physical distress or a
workload such that the operators cannot be relied upon to
Hazardous perform their tasks accurately or completely. B
Serious injury.
Major equipment damage.
A significant reduction in safety margins, a reduction in the
ability of the operators to cope with adverse operating
conditions as a result of increase in workload, or as a result C
Major of conditions impairing their efficiency.
Serious incident.
Injury to persons.
Nuisance.
Minor Operating limitations.
Use of emergency procedures. D
Minor incident.
Negligible Little consequences E
Fourth fundamental – Risk index/tolerability
Fourth fundamental – Risk index/tolerability
Human Factors and Safety Risk Management
• Given that mature SSPs and SMSs target both human and
organizational factors, a specific analysis process is a component of
any mature, effective risk management system.
• In the course of many hazard identification and risk mitigation
exercises involving human elements, it is necessary to assure that
existing or recommended defenses have taken human factors into
consideration.
ICAO DEFINITION OF HUMAN
FACTORS
• It is about people in their working and living environments , and it is
about their relationship with equipment, procedures, and the
environment. Just as importantly, it is about their relationships with
other people…
• The objective of human factors are:
• Safety
• Efficiency
Why are Human Factors important?
• Human’s can’t be ignored: he is part of the problems as well as part of
the solution.
• We are prone to focus in human errors.
• Human factors is all about the human functioning in human
engineering.
• Human factor studies aim at improving performance and protecting
people and equipment.
Applications of Human Factors
• Organizational
• Optimization of socio-technical systems.
• Cognitive
• Mental processes, such as perception, memory, reasoning, and motor
response, as they affect interactions among humans and other elements of a
system.
• Physical
• Anthropometric and biomechanical characteristics as they relate to physical
activity.
Human Factors and SRM
• Human Factor analysis provides an understanding of

the impact of human error on the situation and
ultimately contributes to the development of more
comprehensive and effective mitigation/corrective
actions.
Fifth fundamental – Risk control/mitigation
• Definition
• Mitigation – Measures to address the potential hazard or to
reduce the risk probability or severity
• Risk mitigation = Risk control
(Mitigate – To make milder, less severe or less harsh)
• Strategies
• Avoidance – The operation or activity is cancelled because
risks exceed the benefits of continuing the operation or
activity
• Operations into an aerodrome surrounded by complex geography and
without the necessary aids are cancelled
• Strategies
• Reduction –The operation or activity is subject to
limitations, or action is taken to reduce the magnitude of
the consequences of the accepted risks
• Operations into an aerodrome surrounded by complex geography
and without the necessary aids are limited to day-time, visual
conditions
• Strategies
• Segregation of exposure – Action is taken to isolate the
effects of the consequences of the hazard or build-in
redundancy to protect against it
• Non RVSM equipped aircraft not allowed to operate into RVSM
airspace
• Operations into an aerodrome surrounded by complex geography
are limited to aircraft with specific/performance navigation
capabilities
Safety risk management at a glance
Hazard
Equipment, procedures, organization, etc.
identification
Analyse the likelihood of the consequence occurring Risk analysis

Probability
Evaluate the seriousness of the consequence if it does Risk analysis

occur Severity
Is the assessed risk(s) acceptable and within the Risk assessment

organization’s safety performance criteria and tolerability
No, take action to reduce Risk control

Yes, accept the risk(s) the risk(s) to an
acceptable level /mitigation
Risk mitigation – Defences
• Recalling the three basic
Tec
h nolo
defences in aviation: Tra g y
Reg inin
ulat g
• Technology ions
• Training
• Regulations
Risk mitigation – Defences
• As part of the risk mitigation, determine:
• Do defences to protect against such risk (s) exist?
• Do defences function as intended?
• Are the defences practical for use under actual working
conditions?
• Is staff involved aware of the risks and the defences in
place?
• Are additional risk mitigation measures required?
As a reminder
• There is no such thing as absolute safety – In aviation it is
not possible to eliminate all risks
• Risks can be managed to a level “acceptable level of risk”
(ALOR)
• Risk mitigation must be balanced against:
• time
• cost
• S/C/E (safety/comfort/economy)
• Effective risk management seeks to maximize the benefits
of accepting a risk (a reduction in time and cost) while
minimizing the risk itself
• Communicate the rationale for risk decisions to gain
acceptance by stakeholders affected by them
Hazards and risks – Closing the loop
• Hazard – Condition or object with the potential of causing
injuries to personnel, damage to equipment or structures, loss of
material, or reduction of ability to perform a prescribed function
• Consequence – Potential outcome(s) of the hazard
• Risk – The assessment, expressed in terms of predicted
probability and severity, of the consequence(s) of a hazard
taking as reference the worst foreseeable situation
hazard
or landing is one of the consequences of the hazard
• The assessment of the consequences of the potential loss of
control of the aircraft by the pilot expressed in terms of
probability and severity is the risk
Regulation

The big picture
• Two audience groups
• States
• Service providers
• Three distinct requirements
• State safety programme (SSP)
• Acceptable level of safety performance (ALoSP)
• Safety management System (SMS)
• Safety performance of the SMS
• Management accountability
Basic safety management SARPs – Part I
• States shall establish a State safety programme (SSP),
in order to achieve an acceptable level of safety in civil
aviation.
• The ICAO SSP framework

What is an SSP?
• An integrated set of regulations and activities aimed at
improving safety.
• States are responsible for establishing an SSP, in order to
achieve an acceptable level of safety in civil aviation,
encompassing the following responsibilities:
Safety regulation
Accident/incident investigation
Safety assurance
Mandatory/voluntary
reporting systems
Safety data analysis and
exchange
Safety promotion
Basic safety management SARPs
• The acceptable level of safety (ALoS) to be achieved
shall be established by the State
• When establishing ALoS, consideration must be given
to
• The level of safety risk that applies
• The safety risk tolerance
• The cost/benefits of improvements to the aviation system
• The public expectations in civil aviation system
Safety indicators and safety targets
• Safety indicators
• Fatal airline accidents/serious incidents
• Runway excursion events/ground collision events
• Development/absence of primary aviation legislation
• Development/absence of operating regulations
• Level of regulatory compliance
• …
• Safety targets
• Reduction in fatal airline accident/serious incidents
• Reduction in runway excursion events/ground collision
events
• Number of inspections completed quarterly
•…
Delivering ALoS – Safety action plans
• Tools and means to deliver the safety targets of an
SSP:
• Operational procedures
• Technology
• Systems
• Training programmes
Basic safety management SARPs – Part II
• States shall require, as part of their State safety
programme (SSP), that a [service provider] implements
a safety management system (SMS) acceptable to the
State that, as a minimum:
a) identifies safety hazards;
b) ensures that remedial action necessary to maintain safety
performance is implemented;
c) provides for continuous monitoring and regular
assessment of the safety performance; and
d) aims at a continuous improvement of the overall
performance of the SMS.
Service providers
• Approved training organizations that are exposed to
safety risks during the provision of their services
• Aircraft operators
• Approved maintenance organizations
• Organizations responsible for design and/or
manufacture of aircraft
• Air traffic services providers
• Certified aerodromes
• The ICAO SMS framework

The bridge
Service
State
Safety
providers
ALoS performance
SSP SMS
What is an SMS?
• A systematic approach to
managing safety, including the
necessary organizational
structures, accountabilities,
policies and procedures
• Service providers are
responsible for establishing an
SMS
• States are responsible, under
the SSP, for the acceptance
and oversight of
organizations’ SMS
Safety performance of services provider’s SMS
• Expresses the safety objectives of a service provider.
• Provides measurable reference for measuring the
safety performance of an SMS
• Within each State, the safety performance of each
SMS will separately be agreed between the State
oversight authority and individual aviation
organizations
• Agreed safety performance should be appropriate to
the:
• complexity of individual service provider specific
operational context; and
• availability of service provider resources to address them
Safety performance of an SMS
• The safety performance of an SMS represents safety
performance measurement exclusively
• The safety performance of an SMS is expressed in
practical terms by two measures or metrics:
• Safety performance indicators
• Safety performance targets
• It is delivered through various tools and means:
• Safety requirements
• Safety performance indicators
• Short-term, tactical, measurable objectives reflecting the
• They include safety performance measurement exclusively
• Expressed in numerical terms
• Safety performance targets
• Long-term, strategic, measurable objectives reflecting the
• They include safety performance measurement exclusively.
• Expressed in numerical terms
1. Maintain no more than 20 events of unauthorized vehicles on the taxiways per
Safety 10,000 operations.
performance
2. By January 2010 reduce to 8 FOD events on the apron per 10,000 operations.
targets
3. …
1. Training course for drivers / installation of specific signage.

Action Plans 2. Thrice-daily walk-in ramp inspection programme.
3. …
Safety 1. 20 events of unauthorized vehicles on the taxiways per 10,000 operations.

performance 2. 15 FOD events on the apron per 10,000 operations.
indicators 3. ...
Service
Will comply all applicable national and international standards.
provider
Basic safety management SARPs – Part III
• A safety management system (SMS) shall clearly define
lines of safety accountability throughout a service
provider organization, including a direct
accountability for safety on the part of senior
management
(Accountability – Obligation or willingness to account

for one’s actions)
In summary
State Service provider
States shall establish a State Identify safety hazards.
safety programme (SSP), in Ensure ensures remedial
order to achieve an action to maintain safety
acceptable level of safety performance.
(ALoS) in civil aviation. Provides continuing
The acceptable level of monitoring and regular
safety (ALoS) to be achieved assessment of the safety
shall be established by the performance.
Aims at a continuous
State.
improvement of the overall
performance of the SMS.
SMS regulation

• Q: What are the main responsibilities in a State
safety programme (SSP)?
• A:
 Safety regulation
 Accident/incident investigation
 Safety assurance
 Mandatory/voluntary reporting systems
 Safety data analysis and exchange
 Safety promotion
• Q: What is a safety management system (SMS)?
• A:
• A systematic approach to managing safety, including the
necessary organizational structures, accountabilities,
policies and procedures.
Module N° 7 – Introduction to SMS

Objective
describe the features of an SMS, explain the
importance of system description and gap analysis,
and the relationship between SMS and QMS.
ICAO requirements
• Compliance with all
relevant regulations and
ICAO standards, other
than those specifically
SMS-related, is a key
component of an SMS.
• Many of these
regulations and ICAO
standards, include
operational provisions
that will be part of an
SMS.
SMS – Introductory concepts
• A toolbox
• The scope of SMS
encompasses most of the
S
activities of the organization. suar fety
S af v ey
• SMS must start from senior a u ety
ditm
FDA yste
management, and safety must d wnsg s ry ns
rtiiessgraati
MOR ASR n e o
t evtoi d
a
be considered at all levels of n bti
ic d tyyildrsetp tiovlenis
e rn u
cA e c ayn
the organization. LOASSSaafnitina stietgty i
de nvaseaffe
• SMS aims to make continuous n fi i aSl
Co StSern
improvement to the overall NOIn
level of safety.
• All aviation stakeholders have
a role to play in SMS.
Identifying aviation system stakeholders
• Aviation professionals
• Aircraft owners and operators
• Manufacturers
• Aviation regulatory authorities
• Industry trade associations
• Regional air traffic service providers
• Professional associations and federations
• International aviation organizations
• Investigative agencies
• The flying public
Identifying aviation system stakeholders
• Why is it important to
identify aviation system
stakeholders?
• To ensure that Aviation system
stakeholders inputs and stakeholders
knowledge relevant to
safety risk(s) decisions are
taken into consideration
before the decisions are
taken
SMS features
• Systematic – Safety management activities are in
accordance with a pre-determined plan, and applied in
a consistent manner throughout the organization
• Proactive – An approach that emphasizes hazard
identification and risk control and mitigation, before
events that affect safety occur
• Explicit – All safety management activities are
documented and visible
First fundamental – System description
• System description
• Most hazards are generated by operational interactions
among different system components.
• It is therefore essential to describe the system in terms of

its components as one of the first activities when planning
an SMS
System description
1) The system interactions with other systems in the air
transportation industry.
2) The system functions.
3) Required human performance considerations of the
operations.
4) Hardware components of the system.
5) Software components of the system.
6) Related procedures that define guidance for the
operation and use of the system.
7) Operational environment.
8) Contracted and purchased products and services.
Second fundamental – Gap analysis
• An analysis of safety arrangements existing within the
organization.
• The basic organizational structures necessary to start
developing an SMS may exist in the organization.
• Various activities related to an SMS may be in place and

working.
• SMS development should build upon existing organizational

structures.
Second fundamental – Gap analysis
• Conduct the gap analysis
against the components
and elements of the SMS.
• Once completed and

documented the gap
analysis forms the basis
of the SMS
implementation plan.
Third fundamental – SMS and QMS
• SMS differs from QMS in that:
• SMS focuses on the safety,
human and organizational
aspects of an organization.
• i.e. safety satisfaction
• QMS focuses on the product(s)
and service(s) of an organization
• i.e. customer satisfaction.
SMS and QMS – Striking a balance
• SMS builds partly upon
QMS principles.
• SMS should include both
safety and quality
policies.
• The coverage of quality
policies – in so far as SMS
is concerned – should be
limited to quality in
support of the
management of safety.
Quality in support and partnership with
safety.
• The safety risk management component of an SMS –
based on risk management principles – results in the
design and implementation of organizational
processes and procedures to identify safety hazards
and control/mitigate safety risks in aviation operation.
• The safety assurance component of an SMS – based on
quality principles – provides a structured approach to
monitor that processes and procedures to identify
safety hazards and control/mitigate safety risks in
aviation operations function as intended and, when
they do not, to improve them.
Systems integration
• There is a tendency in civil aviation to integrate the
different systems of management:
• Quality management system (QMS)
• Environment management system (EMS)
• Occupational health and safety management system
(OHSMS)
• Safety management system (SMS)
Systems integration benefits
• Reduce duplication and therefore costs.
• Reduce risks and increase profitability.
• Balance potentially conflicting objectives.
• Eliminate potentially conflicting responsibilities and
relationships.
• Defuse the power system.
Systems integration considerations
• There are different ways to integrate a safety
management system in the operation of the
organization.
• Aviation organizations should be encouraged to
integrate their management system for quality, safety,
security, occupational health and safety, and
environmental protection management.
• This integration, however, is presently beyond the
scope of the harmonized ICAO safety management
requirements and of this training course.
Clarifying the use of terms
• Safety oversight
• Is what the CAA performs with regard to the service
providers SMS.
• Safety assurance
• Is what the service providers do with regard to safety
performance monitoring and measurement.
• Safety audit
• Is what the CAA performs with regard to its safety
programme and the service providers perform with regard
to the SMS.
SMS – Nothing new?
• Rounding up the usual suspects
• In aviation, safety is first!
• Safety is everybody’s responsibility.
• If ain’t broke, why fix it?
• If you believe safety is expensive, try an accident.
• 70% accidents are due to human error.
SMS sets forth to destroy

all these misperceptions
planning

Objective
• When completing the module the participants will be
able to describe the requirements associated to the
planning of an SMS, and explain the structure of an
SMS implementation plan and the contents of the
safety management system manual (SMSM)
The components of SMS
 Safety policy and objectives

 Safety risk management
 Safety assurance
 Safety promotion
ICAO SMS framework
 Safety policy and objectives
1.1 – Management commitment and responsibility
1.2 – Safety accountabilities
1.3 – Appointment of key safety personnel
1.4 – Coordination of emergency response planning
1.5 – SMS documentation
 Safety risk management
2.1 – Hazard identification
2.2 – Risk assessment and mitigation
 Safety assurance
3.1 – Safety performance monitoring and measurement
3.2 – The management of change
3.3 – Continuous improvement of the SMS
 Safety promotion
4.1 – Training and education
4.2 – Safety communication
Safety responsibilities – An example
Safety Review Accountable Executive
Board (SRB)
Head of Head of Heads of other

operations maintenance areas
Operations Maintenance
safety officer safety officer
Safety Action
Safety Services
Group(s)
(SAG) Office
Conclusion
• The successful management of safety is a functional
responsibility that requires the participation of all
operational personnel and the supervision of the
organization (Systematic)
• This principle must be reflected in the structure of the

organization (Explicit)
Conclusion
• The organization must define, document and
communicate individual lines of responsibility and
authority in regard to the management of operational
safety (Explicit)
• The means to manage safety within the organization

include hazard identification, risk management, safety
assurance and safety promotion (Proactive)
SMS planning

• Q: What kind of authority, responsibilities and
accountabilities are required for the accountable
manager?
• A:
• The Accountable Manager must have:
• full authority for human resources issues
• authority for major financial issues
• direct responsibility for the conduct of the
organization’s affairs
• final authority over operations under certificate
• final responsibility for all safety issues
• Q: What is the safety manager selection criteria?
• A:
• Operational management experience and technical
background to understand the systems that support
operations
• People skills
• Analytical and problem-solving skills
• Project management skills
• Oral and written communications skills
Module N° 9 – SMS operation

Objective
• When completing the module the participants will be
able to describe the requirements associated with the
operation of an SMS
Safety Risk Management (SRM) and Safety Assurance (SA) –
Summary
Design Operation
SRM SA
System
description/gap System operation Description
analysis and context
Safety performance
Hazard identification monitoring and Specific
measurement information
Safety risks Continuous

assessment improvement Analysis
Safety Mgt. of
risks change Assessment
Safety risks mitigation Corrective action Problem

resolution
Training and education
• Accountable Manager – A special mention
• A briefing on:
• Safety policy and objectives
• SMS roles and responsibilities
• Safety risk management
• Safety assurance
• Somewhere between two hours and half a day
Reporting Systems
Name four qualities of successful confidential
reporting systems.
• Reports easy to make.

• No disciplinary actions as result of reports.
• Reports are confidential.
• Feedback is rapid, accessible and informative.
Tools - Monitoring and Measurement
What are the tools used for the safety performance
monitoring and measurement?
• The safety performance of the organization is verified

throughout the following tools:
• Safety reporting systems
• Safety studies
• Safety reviews
• Safety audits
• Safety surveys
• Internal safety investigations
Points to remember
1. Key ingredients for SMS is reporting
2. The importance of a formal management of change
3. Safety training – Who, why and how much
4. Safety communication
Module N° 10 – Phased approach to

SSP and SMS implementation

Objective
• At the end of this module participants will be able to
develop a proposal for an SMS standard, based upon a
phased implementation, and explain the organization
of a State safety programme (SSP)
Why a phased approach to SMS?
• To provide a manageable series of steps to follow in
implementing an SMS
• To effectively manage the workload associated with
SMS implementation
• To pre-empt a “ticking boxes” exercise
• Four implementation phases are proposed
• Each phase is based upon the introduction of specific
SMS elements
Phase 1 – Planning
• Provides:
• a blueprint on how the SMS requirements will be met and

integrated to the organization’s work activities, and
• an accountability framework for the implementation of the

SMS
Elements
1. Identify the Accountable Executive and the safety
1.1 and 1.2
accountabilities of managers (Module 8)
2. Identify the person (or planning group) within the Element 1.3
organization responsible for implementing the SMS (Module 8)
3. Describe the system (ATOs that are exposed to safety

risks during the provision of their services, aircraft Element 1.5
operators, AMOs, organizations responsible for type
design and/or manufacture of aircraft, air traffic (Module 8)
services providers and certified aerodromes)
4. Conduct a gap analysis of the organization’s existing
Element 1.5
resources compared with the national and international (Module 8)
requirements for establishing an SMS
5. Develop an SMS implementation plan that explains
how the organization will implement the SMS on the Element 1.5
basis of national requirements and international
SARPs, the system description and the results of the (Module 8)
gap analysis
6. Coordinate emergency response planning with similar Element 1.4

planning of interfacing organizations (Module 8)
7. Develop documentation relevant to safety policy and Element 1.5

objectives (Module 8)
Phase 2 – Reactive processes
1. Implement those elements of the SMS implementation Elements
plan that refer to the safety risk management 2.1 and 2.2
component – reactive processes (Module 9)
2. Training relevant to reactive processes:

Element 4.1
SMS implementation plan components. (Module 9)
Safety risk management component
3. Documentation relevant to reactive processes:

Element 1.5
SMS implementation plan components. (Module 8)
Safety risk management component
Phase 3 – Proactive and predictive processes
1. Implement those elements of the SMS implementation

Elements
plan that refer to the safety risk management 2.1 and 2.2
component – proactive and predictive processes (Module 9)
Element 4.1
2. Training relevant to proactive and predictive processes (Module 9)
3. Documentation relevant to proactive and predictive Element 1.5

processes (Module 8)
Phase 4 – Operational safety assurance
1. Development and agreement on safety performance Element 1.1
indicators and safety performance targets (Module 8)
2. Initiate safety performance monitoring and Elements

measurement, including the management of change 3.1, 3.2 and 3.3
and the continuous improvement of the SMS (Module 9)
Element 4.1
3. Training relevant to operational safety assurance (Module 9)
4. Documentation relevant to operational safety Element 1.5

assurance (Module 8)
State safety programme
• Implementation
• Develop the State safety programme (SSP) around the
following four components:
1. State safety policy and objectives
2. State safety risk management
3. State safety assurance
4. State safety promotion
Summary
What?
• Safety Management System - A systematic approach to
managing safety, including the necessary organizational
structures, accountabilities, policies and procedures
Where?
• Organizational Structures
When?
• The Acceptable Level of Safety is not met.
Who?
• Accountable Manager to all employees.
How?
• Defenses: Technology, Training, Regulations and Reporting.
Words of Wisdom
• “Know thy self.

• Know thy aircraft.
• Know thy regulations.”
- Capt. Geronimo A. Amurao

SAFETY MANGEMENT SYSTEM
THE END
ICAO Safety Management Systems (SMS) Course 05/31/18
THANK YOU FOR
LISTENING!
PREPARED BY:
Asst. Prof. Darlyn Flores
djflores@aliac.edu.ph

Sms+With+Template Potx

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sms+With+Template Potx

Uploaded by

Copyright:

Available Formats

SMS Safety

EXAMPLE EXAMPLE example example EXAMPLE

ICAO Safety Management Systems (SMS) Course 05/31/18

Revision N° 11 ICAO Safety Management Systems (SMS) Course 01/01/08

Develop participants’ knowledge to accept and oversee

Module N° 2 – Basic safety concepts

Revision N° 11 ICAO Safety Management Systems (SMS) Course 01/01/08

Accident:An occurrence associated with the Incident:

• Safety Management System

• Safety is the state in which the risk of harm to persons

or property damage is reduced to, and maintained at

or below, an acceptable level through a continuing

process of hazard identification and risk management

WHAT? WHO? WHEN?

But not always discloses:

1950s 1970s 1990s 2000s

Organization Workplace People Defences

Latent conditions trajectory

Workplace Policy-making Latent

Activities over which any organization has a reasonable degree

Workplace  Inadequate hazard Latent

Conditions present in the system before the accident, made evident by

Resources to protect against the risks that organizations involved

Factors that directly influence the efficiency of people in

Actions or inactions by people (pilots, controllers, maintenance engineers,

• A mismatch between liveware and the other four

• These interactions must be assessed and considered

• An essential process that deploys when safety

• A violation is a deliberate act or omission to deviate

Error Deviation Amplification Degradation /

Fla Che Effe

Error Deviation Amplification Normal flight

Exceptional violation space

• Cultural influences the values, beliefs and behaviours

• Shared commitment by personnel and management

• Effective Safety Reporting

… are like mosquitoes …

... drain their breeding swamps.

Questions and answers

2. Operational contexts and human performance

3. Errors and violations.

4. Organizational culture and effective safety reporting.

5. The management of safety information.

Revision N° 11 ICAO Safety Management Systems (SMS) Course 01/01/08

• At the end of this module, participants will be able to

explain the need for, the strategies and the key

features of safety management.

1950s 1970s 1990s 2000s

• In reality, operational performance is different from

30 – 100 Serious incidents

100 – 1000 Incidents

Reactive Proactive Predictive

• Evolving methods for understanding and managing

• These responsibilities fall into four basic areas:

Implement Safety Prioritize

Revision N° 13 ICAO Safety Management Systems (SMS) Course 06/05/09

• Cost of material or equipment.

Method Identification Management Documentation Information

Reactive method Assess the Safety

• Accident reports Trend analysis

Questions and answers

2. Sources of hazard identification

3. ABC of hazard analysis