Ano 001 XXSP 2.0
Ano 001 XXSP 2.0
Ano 001 XXSP 2.0
VERSION : 2.0
DATE OF IMPLEMENTATION : 15/10/2020
OFFICE OF PRIME INTEREST : STATE SAFETY PROGRAM BRANCH
15/10/2020 ANO-001-XXSP-2.0
REGULATORY REQUIREMENTS FOR AVIATIONSERVICE PROVIDERS’ SMS
SMS
TYPE OF
AIR NAVIGATION ORDER(ANO).
DOCUMENT
STATUS OF
CONTROLLED
DOCUMENT
01/02/2023 ANO-001-XXSP-3.0
REGULATORY REQUIREMENTS FOR AVIATIONSERVICE PROVIDERS’ SMS
SMS
A. AUTHORITY:
A1. This Air Navigation Order (ANO) is issued by the Director General of Pakistan Civil Aviation
Authority in pursuance of the powers vested under Rule 4, 5, 180, 360 and all other
enabling provisions of the Civil Aviation Rules, 1994(CARs). DGCAA is declared as the
Accountable Executive (AE) for implementation of State Safety Programme (SSP).
B. PURPOSE:
B1. To definethe Regulatory requirements ofSafety Management Systems (SMS)to be
implemented by the service providers.
C. SCOPE:
C1. This ANO specifies the Regulatory safety requirements for the service providers to
implement the safety management systems who are operating in accordance with:
C1.1 Approved Training Organizations ANO-007-RGLC,
C1.2 Commercial Air Transport Operations-Aeroplanes ANO-024-FSXX,
C1.3 Helicopter Operations ANO-025-FSXX,
C1.4 Private Aeroplane Operations ANO 91.0022,
C1.5 ANO Approved Maintenance Organizations ANO -145-AWRG,
C1.6 Air Traffic Services ANO-002-DRAN, and
C1.7 Aerodrome Standards Manual of Pakistan MNL-003-DRAS.
C2. Within the context of this ANO, the term ‘‘Service Provider’’ shall refer to approved / certified
organizations providing aviation services. The term specifically refers to:
C2.1 Approved training organizations that are exposed to operational safety risks during the
provision of their services.
C2.2 Certified operator of aeroplanes or helicopters authorized to conduct commercial air
transport.
C2.3 Maintenance organizations approved in accordance with ANO-145-AWRG.
C2.4 Organizations responsible for the Type Design of Aircraft, engines or propellers or
manufacture of Aircraft, engines or propellers.
C2.5 Air Traffic Services/Air Navigation Services (ATS / ANS) providers.
C2.6 Operators of certified aerodrome.
C3. This ANO addresses aviation safety related processes, procedures and activities of the
service provider, rather than occupational safety, environmental protection or any other non
aviation related activity.
C4. This ANO establishes the minimum SMS framework requirements. The service providers
can establish more stringent internal requirements.
D. DESCRIPTION:
D1. DEFINITIONS:
Unless there is anything repugnant in the subject or context of, the terms used herein shall
have the meaning assigned to them. The terms not defined here shall have the same
meaning as defined in Civil Aviation Ordinance, 1960; Pakistan Civil Aviation Authority
Ordinance, 1982 and Civil Aviation Rules 1994, Annex 19, ICAO DOC9859 and DOC9734.
D1.1 ACCIDENT:An occurrence associated with the operation of an aircraft which, in the case of
a manned aircraft, takes place between the time any person boards the aircraft with
theintention of flight until such time as all such persons have disembarked, or in the case of
an unmanned aircraft, takes place between the time the aircraft is ready to move with the
purpose of flight until such time as it comes to rest at the end of the flight and the primary
propulsion system is shut down, in which:
D1.9 HELICOPTER: A heavier-than-air aircraft supported in flight chiefly by the reactions of the
air on one or more power-driven rotors on substantially vertical axes.
D1.10 HAZARD: A condition or an object with the potential to cause or contribute to an aircraft
incident or accident.
D1.11 INCIDENT: An occurrence, other than an accident, associated with the operation of an
aircraft which affects or could affect the safety of operation.
Note – 6: The types of incidents which are of interest for safety-related studies include the incidents
as per Aircraft Accident and Incident Investigation ANO-001-SBXX-1.0
D1.12 INDUSTRY CODES OF PRACTICE: Guidance material developed by an industry body, for
a particular sector of the aviation industry to comply with the requirements of the
International Civil Aviation Organization’s Standards and Recommended Practices, other
aviation safety requirements and the best practices deemed appropriate.
D1.13 OPERATIONAL PERSONNEL:Personnel involved in aviation activities who are in a
position to report safety information.
Note – 7: Such personnel include but are not limited to: flight crews; air traffic controllers; aeronautical
station operators; maintenance technicians; personnel of aircraft design and manufacturing
organizations; cabin crews; flight dispatchers, apron personnel and ground handling
personnel.
D1.14 RISKMITIGATION: The process of incorporating defenses, preventive controls or recovery
measures to lower the severity and/or likelihood of a hazard’s projected consequence.
D1.15 SAFETY: The State, in which risks associated with aviation activities, related to, or in direct
support of the operation of aircraft, are reduced and controlled to an acceptable level.
D1.16 SAFETY DATA: A defined set of facts or set of safety values collected from various
aviation related sources, which is used to maintain or improve safety.
Note – 8: Such safety data is collected from proactive or reactive safety-related activities, including
but not limited to:
a) accident or incident investigations.
b) safety reporting.
c) continuing airworthiness reporting.
d) operational performance monitoring.
e) inspections, audits, surveys; or
D1.17 SAFETY INFORMATION: Safety data processed, organized or analyzed in a given context
so as to make it useful for safety management purposes.
D1.18 SAFETYOBJECTIVE: A brief, high-level statement of safety achievement or desired
outcome to be accomplished by the State safety programme or service provider’s safety
management systems.
Note – 9: Safety objectives are developed from the organization’s top safety risks and should be
taken into consideration during subsequent development of safety performance indicators
and targets.
D1.19 SAFETY OVERSIGHT: A function performed by a State to ensure that individuals and
organizations performing an aviation activity comply with safety-related national laws and
regulations.
D1.20 SAFETY MANAGEMENT SYSTEM (SMS): A systematic approach to managing safety,
including the necessary organizational structures, accountability, responsibilities, policies
and procedures.
D1.21 SAFETY PERFORMANCE: A State or a service provider’s safety achievement as defined
by its safety performance targets and safety performance indicators.
D1.22 SAFETY PERFORMANCE INDICATOR: A data-based parameter used for monitoring and
assessing safety performance
D5.1 The service provider should carry out a gap analysis before implementing an SMS. This
compares the service provider’s existing safety management processes and procedures
with the SMS requirements as determined by the Regulator.
D5.2 The gap analysis identifies the gaps that should be addressed through an SMS
implementation plan that defines the actions needed to implement a fully functioning and
effective SMS.
Note –12: Guidance for Gap analysis is provided in Appendix C
D6. SMS ACCEPTABLE TO REGULATOR
D6.1 A service provider implementersacceptable to PCAA Regulator that:
D6.1.1 Identifies safety hazards.
D6.1.2 Ensures the implementation of remedial action necessary to maintain agreed safety
performance.
D6.1.3 Provides for continuous monitoring and regular assessment of the safety performance.
D6.1.4 Aims at a continuous improvement of the overall performance of the safety management
system.
D7. ACTION FOR CONTRAVENTIONS / VIOLATIONS
In case of contraventions/ violations action as per enforcement manual including
enforcement variation, suspension or cancellation of authorizations/ approvals / licenses /
certificates and imposition of financial penalties shall be taken against the defaulting
operators.
E. EVIDENCE (ACRONYMS / RECORDS / REFERENCES):
E1. ACRONYMS:
ANO : AIR NAVIGATION ORDER
ANS : AIR NAVIGATION SERVICES
ATO : APPROVED TRAINING ORGANIZATION
ATS : AIR TRAFFIC SERVICES
ICAO : INTERNATIONAL CIVIL AVIATION ORGANIZATION
PCAA : PAKISTAN CIVIL AVIATION AUTHORITY
SMM : SAFETY MANAGEMENT MANUAL
SMS : SAFETY MANAGEMENT SYSTEM
SPI : SAFETY PERFORMANCE INDICATOR
SRM : SAFETY RISK MANAGEMENT
E2. RECORDS:
Nil
E3. REFERENCES:
E3.1 Safety Management (ICAO – ANNEX# 19)
E3.2 Civil Aviation Rules (CAR 1994)
E3.3 Safety Management Manual (SMM) (ICAO DOC9859)
E3.4 Airworthiness Notice No.72 and ANO145 Section 5
E3.5 Air Traffic Services (ANO-002-DRAN)
E3.6 Approved Training Organizations (ANO-007-RGLC)
E3.7 Aerodrome Standards Manual of Pakistan (MNL-003-DRAS)
E3.8 Private Aerospace Operations (ANO 91.0022)
E3.9 Commercial Air transport Operations Aeroplanes (ANO-024-FSXX)
E3.10 Helicopter Operations (ANO-025-FSXX)
IMPLEMENTATION:
This ANO replace the previous ANO with effect from 1stFebruary 2023.
(MAH-E-LAQA JINNAH)
Addl. Director State Safety Programme
Dated: -_______January, 2023
APPENDIXES
APPENDIX “A”
FRAMEWORK FOR A SAFETY MANAGEMENT SYSTEM (SMS)
1. This appendix specifies the framework for the implementation and maintenance of an SMS
to be established by service provider organizations. The framework comprises of four
components and twelve elements as the minimum requirements for SMS implementation,
as listed below:
1.1. SAFETY POLICY AND OBJECTIVES
i. Management commitment
ii. Safety accountability and responsibilities
iii. Appointment of key safety personnel
iv. Coordination of emergency response planning
v. SMS documentation
1.2. SAFETY RISK MANAGEMENT
i. Hazard identification
ii. Safety risk assessment and mitigation
1.3. SAFETY ASSURANCE
i. Safety performance monitoring and measurement
ii. The management of change
iii. Continuous improvement of the SMS
1.4. SAFETY PROMOTION
i. Training and education
ii. Safety communication
Note – 1 Within the context of this ANO, the term “service provider” refers to those organizations
listed in Para D2 of this ANO.
Note – 2 The service provider’s interfaces with other organizations can have a significant contribution
to the safety of its products or services. Guidance on interface management as it relates to
SMS is provided in the Safety Management Manual (SMM) (Doc 9859).
Note – 3 In the context of this appendix as it relates to service providers, an “accountability” refers to
an “obligation” that may not be delegated, and “responsibilities” refers to functions and
activities that may be delegated.
2. SAFETY POLICY AND OBJECTIVES:
2.1. The first component of the SMS framework focuses on creating an environment where
safety management can be effective. It is founded on a safety policy and objectives that set
out senior management’s commitment to safety, its goals and the supporting organizational
structure.
2.2. Management commitment and safety leadership is key to the implementation of an effective
SMS and is asserted through the safety policy and the establishment of safety objectives.
Management commitment to safety is demonstrated through management decision-making
and allocation of resources; these decisions and actions should always be consistent with
the safety policy and objectives to cultivate a positive safety culture.
2.3. The safety policy should be developed and endorsed by senior management and is to be
signed by the accountable executive. Key safety personnel, and where appropriate, staff
representative bodies (employee forums, trade unions) should be consulted in the
development of the safety policy and safety objectives to promote a sense of shared
responsibility.
from internal and external sources. Safety risk assessments and safety risk mitigations will
need to be continuously reviewed to ensure they remain effective.
3.4. HAZARD IDENTIFICATION:
3.4.1. The service provider shall develop and maintain a process to identify hazards associated
with its aviation products or services.
3.4.2. Hazard identification shall be based on a combination of reactive and proactive methods.
3.4.3. There are a variety of sources for hazard identification, internal or external to the
organization. Some internal sources include:
3.4.3.1. Normal operations monitoring: this uses observational techniques to monitor the day-to-
day operations and activities such as line operations safety audit (LOSA).
3.4.3.2. Automated monitoring systems: This uses automated recording systems to monitor
parameters that can be analyzed such as flight data monitoring (FDM).
3.4.3.3. Voluntary and mandatory safety reporting systems; this provides everyone, including
staff from external organizations, with opportunities to report hazards and other safety
issues to the organization.
3.4.3.4. Audits: these can be used to identify hazards in the task or process being audited. These
should also be coordinated with organizational changes to identify hazards related to the
implementation of the change.
3.4.3.5. Feedback from training; training that is interactive (two way) can facilitate identification of
new hazards from participants.
3.4.3.6. Service provider safety investigations: hazards identified in internal safety investigation
and follow-up reports on accidents/incidents.
3.4.4. Examples of external sources for hazard identification include:
3.4.4.1. Aviation accident reports; reviewing accident reports, this may be related to accidents in
the same State or to a similar aircraft type, region or operational environment.
3.4.4.2. State mandatory and voluntary safety reporting systems; some States provide
summaries of the safety reports received from service providers.
3.4.4.3. State oversight audits and third-party audits; external audits can sometimes identify
hazards. These may be documented as an unidentified hazard or captured less obviously
within an audit finding.
3.4.4.4. Trade associations and information exchange systems; many trade associations and
industry groups can share safety data that may include identified hazards.
3.4.5. SAFETY REPORTING SYSTEM:
3.4.5.1. It is important that service providers provide appropriate protections to encourage people to
report what they see or experience. For example, enforcement action may be waived for
reports of errors, or in some circumstances, rule-breaking. It should be clearly stated that
reported information will be used solely to support the enhancement of safety. The intent is
to promote an effective reporting culture and proactive identification of potential safety
deficiencies.
3.4.5.2. Voluntary safety reporting systems should be confidential, requiring that any identifying
information about the reporter is known only to the custodian to allow for follow-up action.
The role of custodian should be kept to a few individuals, typically restricted to the safety
manager and personnel involved in the safety investigation.
3.5. SAFETY RISK ASSESSMENT AND MITIGATION:
3.5.1. The service provider shall develop and maintain a process that ensures analysis,
assessment and control of the safety risks associated with identified hazards.
Note – 7 The process may include predictive methods of safety data analysis.
3.5.2. The safety risk assessment process should use whatever safety data and safety
information is available. Once safety risks have been assessed, the service provider will
engage in a data-driven decision-making process to determine what safety risk controls are
needed.
3.5.3. How service providers go about prioritizing their safety risk assessments and adopting
safety risk controls is their decision. As a guide, the service provider should find the
prioritization process:
3.5.3.1. Assesses and controls highest safety risk.
3.5.3.2. Allocates resources to highest safety risks.
3.5.3.3. Effectively maintains or improves safety;
3.5.3.4. Achieves the stated and agreed safety objectives and SPTs; and
3.5.3.5. Satisfies the requirements of the State's regulations with regards to control of safety risks.
4. SAFETY ASSURANCE:
4.1. SAFETY PERFORMANCE MONITORING AND MEASUREMENT:
4.1.1. Safety performance management helps the organization to answer the four most important
questions regarding safety management:
4.1.1.1. What are the organization’s top safety risks? Derived from a review of aviation accident and
incident data as well as predictive analysis to identify and define emerging risks.
4.1.1.2. What does the organization want to achieve in terms of safety and what are the top safety
risks that need to be addressed? The organization’s safety objectives.
4.1.1.3. How will the organization know if it is making progress toward its safety objectives?
Through SPIs, SPTs and, if practicable, safety triggers.
4.1.1.4. What safety data and safety information are needed to make informed safety decisions?
Including the allocation of the organization’s resources.
4.1.2. Safety performance monitoring is conducted through the collection of safety data and safety
information from a variety of sources typically available to an organization. Data availability
to support informed decision-making is one of the most important aspects of the SMS.
Using this data for safety performance monitoring and measurement are essential activities
that generate the information necessary for safety risk decision-making. The following
activities that can provide sources to monitor and measure safety performance:
4.1.2.1. Safety studies are analyses to gain a deeper understanding of safety issues or better
understand a trend in safety performance.
4.1.2.2. Safety data analysis uses the safety reporting data to uncover common issues or trends
that might warrant further investigation.
4.1.2.3. Safety surveys examine procedures or processes related to a specific operation. Safety
surveys may involve the use of checklists, questionnaires and informal confidential
interviews. Safety surveys generally provide qualitative information. This may require
validation via data collection to determine if corrective action is required. Nonetheless,
surveys may provide an inexpensive and valuable source of safety information.
4.1.2.4. Safety audits focus on assessing the integrity of the service provider’s SMS and supporting
systems. Safety audits can also be used to evaluate the effectiveness of installed safety risk
controls or to monitor compliance with safety regulations. Ensuring independence and
objectivity is a challenge for safety audits. Independence and objectivity can be achieved by
engaging external entities or internal audits with protections in place - policies, procedures,
roles, and communication protocols.
4.1.2.5. Findings and recommendations from safety investigations can provide useful safety
information that can be analyzed against other collected safety data.
4.1.2.6. Operational data collection systems such as FDA, radar information can provide useful
data of events and operational performance.
Note – 8: An internal audit process is one means to monitor compliance with safety regulations, the
foundation upon which SMS is built, and assess the effectiveness of these safety risk
controls and the SMS. Guidance on the scope of the internal audit process is contained in
the Safety Management Manual (SMM) (Doc 9859).
4.1.3. The service provider’s safety performance shall be verified by the concerned regulator in
reference to the safety performance indicators (SPIs) and safety performance targets
(SPTs) of the SMS in support of the organization’s safety objectives
4.1.4. The established process should:
4.1.4.1. Monitor the established safety objectives to ensure that they remain appropriate and up to
date with the organization’s safety policy and priorities.
4.1.4.2. Select and define SPIs, which are tactical parameters related to the safety objectives.
4.1.4.3. Set and define SPTs, if appropriate, which are also tactical parameters used to monitor
progress towards the achievement of the safety objectives. When SPTs are established,
they should be realistic, context specific and achievable when considering the resources
available to the organisation and the associated aviation sector; and
4.1.4.4. Include a process of acceptance of SPIs, SPTs and the associated alert levels required by
the concerned regulator after it has been demonstrated that they are appropriate with:
4.1.4.4.1. The established safety objectives.
4.1.4.4.2. The analysis of data that is available or obtainable; and
4.1.4.4.3. The size and complexity of the organisation; and
4.1.4.5. Monitor the performance of established SPIs, SPTs, and associated alert levels to identify
abnormal changes in safety performance.
4.1.4.6. Include means to update safety objectives, refine SPIs and SPTs and periodically review
the appropriateness of SPIs and SPTs.
4.1.5. All service providers shall provide the inputs w.r.t. their proposed SPIs and SPTs in their
respective areas. Service provider’s proposed SPIs shall be reviewed and accepted by the
relevant State regulatory authority as part of the SMS acceptance.
4.1.5.1. Initial Acceptance
4.1.5.1.1. The service provider shall propose SPIs for review and acceptance by the regulator as part
of the initial acceptance of the SMS.
4.1.5.1.2. The regulator might consider planning the acceptance of SPIs later in the implementation
process. This is especially practical for organizations at initial certification as they often do
not have enough data to develop meaningful indications.
4.1.5.1.3. TheacceptanceoftheSPTsmaybeaddressedaftertheSPIshavebeenmonitoredoveraperiodof
time. This establishes the baseline performance. It may be based on targets established at
the national, regional or global level.
4.1.5.1.4. The initial acceptance of SPIs, SPTs, associated alert levels and corrective action plans are
appropriate andpertinenttotheorganization’saviationactivitiespriortoacceptance.
4.1.5.1.5. The acceptance should be between the regulator and the service provider. The regulator
will review the proposed SPIs, SPTs, alert levels and corrective action plans to ensure that:
a. they are appropriate, and relevant to the scope and complexity of the specific operational
context.
b. their development has used the appropriate measuring matrix and is dependent on the size
and complexity of the organisation; and
c. consistent with the Pakistan National Aviation Safety Priorities.
4.1.5.2. Continuous Acceptance
4.1.5.2.1. The service provider should on a quarterly basis demonstrate to the regulator that the SPIs,
SPTs, associated alert levels and corrective action plan are appropriate and pertinent to the
organization’s aviation activities, and any required change should be notified immediately
for continuous acceptance of the SPI/SPTs/Alert Levels/Corrective Action Plans.
4.1.6. The service providers shall develop, document, implement and maintain up to dated
appropriate means to:
4.3.2.5. Management reviews: examine whether the safety objectives are being achieved by the
organization and is an opportunity to look at all the available safety performance information
to identify overall trends. It is important that senior management review the effectiveness of
the SMS. This may be carried out as one of the functions of the highest-level safety
committee.
4.3.2.6. Evaluation of SPIs and SPTs; possibly as part of the management review, it considers
trends and, when appropriate data is available, can be compared to other service providers
or State or global data.
4.3.2.7. Addressing lessons learnt; from safety reporting systems and service provider safety
investigations. These should lead to safety improvements being implemented.
4.3.2.8. In summary, the monitoring of the safety performance and internal audit processes
contribute to the service provider’s ability to continuously improve their safety performance.
Ongoing monitoring of the SMS, its related safety risk controls and support systems
assures the service provider and the State that the safety management processes are
achieving their desired safety performance objectives.
5. SAFETY PROMOTION:
4.3.3. TRAINING AND EDUCATION:
4.3.3.1. The service provider shall develop and maintain a safety training program that ensures that
personnel are trained and competent to perform their SMS duties.
4.3.3.2. The scope of the safety training program shall be appropriate to each individual’s
involvement in the SMS.
4.3.3.3. The training program should include initial and recurrent training requirements to maintain
competencies. Initial safety training should consider, as a minimum, the following:
4.3.3.3.1. Organizational safety policies and safety objectives;
4.3.3.3.2. Organizational roles and responsibilities related to safety;
4.3.3.3.3. Basic SRM principles;
4.3.3.3.4. Safety reporting systems;
4.3.3.3.5. The organization’s SMS processes and procedures; and
4.3.3.3.6. Human factors
4.3.3.4. Recurrent safety training should focus on changes to the SMS policies, processes and
procedures, and should highlight any specific safety issues relevant to the organization or
lessons learnt.
4.3.3.5. SMS Manager is responsible to ensure availability of Training Records of personnel.
4.3.4. SAFETY COMMUNICATION:
4.3.4.1. The service provider shall develop and maintain a formal means for safety communication
that:
4.3.4.1.1. Ensures personnel are aware of the SMS to a degree commensurate with their positions;
4.3.4.1.2. Conveys safety-critical information;
4.3.4.1.3. Explains why particular actions are taken to improve safety; and
4.3.4.1.4. Explains why safety procedures are introduced or changed.
4.3.4.2. Formal means of safety communication shall include:
4.3.4.2.1. Safety policies and procedures;
4.3.4.2.2. Newsletters; and
4.3.4.2.3. Bulletins
APPENDIX “B”
FORMAT OF THE SMS MANUAL
1. The SMS documentation should include a top-level “SMS manual”, which describes the
service provider’s SMS policies, processes and procedures to facilitate the
organization’s internal administration, communication and maintenance of the SMS. It
should help personnel to understand how the organization’s SMS functions, and how the
safety policy and objectives will be met.
2. The documentation should include a system description that provides the boundaries of
the SMS. It should also help clarify the relationship between the various policies, processes,
procedures and practices, and define how these links to the service provider’s safety policy
and objectives. The documentation should be adapted and written to address the day-
to-day safety management activities that can be easily understood by personnel throughout
the organization.
3. When considering a system description, it is important to understand that a “system” is a
set of
things working together as parts of an interconnecting network. In an SMS, it is any of an
organization’s products, people, processes, procedures, facilities, services, and other
aspects (including external factors), which are related to, and can affect, the organization’s
aviation safety activities. Often, a “system” is a system of systems, which may also be
viewed as a system with subsystems. These systems and their interactions with one
another make up the sources of hazards and contribute to the control of safety risks. The
important systems include both those which could directly impact aviation safety and
those which affect the ability or capacity of an organization to perform effective safety
management.
4. The SMS manual also serves as a primary safety communication tool between the service
provider and key safety stakeholders (e.g. CAA for the purpose of regulatory acceptance,
assessment and subsequent monitoring of the SMS).
5. Where details of the organization’s SMS processes are already addressed in existing
documents, appropriate cross-referencing to such documents is enough. This SMS
document will need to be kept up to date. As a controlled manual, CAA acceptance may
be required before amendments are made.
APPENDIX “C”
GAP ANALYSIS
4.3.4.3. A gap analysis is a method of assessing that "where we are" (the present state) and
"where we want to be" (the target state). If the gaps are identified, it assists the organizations to
plan, what steps should be taken to ensure the regulatory requirements are met successfully for
effective implementation of SMS.
1.1.8 Is the safety policy communicated, with visible endorsement, throughout the
[organization]?
1.1.9 Is the safety policy periodically reviewed to ensure it remains relevant and appropriate
to the [organization]?
1.1.10 Is there a formal process to develop a coherent set of safety objectives?
1.1.11 Are the safety objectives linked to the safety performance indicators, safety
performance targets and action plans?
1.1.12 Are the safety objectives publicized and distributed?
1.2.1 Has the [organization] identified an Accountable Executive who, irrespective of other
functions, shall have ultimate responsibility and accountability, on behalf of the
[organization], for the implementation and maintenance of the SMS?
1.2.2 Does the Accountable Executive have responsibility for ensuring that the safety
management system is properly implemented and performing to requirements in all
areas of the [organization]?
1.2.3 Does the Accountable Executive have full control of the financial resources required
for the operations authorized to be conducted under the operations certificate?
1.2.4 Does the Accountable Executive have full control of the human resources required for
the operations authorized to be conducted under the operations certificate?
1.2.5 Does the Accountable Executive have direct responsibility for the conduct of the
organization’s affairs?
1.2.6 Does the Accountable Executive have final authority over operations authorized to be
conducted under the operations certificate?
1.2.7 Has the organization identified the accountabilities of all members of management,
irrespective of other functions, as well as of employees, with respect to the safety
performance of the SMS?
1.2.8 Are the safety responsibilities, accountabilities and authorities documented and
communicated throughout the [organization]?
1.2.9 Has the [organization] included a definition of the levels of management with authority
to make decisions regarding safety risk tolerability?
1.3.1 Has the organization appointed a qualified person to manage and oversee the day-to-
day operation of the SMS?
1.3.2 Does the person overseeing the operation of the SMS fulfill the required job functions
and responsibilities?
1.3.3 Are the safety authorities, responsibilities and accountabilities of personnel at all
levels of the organization defined and documented?
1.5.1 Has the [organization] developed and does it maintain a safety library for appropriate
hazard documentation and documentation management?
1.5.2 Has the [organization] developed and does it maintain SMS documentation in paper
or electronic form?
1.5.3 Is the SMS documentation developed in a manner that describes the SMS and the
consolidation relationships between all the SMS components?
1.5.4 Has the service provider developed an SMS implementation plan that ensures that
the SMS meets the organization’s safety objectives?
1.5.5 Has the SMS implementation plan been developed by a person or a planning group
which comprises an appropriate experience base?
1.5.6 Has the person or planning group received enough resources (including time for
meetings) for the development of the SMS implementation plan?
1.5.7 Is the SMS implementation plan endorsed by the senior management of the
[organization]?
1.5.8 Does the senior management of the [organization] review the SMS implementation
plan regularly?
1.5.9 Does the SMS implementation plan propose implementation of the SMS in phases?
1.5.10 Does the SMS implementation plan explicitly address the coordination between the
serviceprovider’s SMS and the SMS of other organizations the [organization] must
interface with during the provision of services?
1.5.11 Has the service provider developed a safety management systems manual (SMSM)
as akey instrument for communicating the organization’s approach to safety to the
whole[organization]?
1.5.12 Does the SMSM document all aspects of the SMS including, among others, the safety
policy, objectives, procedures and individual safety accountabilities?
1.5.13 Does the SMSM clearly articulate the role of safety risk management as an initial
design activity and the role of safety assurance as a continuous activity?
1.5.14 Are relevant portions of SMS-related documentation incorporated into approved
documentation, such as company operations manual, maintenance control/policy
manual and airport operations manual, as applicable?
1.5.15 Does the service provider have a records system that ensures the generation and
retention ofall records necessary to document and support operational requirements?
1.5.16 Is the service provider’s records system in accordance with applicable regulatory
requirements and industry best practices?
1.5.17 Does the records system provide the control processes necessary to ensure
appropriate identification, legibility, storage, protection, archiving, retrieval, retention
time, and disposition of records?
2.1 HAZARD IDENTIFICATION
2.1.1 Does the [organization] have a formal safety data collection and processing system
(SDCPS) for effectively collecting information about hazards in operations?
2.1.2 Does the [organization] SDCPS include a combination of reactive, proactive and
predictive methods of safety data collection?
2.1.3 Does the [organization] have reactive processes that provide for the capture of
information relevant to safety and risk management?
2.1.4 Has the service provider developed training relevant to reactive methods of safety
data collection?
2.1.5 Has the service provider developed communication relevant to reactive methods of
safety data collection?
2.1.6 Is reactive reporting simple, accessible and commensurate with the size of the service
provider?
2.1.7 Are reactive reports reviewed at the appropriate level of management?
2.1.8 Is there a feedback process to notify contributors that their reports have been
received and to share the results of the analysis?
2.1.9 Does the service provider have proactive processes that actively look for the
identification of safety risks through the analysis of the organization’s activities?
2.1.10 Is there training relevant to proactive methods of safety data collection?
2.1.11 Has the service provider developed communication relevant to proactive methods of
safety data collection?
2.1.12 Is proactive reporting simple, accessible and commensurate with the size of the
service provider?
2.1.13 Does the service provider have predictive processes that provide the capture of
system performance as it happens in real-time normal operations?
2.1.14 Is there training relevant to predictive methods of safety data collection?
2.1.15 Has the service provider developed communication relevant to predictive methods of
safety data collection?
2.1.16 Is the predictive safety data capture process commensurate with the size of the
service provider?
2.2.1 Has the [organization] developed and does it maintain a formal process that ensures
analysis, assessment and control of the safety risks in the [organization] operations?
2.2.2 Does the [organization] SMS documentation clearly articulate the relationship
between hazards, consequences and safety risks?
2.2.3 Is there a structured process for the analysis of the safety risks associated with the
consequences of identified hazards, expressed in terms of probability and severity of
occurrence?
2.2.4 Are there criteria for assessing safety risks and establishing safety risk tolerability(i.e.
the acceptable level of safety risk the organization is willing to accept?
2.2.5 Does the service provider have safety risk mitigation strategies that include
corrective/preventive action plans to prevent recurrence of reported occurrences and
deficiencies?
3.1.1 Has the [organization] implemented an internal process to verify the safety
performance of the organization and to validate the effectiveness of safety risks
controls?
3.1.2 Are the following tools included in those processes /Safety reporting systems /Safety
studies/Safety reviews /Safety audits /Safety surveys /Internal safety investigations
3.1.3 Is the safety performance of the [organization] verified in reference to the safety
performance indicators and safety performance targets of the SMS?
3.1.4 Are safety reports reviewed at the appropriate level of management?
3.1.5 Is there a feedback process to notify contributors that their reports have been
received and to share the results of the analysis?
3.1.6 Are corrective and preventive actions generated in response to hazard identification?
3.1.7 Are there procedures in place for the conduct of internal investigations?
3.1.8 Is there a process to ensure that occurrences and deficiencies reported are analyzed
to identify all associated hazards?
3.1.9 Does the service provider have a process for evaluating the effectiveness of the
corrective/preventive measures that have been developed?
3.1.10 Does the service provider have a system to monitor the internal reporting process and
the associated corrective actions?
3.1.11 Is there an audit function with the independence and authority required to carry out
effective internal evaluations?
3.1.12 Does the audit system cover all functions, activities and organizations within the
service provider?
3.1.13 Are there selection/training processes to ensure the objectivity and competence of
auditors as well as the impartiality of the audit process?
3.1.14 Is there a procedure for reporting audit results and maintaining records?
3.1.15 Is there a procedure outlining requirements for timely corrective and preventive action
in Response to audit results?
3.1.16 Is there a procedure to record verification of action(s) taken and the reporting of
verification results?
3.1.17 Is there a process in place to monitor and analyse trends?
3.2.1 Has the [organization] developed and does it maintain a formal process to identify
changes within the organization, which may affect established processes and
services?
3.2.2 Does the formal process for the management of change analyse changes to
operations or key personnel for safety risks?
3.2.3 Has the [organization] established arrangements to ensure safety performance prior
to implementing changes?
3.2.4 Has the [organization] established a process to eliminate or modify safety risk controls
that are no longer needed due to changes in the operational environment?
3.3.1 Has the [organization] developed and does it maintain a formal process to identify the
causes of substandard performance of the SMS?
3.3.2 Has the [organization] established a mechanism(s) to determine the implications of
substandard performance of the SMS on operations?
3.3.3 Has the organization established a mechanism(s) to eliminate or mitigate the causes
of substandard performance of the SMS?
3.3.4 Does the organization have a process for the proactive evaluation of facilities,
equipment, documentation and procedures (through audits and surveys, etc.)?
3.3.5 Does the organization have a process for the proactive evaluation of an individual’s
performance to verify the fulfillment of that individual’s safety responsibilities?
4.1.1 Is there a documented process to identify training requirements so that personnel are
trained and competent to perform their SMS duties?
4.1.2 Is the safety training appropriate to the individual’s involvement in the SMS?
4.1.3 Is the safety training incorporated into indoctrination training upon employment?
4.1.4 Is there emergency response/contingency training for affected personnel?
4.1.5 Is there a process that measures the effectiveness of training?
4.2.1 Are there communication processes in place within the [organization] that permit
thesafety management system to function effectively?
4.2.2 Are there communication processes (written, meetings, electronic, etc.)
commensurate with the size and scope of the service provider?
4.2.3 Is safety-critical information established and maintained in a suitable medium that
provides direction regarding relevant SMS documents?
4.2.4 Is safety-critical information disseminated throughout the [organization] and is the
effectiveness of safety communication monitored?
4.2.5 Is there a procedure that explains why particular safety actions are taken and why
safety procedures are introduces or changed?
__________________________