Safety Management – There’s a System for IT
Author: AK Sachdev, Senior Vice President (Safety & Quality), Sheorey Digital Systems LimitedSubscribe
Safety Management – there’s a system for it
When prevention is better than cure and big data is called for, IT is the answer. AK Sachdev, Senior Vice President (Safety & Quality), Sheorey Digital Systems Limited
The past year was one of the safest in the history of civil aviation and the global civil aviation community appears determined to ensure the trend is maintained in future years. In pursuit of this lofty objective, the buzzword is Safety Management Systems (SMS), used by the International Civil Aviation Organization (ICAO) to signify a new, proactive and predictive management approach to safety in aviation. SMS is defined by ICAO as a “systematic approach to managing safety, including the necessary organizational structures, accountabilities, policies, and procedures.” This ‘management’ approach to safety has emerged through an evolutionary process over the past three decades although the term SMS was used by ICAO in a formal document only in 2006.
ICAO is currently working in close collaboration with member states and international organizations to develop a new Safety Management Annex (No 19) dedicated to safety management responsibilities and processes; the new annex is expected to encapsulate all the safety aspects enshrined so far in International Standards and Recommended Practices (SARPs) contained in…
Annex 1 — Personnel Licensing,
Annex 6 — Operation of Aircraft,
Annex 8 — Airworthiness of Aircraft,
Annex 11 — Air Traffic Services,
Annex 13 — Aircraft Accident and Incident Investigation and
Annex 14 — Aerodromes,
Volume I — Aerodrome Design and Operations.
The new annex will include provisions on SMS as well as the collection, analysis, protection and exchange of safety data. The requirement to have an SMS in place is being progressively mandated by all civil aviation regulators and it is likely that by 2014, all operators would have to have a safety management system in place to continue their operations.
Processes define safety
The philosophy of SMS moves away from the reactive character of flight safety as practiced for decades to a new safety paradigm which is primarily proactive and predictive in its approach towards the hazards and risks that impact an organization as a whole. ICAO’s SMS Manual (Doc 9859), first published in 2006, introduced the new thought processes on safety; it defines ‘Safety’ as “The state in which the possibility of harm to persons or of property damage is reduced to, and maintained at or below, an acceptable level through a continuing process of hazard identification and safety risk management.” The acceptance that hazards and associated risks cannot be eliminated to zero levels goes along with the understanding that hazards must be identified and all efforts taken to minimize and mitigate related risks.
The key phrase in the definition of ‘Safety’ is the continuing process to manage risks. Moreover, the stress on the predictive approach implies extensive data gathering exercises in order to identify possible negative future outcomes or events, and to analyze system processes (as well as the environment) to identify potential future hazards so as to initiate mitigating actions. The quantum of data required to be gathered and analyzed is so huge that only electronic manipulation would be up to that task. Information Technology (IT), inclusive of all its tributary technologies and replete with its convergence vehicles, is proving to be an efficient and ubiquitous hand-maiden for SMS.
This paper addresses the ways in which IT promises to facilitate the processes required to implement (and manage on a regular, day-to-day basis) SMS amongst operators; it will also introduce software applications that exist in the market already to electronically monitor the continual process of SMS in pursuit of predictive safety management.
Data or drivel?
An SMS framework requires specific activities and processes that must be performed by aviation service providers. The ICAO SMS framework comprises the following four components:
- Safety policy and objectives;
- Safety risk management;
- Safety assurance; and
- Safety promotion.
Of these, safety risk management (whose objective is to identify hazards, assess related risks, and develop appropriate mitigation strategies) and safety assurance (which involves processes to monitor compliance with international standards and local regulatory requirements) are the ones that stand most obviously to benefit from the contribution made possible with IT.
Modern management systems (and SMS is no exception) tend to have data based decision making as one of their most critical attributes. As many organizations learn to their chagrin, data can be a double-edged sword; it must be kept pristine and wholesome to be of any use or have any meaning for the software employed to use it. Valid and accurate data (meeting the criteria for which it is collected) collected in a timely manner, with no exclusions and exceptions, consistently and continuously furnished, readily accessible to the user and kept reasonably secure from non-users, is the requirement for an IT solution to deliver to its user the full benefits sought. Requirements to these standards cannot be met through manual inputs and need to be available from the primary source in as short a time as possible after the event to which they relate. The old adage of ‘Garbage In Garbage Out’ is particularly and forcefully true for safety-related IT applications; imagine a safety-threatening incident or occurrence repeating itself because the data related to the first event was not ‘managed’ efficiently.
Hazards, risks and safety
The fact that aviation, especially civil aviation, has been rendered so safe in recent years is despite the reality that flying is inherently associated with hazards. SMS stipulates that an organization should proactively identify hazards associated with its operations and the environment in which those operations are carried out.
Traditionally, hazards were identified through historical data on occurrences but SMS visualizes the hazard identification process to be one that incorporates controls and preventive measures through a systematic analysis of potential causes using new methodologies like the Bowtie model (first developed by Shell to meet the requirements for risk assessment in the oil and gas industry).
Hazard identification is logically followed by risk assessment and risk management which are the key focus areas of SMS. IT solutions permit the linking of hazard identification and risk management processes through a common strand. An infinite number of hazards can be recorded; newly discovered hazards cross referenced to previously recorded ones; associated risks analyzed, and risk elimination or mitigation strategies developed and passed up to the organization. Subsequent monitoring of the implementation stages can also be pursued through software queries, flags, and audits.
A robust culture of internal safety audits is the hall mark of a ‘safe’ organization and defines its commitment to safety. Software applications permit, at the click of a few keys, the planning, scheduling, detailing of auditors, checklist creation, pre-audit briefings, conduct and recording of findings against ordained checklists. Not only that, it is also possible to track the logical follow-through to shortfalls identified by an audit team by way of assigning corrective actions, ensuring completion of actions through discrete responses, and re-audits if found necessary by the organization. A cynical ‘so what’s new?’ could be posed here; after all these activities have been going on even without software being involved.
This is the crux of the matter. With the complex nature of operations, an organization can now keep track seamlessly and without errors and omissions, of its audit regime’s continual process of ensuring safety through monitoring the organization’s processes and areas of potential systemic frailties.
As SMS aims at ensuring compliance with regulatory frameworks – both international and domestic – it is important that an organization’s knowledge base be constantly updated to take account of the latest regulations, circulars and directives, as well as the latest audit checklists used by external regulatory agencies. While it is possible for an organization to keep its knowledge base in these respects updated manually, emerging software solutions would permit the updates to be carried out through direct, real time ‘feeds’ from regulatory sites into their SMS knowledge bases. Suitable triggers would then warn users of the changes and updates. The end result would be a constantly updated SMS. This real-time regulatory update can have a tremendously positive impact on the ability to respond to changes in rules, and keep the SMS current.
Occurrence reporting and management
All around the personnel involved in operations, unusual occurrences are happening all the time. A good safety culture encourages a reporting system (guaranteeing confidentiality) for any occurrences impinging on safety. Some of these reports would be unimportant from the point of view of the safety manager; others would indicate the need for an escalation to the status of a hazard requiring detailed analysis of causes and potential risks. A software permitting such occurrence reports to be filed (anonymously if so chosen by the report filer) on line, with all subsequent logical actions being handled electronically to their conclusion would render the process prompt and hassle free – with no scope for reported occurrences being neglected due to human oversight. Some of these reports would entail investigations to garner more facts and elicit deeper understanding of the underlying causes.
A safety manager regularly needs to initiate investigations into reported occurrences, incidents or accidents. The discipline offered by software to manage investigations ensures that reports do not fall by the wayside just because the investigator is too preoccupied with other tasks or investigations. Moreover, as the investigation methodology is imported from the relevant ICAO documentation, the requisite guidelines are adhered to; this channeled investigation process retains the focus on the essentials and the standardization in investigation reports makes for ease of comprehension. Investigation management tools also assist in following through the recommendations made by an investigator or an investigating board.
In any organization, safety is everybody’s business and SMS, with its systems approach, would need to bring different safety stakeholders together to discuss issues, indoctrinate personnel and managers, resolve disagreements, and occasionally thrust critical messages down unwilling throats. Meetings would be required and, once again, IT solutions can facilitate the smooth planning, scheduling, invitation, agenda dissemination, attendance recording, minutes preparation and distribution, and most importantly, follow up on actions taken in pursuance of decisions taken at the meeting. The painstaking and time consuming activities take up a considerable proportion of a manager’s attention span; electronic and automated management through suitable software renders the whole process effortlessly efficient.
Safety and quality
Safety and quality are interlinked. While SMS focuses on hazard identification and management of associated risks, Quality Management would be concerned with conformity and compliance. The basic principles of both are complementary inasmuch as both contribute to safety. Moreover, many aviation organizations (especially airlines) are managing their Flight Operations Quality Assurance (FOQA) and Maintenance & Engineering Quality Assurance (MEQA) programs electronically. The data base for these two Quality programs also throws up safety cues e.g. exceedances data drawn from Flight Data Recorders provides inputs for safety trends and occasionally triggers for investigation.
Similarly, inefficient management of repetitive snags on an aircraft or ignoring MEL (Minimum Equipment List) expiry datelines has safety ramifications. Thus safety related data is extractable from Flight Data Monitoring and Maintenance & Engineering databases. This realization has led to the amalgamation of ‘Safety’ and ‘Quality management’ software into one solution. The combined software promises to stitch the two areas of management together into one efficient system. Safety managers can now manage, analyze and exploit data from Quality databases in the overall interest of safety. The addition of Quality inputs into the SMS has been made possible by emerging software solutions that promise to enhance safety levels – thus achieving the primary objective of SMS.
Integrated data base
Some of the other SMS related activities that could be supported by software solutions are safety archives, safety training, corrective action management, document management, safety trends analyses, and a dashboard type of module that encapsulates – for top management – a macro picture of the state of safety in an organization for a swift, instantaneous grasp of safety status and safety trends. All the data required for SMS purposes is manageable by today’s software in a single data base from where required bits of information can be pulled in by or pushed out to users with the requirement to access that particular data and with the rights to do so. Using an integrated data base rules out errors related to inconsistencies, missing data and interface errors associated with incompatible data bases.
Fifth generation IT systems employ networking technologies to manage applications as well as provide data storage irrespective of the nature, location and configuration of the hardware used by the client. Laptops, touch screen tablets (possibly with Windows 8 or a similar technology) or even smartphones are the future workstations while clouds will provide the corresponding data storage. Safety, in the context of aviation, covers a lot more than just operations; indeed it concerns almost every activity of the organization and one safety related occurrence or incident may affect many areas of operation.
As each type of operation employs IT solutions for its management, there is the possibility that those systems are differentiated and disparate. It might be prudent to look at SMS as a single management system embracing all operational areas for the purposes of data collection, process management, and analysis. The integration mentioned earlier between safety and quality can be extended further to embrace the whole organization served by an Enterprise Resource Planning (ERP) solution (or a similar management solution optimized for aviation organizations). This would ensure that management of safety becomes an enterprise-wide process and that all relevant inputs from the integrated software modules and a unified data base contribute towards efficient planning, managing, coordination and control of all safety related activities. Once that happens, IT will have admirably served the cause of SMS.