Policy, Objectives and Organisational Arrangements

The organisation promotes a systematic approach to the management of safety to ensure continuous improvement. As a result the foundation of the organisation’s Safety Management System is a framework based on the ‘Plan-Do-Check-Act’ continuous improvement lifecycle with terminology adapted to the safety needs of the organisation. The organisation has chosen a bespoke framework, instead of adopting a generic regulatory or standards defined model. Adopting a bespoke framework allows more freedom in creating an SMS that uses terms that are more engaging and understandable to all employees; not just those in the safety teams. The framework chosen also provides opportunity for the organisation to create specific meaning around the implementation of the SMS in their daily tasks. This will help all employees understand and engage with the SMS implementation. The SMS Framework is shown in the Figure below and the SMS Core Objectives are explained further in the proceeding section.

---

SMS Core Objectives

The SMS Framework represents 6 Core Objectives and these form the basis for the day to day application of the safety management within the organisation.

The SMS Core Objectives are described as follows:

• Objective #1: Deliver Safe Services
• Objective #2: Analyse Service Safety Performance
• Objective #3: Identify Service Safety Improvement
• Objective #4: Control Changes to Services
• Objective #5: Supporting Organisation and Culture
• Objective #6: SMS Documentation and Recordkeeping

The first four SMS Core Objectives represent the main activities of the continuous improvement lifecycle. The common link between these four objective is the management of safety risk of the Services that the organisation provides to its customers. Core Objective 5 is a foundation element that provides specific focus on ensuring a supporting organisation and culture is in place to ensure the four Core Objectives are as effective and efficient as possible. Core Objective 6 is also a foundation element and ensures that the SMS is not only documented correctly but complies with appropriate international, national and industry requirements.

The Safety Policy is the highest level safety element in the organisation’s SMS. It reflects the organisation’s commitment to Safety including committing to ensuring all means and resources necessary for the implementation of the Safety Policy are made available as a matter of priority.

The SMS Framework is reflected in the organisation’s Safety Policy through the SMS Core Objectives. The Safety Policy is shown below:

---

The Safety Policy is supported by a Just Culture Policy. The design of our Safety Management System is based on systems-thinking principles. Our Just Culture Policy reflects this systems-thinking approach where all employees, whether management, operational or support stand together to achieve a safe organisation.

---

Just Culture Employee Handbook

The Just Culture Policy is supported by a Just Culture Employee Handbook. This Handbook provides useful information to all our employees to explain how Just Culture is applied.

• Just Culture Employee Handbook V1.0

The SMS Core Objectives are further explained through a series of SMS Safety Objectives, which are outlined in the table below. These Safety Objectives provide clear description of how the SMS Core Objectives will be implemented through a series of structured safety management activities. The Safety Objectives are defined in the context of a Systems Thinking approach to Safety Management. The reference to Service represents the delivery of the organisations capabilities to a user or customer outside the organisation.

Systems Thinking: The reference to System represents all the actors within the environment that are involved in the delivery of the service. The term System covers the same concepts described by the Joint Cognitive System or Joint Human Machine System. System DOES NOT ever refer to the technology/machine elements only.

Evidence of how each of the Safety Objectives are implemented within the organisation is provided. The evidence is a combination of direct evidence (specific business or safety material) or in-direct evidence, primarily reference to a process.

SMS Core Objective	Safety Objectives	Compliance
Objective #1: Deliver Safe Services	1-1: Procedures describe how services are provided in normal, abnormal and fall-back scenarios.	Indirect Evidence: Item developed by business management system processes. These items provide the context for the SMS to perform safety risk assessment appropriately. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective..
	1-2: Service plans are in place to manage emergency situations and they are coordinated with interfacing organisations.	Indirect Evidence: Item developed by business management system. These items provide the context for the SMS to perform safety risk assessment appropriately. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	1-3: Hazards, and associated consequences, for the scope of delivered services are identified and documented.	Indirect Evidence: Conduct Safety Risk Assessments Process Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	1-4: Safety controls are in-place to mitigate all hazards associated with the service and the residual risk is accepted by management.	See compliance for 1-3
	1-5: Safety performance monitoring indicators and associated targets supporting service delivery are identified.	See compliance for 1-3
	1-6: Safety dependencies between stakeholders are identified and adequately managed.	Indirect Evidence: Agree Stakeholder Dependencies Process Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	1-7: A safety case for each service is developed to demonstrate the service delivered is acceptably safe.	Indirect Evidence: Develop Safety Case for Services Process Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
Objective #2: Analyse Service Safety Performance	2-1: Safety events, incidents and occurrences and normal working observations and improvements are reported by employees.	Indirect Evidence: Report Mandatory Occurrence Process and Report Voluntary Safety Information Process Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	2-2: System behaviour in operations is analysed through survey of the day-to-day service delivery.	Indirect Evidence: Survey System Behaviour in Operations Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	2-3: Events are investigated, and the findings documented and communicated to stakeholders.	Indirect Evidence: Investigate Safety Event Process and Investigate Special Events Process. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	2-4: Safety performance monitoring data is collated, reviewed and analysed with respect safety performance indicators and targets to identify trends in performance.	Indirect Evidence: Analyse Safety Performance Process. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	2-5: Safety performance is benchmarked against other similar external service providers.	Indirect Evidence: No process defined for this objective. The approach should be agreed with sector trade organisation where appropriate. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
Objective #3: Identify Service Safety Improvements	3-1: Safety improvement actions are identified to manage adverse trends in safety performance.	Indirect Evidence: Identify Safety Improvement Actions Process. Direct Evidence: Refer to Service Safety Case for evidence of implementation of this objective.
	3-2: Safety improvement actions are identified through exchange of information with external stakeholders	See compliance for 3-1 Note: Sharing and exchange of lessons learned on operational safety improvement is conducted with external organisations within the industry and also in other related industries.
	3-3: Safety improvement actions are communicated to internal and external stakeholders, where appropriate	See compliance for 3-1
	3-4: Each safety improvement action is documented and tracked to manage safety improvements	See compliance for 3-1
Objective #4: Control Changes to Services	4-1: All planned changes are identified, described and assessed for its safety impact to the service.	Indirect Evidence: Assess Safety Impact of Changes Process. Direct Evidence: Refer to specific Safety Case for Change for evidence of implementation of this objective or the Project Management Office for specific tasks.
	4-2: Hazards associated with the scope of the change to the service are identified and documented.	Indirect Evidence: Conduct Safety Risk Assessments Process. Note: This Process is the same process that is applied to steady-state operations. It may be applied to changes independent of the service it is changing or applied in the context of an existing safety risk assessment for the service. Direct Evidence: Refer to specific Safety Case for Change for evidence of implementation of this objective or the Project Management Office for specific tasks.
	4-3: Safety controls are in-place, and are effective, to mitigate all hazards associated with the change to the service and the residual risk is accepted by management.	See compliance for 4-1
	4-4: Planned and unplanned activities (maintenance, installation, commissioning, transition and decommissioning) are managed to ensure no adverse impact on delivery of services.	Indirect Evidence: Conduct Safety Assessment of Lifecycle Activity Process. Note: This Process may be applied to any planned, unplanned or routine changes. For example, installing new equipment or conducting maintenance on technical infrastructure. The scope of the assessment is to ensure that the impact of the activity does not impact the delivery of any operational service. Direct Evidence: Refer to specific Safety Case for Change for evidence of implementation of this objective, the Project Management Office for specific tasks or the Engineering department.
	4-5: Safety cases for changes are developed, where appropriate, to demonstrate to all stakeholders that the change introduced will be acceptably safe in-service.	Indirect Evidence: Develop Safety Case for Changes Process. Direct Evidence: Refer to specific Safety Case for Change for evidence of implementation of this objective or the Project Management Office for specific tasks.
Objective #5: Supporting Organisation and Culture	5-1: Safety accountabilities and responsibilities for employees (and contractors) are allocated, appropriately discharged and maintained.	Indirect Evidence: Allocate Safety Accountability to Managers Process and Communicate Safety Responsibilities to Employees and Contractors Process Direct Evidence: Refer to Organisational Safety Arrangements section within this document for designation of Accountable Executive and Safety Manager and an overview of how accountabilities and responsibilities are managed.
	5-2: Employees, and contractors, are competent (qualified, trained and continuously monitored) to perform their safety duties.	Indirect Evidence: Assess Competency of Safety Personnel Process Direct Evidence: Refer to Organisational Safety Arrangements section within this document for how competency is managed in the organisation.
	5-3: The safety culture (including a Just Culture) within the organisation is periodically examined and actions taken to improve.	Indirect Evidence: Survey Organisational Safety Culture Climate Process Direct Evidence: Refer to the Safety Culture Improvement Action Plan for further details.
	5-4: The effectiveness of safety management system activities are independently reviewed, and near and long-term actions are planned and implemented.	Indirect Evidence: Report Voluntary Safety Information (in context of improvement opportunities to working practices). Manage Integrated Audit Programme and Conduct Audits and Reviews Process (Note: These processes are owned by Quality Management System). Direct Evidence: Refer to Quality Management department for results of audits and reviews. Sharing and exchange of lessons learned on SMS implementation is conducted with external organisations within the industry and also in other related industries.
	5-5: The safety management system is actively promoted to internal and external stakeholders (where appropriate and approved).	Indirect Evidence: Communicate Safety Information Process. Direct Evidence: The design of the SMS and the online intranet which it is presented is the primary communication means for safety management system. Additional safety promotion is carried out as required.
	5-6: Safety management groups are in place to provide appropriate safety management decisions and guidance.	Indirect Evidence: Where a committee or group is required this will be represented within the process. Direct Evidence: Refer to the section on Commitee and Groups for Terms of Reference for Organisation committees.
Objective #6: SMS Documentation and Record-keeping	6-1: SMS documentation is published in a format that ensures employees can access SMS information relevant to their position and duties.	Indirect Evidence: No process required for this objective. Direct Evidence: The design of the SMS material is accessible online and is Role based as evidenced by this online platform which hosts all SMS material.
	6-2: SMS documents are defined, systematically reviewed, updated and archived and, where appropriate, communicated to authorities.	Indirect Evidence: Quality Management Process for Document Control and Review (see QM process for this item). Documents that require notification of changes to the regulatory authority are listed. Direct Evidence: Refer to Document Management for further information.
	6-3: The SMS is managed as part of an integrated business management system.	Indirect Evidence: No process required for this objective. Direct Evidence: Refer to Document Management for further information.
	6-4: SMS documentation demonstrates compliance with all international standards, national regulatory requirements, and industry good practice.	Indirect Evidence: No process required for this objective. Direct Evidence: Refer to Regulatory Compliance Information for more information.

This section defines the key safety roles within the organisation, the organisational safety structure (referred to as the safety accountability chain), and how safety accountabilities are allocated to those roles. The allocation of general safety responsibilities to employees and contractors is also covered. This section support compliance to two Safety Objectives within SMS Core Objective #5 that relate to the allocation of safety accountabilities and responsibilities to staff.

The allocation of accountabilities and responsibilities is an activity the organisation performs to ensure it is clear what is expected of staff at all levels. The safety accountability and responsibility statements are defined using the 6 SMS Core Objectives. The connection to the Core Objectives provides clear guidance on how the statements can be discharged by direct reference to the supporting SMS processes and associated guidance. Additional safety leadership guidance is also provided to staff recognising how critical our leadership behaviours are to the implementation of safety.

Accountable Executive Designation

The designated Accountable Executive for Safety within the organisation is Mrs. B Safe, in the role as Chief Executive Officer (CEO).

The Accountable Executive is the single person who has ultimate accountability for the SMS and the safety performance of the services delivered by the organisation. The Accountable Executive is responsible for providing the necessary resources (e.g. human and financial) for the effective and efficient performance of the SMS. Irrespective of other functions, the Accountable Executive has ultimate responsibility and accountability for the implementation and maintenance of the SMS throughout the organisation.

• Accountable-Executive-Accountability-Statement-V1.0

Safety Manager Designation

The designated Safety Manager within the Organisation is Mr. I. Check, in the role as Safety Director.

The Safety Manager is responsible for providing independent assurance to the Accountable Executive on safety matters including ensuring the that an effective SMS is in place within the organisation. The Safety Manager is NOT accountable for the safety performance of the organisation. The responsibilities of the Safety Manager involves co-ordination with all organisational departments where services are delivered or the department supports services through delivery of resources.

The Safety Manager advises the Accountable Executive and their direct reports on Safety Management matters and is responsible for coordinating and communicating Safety issues within the organisation, as well as with external stakeholders. The Safety Manager is responsible for ensuring that the correct allocation of resources necessary for the effective, efficient and safe performance of the Services is provided within the organisation.

Refer to the Safety Accountability Statement attached for the Safety Manager for a full description of their accountabilities.

• Safety-Manager-Accountability-Statement-V1.0

Safety Accountability Chain

The implementation of the SMS is considered effective when the managers in the organisation are aware of what their obligations are. To provide appropriate support to the managers who either report to the Accountable Executive(CEO) and / or hold business accountability for service delivery specific Safety Accountabilities are also defined and allocated to them. The managers are accountable to the CEO to directly, or in-directly dependent on their job, ensure the safe delivery of services within the organisation. The Safety Accountability Chain within the organisation is shown below.

Accountable Managers

The safety accountabilities for the Managers and the mapping to the Accountable Executive is shown below:

• Safety-Accountability-Statement-Mapping-V1.0

Designated Post Holder

The Accountable Executive specifically appoints a Designated Post Holder for the specific duties laid down in the Regulation. This includes individual who will deputise in times of prolonged absence.

Note: This role is only applicable to certain Aviation Industry segments, for example, Part M organisations. Due to the specific nature of these accountabilities they are not detailed here.

Management of Accountabilities

Click here to access the process that allocates the accountabilities to managers. A mandatory part of the allocation process is the face-to-face discussion between the Accountable Executive and the Accountable Manager receiving the accountability statement. This is conducted as part of annual performance reviews with staff. The demonstration by Accountable Managers that they are discharging their accountabilities is an element of the performance process. This is explained further in Human Resources processes.

Safety Leadership Behaviours

To support the CEO, those with defined Safety Accountabilities and all other line managers in the organisation a Safety Leadership Behaviour Handbook has been created. The Handbook provides support on the type of leadership behaviours that should be displayed to ensure that the Safety Culture of the organisation is such that it values and priorities Safety.

The Safety Leadership Behaviours Handbook is provided in the attached:

• Safety-Leadership-Behaviour-Handbook-V1.0

Guidance

• Attitudes and Behaviours for Effective SMS – SMICG

General Responsibilities for Employees and Contractors

All employees and contractors are responsible for Safety within the organisation. General responsibility statements are communicated to all staff to ensure they understand their responsibilities. Click here to access the process to communicate these responsibilities.

Employees and contractors will be asked to acknowledge the responsibilities on an annual basis as part of standard performance reviews with your line manager or supervisor. It is important that employees and contractors discuss the responsibilities with their line manager or supervisor to ensure a common understanding. In addition, any training or learning activities that are required to support the responsibilities can be planned.

The General Responsibility Statement is provided in the attached:

• General-Responsibilty-Statement-for-Employees-and-Contractors-V1.0

Take 5 Dynamic Risk Assessment

In addition to the General Responsibilities the organisation promotes a dynamic risk assessment process called Take 5. Take 5 is a multi-industry good practice that empowers employees to ‘stop’ their task if they do not have confidence of achieving a good outcome if they continue. It is explained using 5 key steps:

1. Stop. Think about the potential dangers associated with the task.
2. Look. Identify any hazards.
3. Assess the risk. Consider any possible impacts to the provision of the delivery of services.
4. Manage controls. Implement suitable control measures to reduce risk.
5. Safely complete the task

Take 5 should be used in situations such as remote and lone workers operating within irregular environments or on irregular tasks, where a formal risk assessment is unlikely to have been carried out, or does not represent the reality of the scenario the employee is within. It can also be used in scenarios where front-line operators are presented with a difficult or challenging situation associated with unplanned events such as the failure of equipment. In these situations, the ability to carry out a dynamic risk assessment allows the employee to identify a potentially dangerous environment or situation and take the appropriate steps to leave the environment or remove the risk before it causes an incident.

Documentation Structure

The Safety Management System has the following material included:

1. SMS Manual (the information held within this online platform)
   • This information includes the Policy and Safety Objectives of the organisations Safety Management System. It represents the top-level information in the SMS structure.
2. Safety Processes and Templates
   • A collection of information (one for each Process Area) that describe the process for all Processes that are required to implement an SMS within the organisation. Each process is supported by templates and forms for each output deliverable and support guidance as appropriate.
3. SMS Regulatory and Standards Compliance Matrix
   • These series of document(s) provides evidence that the organisations SMS comply with the requirements of national regulation, international standards and industry good practice by reference to specific elements of the SMS.

Policy and Process Ownership and Continual Review

The Safety Manager is accountable for the review and update of the SMS material to ensure it meets the needs of the organisation. The Safety Manager allocates a Business Process Owner (BPO) for each Process. The BPO is accountable for the effectiveness of the process within the organisation. The BPO has one or more Business Process Experts (BPE) for each process. The BPE is responsible for the implementation of the process within the organisation, providing guidance to employees and gathering feedback.

Review of Documentation

There shall be a periodic review of the SMS information, including the Safety Policy and Just Culture Policy, every three years or when required by the organisation. This shall be managed by the Safety Manager.

Promotion of Safety Documentation

The Accountable Executive and their leadership team are responsible for the promotion of the Safety Policy, and all other necessary SMS material, to all employees within the organisation. This includes ensuring that:

1. It is visible, in physical and online formats, to all departments within the organisation;
2. It is actively discussed in internal organisational briefings, classroom training or awareness workshops whenever possible;
3. Specific elements are available in both hard and electronic copies to suit the needs of employees.

Document Control

The SMS documentation is managed following standard Quality Management document control practices in line with ISO9001 (or equivalent). Safety records are generated as a result of the application of the SMS processes. These safety records are subject to the requirements outlined in the Quality Management Manual.

All safety records are retained for a minimum period of 5 years from the date of the last update. Each department is responsible for to ensure that all Safety Records generated under its responsibility are generated, stored and updated in an appropriate manner and responsible for these records are designated.

Notification of Management System Changes to Regulatory Authority

The organisation has defined the list of items in the Safety Management System that when changed require the organisation to notify the Regulatory Authority and they cannot be cannot be introduced until acceptance is received. The list includes changes to the scope of the certificate or the terms of approval. The Regulatory Authority has approved the list.

When approved processes are not suitable for the task, the organisation may choose to follow an alternative method. In this case the organisation will request an exemption to deviate from the Regulatory Authority and provide the details of the deviation and the justification for its use. The deviation must be approved by the Regulatory Authority prior to its application.

The notification process is managed as part of the Quality Management Processes for document control.

Note: The list of items should be developed by each organisation in collaboration with the Regulatory Authority. Examples may include the Safety Policy, Safety Designations, Safety Accountabilities etc.

This section holds the evidence that the Safety Management System complies with or aligns with international standards, regulation and good practice standards.

An SMS Compliance Matrix document contains the evidence of why the requirements from the noted documents are satisfied by the organisation’s SMS through reference to the Safety Objectives, the SMS Manual, supporting Process documentation, and other material as required.

International Standards

ICAO Annex 19 2nd Edition plus ICAO Safety Management Implementation Guidance

• SMS Compliance Matrix – ICAO Annex 19 V1.0

International Good Practice Standards

CANSO Standard of Excellence in Safety Management Systems

• SMS Compliance Matrix – CANSO SoE in SMS V1.0

European Regulation

The following figure provides an overview of the European Regulation and the scope of safety related regulatory requirements in the context of different organisation types. The links below provided specific compliance information for each Regulation.

Note: For European Regulation, compliance is provided only to the regulatory requirement and not the AMC or GM level (which is required in some States for regulatory approval).

Regulation (EU) No. 139/2014: Aerodromes plus Online Easy Access Rules

• SMS Compliance Matrix EU Regulation 139-2014 V1.0

Regulation (EU) No. 965/2012 Air Operations plus Online Easy Access Rules

• SMS-Compliance-Matrix-EU-Regulation-965-2012-V1.0

Regulation (EU) No. 1178/20111 Civil Aviation Aircrew (SMS requirements added through Regulation (EU) No. 290/2012 Aircrew) plus Published Easy Access Rules

• SMS-Compliance-Matrix-EU-Regulation-1178-2011-V1.0

Regulation (EU) No. 2017/373 Common Requirements for ATM/ANS plus Published Easy Access Rules

• SMS Compliance Matrix – EU Regulation 2017-373 V1.0

Overview of Regulation 2017/373 and its AMC/GM, focusing on the management, assessment and oversight of changes

Overview of Regulation 2017/373 and its AMC/GM, covering its full scope

Overview of the annexes/sections/chapters/requirements from regulation 2017/373 amended or introduced by regulation 2020/469

EU Regulation No. 1321/2014 Continuing Airworthiness of Aircraft (Part MF and Part MG, Part 145) Amended by EU Regulation No. 2019/1383 (Part CAMO) plus Online Easy Access Rules

Compliance to be provided

Regulation (EU) No. 748/2012 (Part 21) plus Published Easy Access Rules

Compliance to be provided

Note: Notice of Proposed Amendment (NPA 2019-15) details proposed changes to embody SMS requirements into Part-145 and Part-21 organisations. In December 2020, the Consultation Review Document was published.

FRM Guidance Material

• Skybrary FRM Guidance
• ICAO FRM Guidance
• IATA FRM Guidance
• Flight Safety Foundation FRM Toolkits for Helicopter and Commercial Air Operations

HaW Guidance Material

• EB2020/55 – Promoting, maintaining and supporting mental well-being in aviation during the covid-19 pandemic

Guidance

• CASA SMS for Aviation – A Practical Guide – Human Factors (Booklet 6)