Aviation is an activity that faces numerous risks on a daily basis. ICAO and the FAA agreed that safety management systems (SMS) will be an effective method for improving safety in the face of rapid growth and increasing technical complexity. SMS is a platform to identify what needs to be changed so that potential accidents can be avoided in the future.

The FAA defines Safety Management System (SMS) as “a quality management approach to controlling risk. It also provides the organizational framework to support a sound safety culture.” (ref. AC 190-92) Simply put, it is a way for an organization to internally capture previously unreported incidents or safety concerns so they can be addressed in a proactive manner.

SMS methodology depends on the size and complexity of the company which may include the type of equipment being operated, the geographical areas of operation and personnel composition. An SMS should be specific to your organization. Training and promotion is essential for SMS. Employees, as well as company management, must buy into the program which means understanding concepts, the benefits, and implementation.

SMS options include:

• Onsite & Offsite Training
• SMS Training
• Implementation Guide/Models
• Facilitation of SMS Implementation
• SMS Evaluations
• SMS Audits
• Consulting
• IS-BAO Audits

For companies that have already initiated a process improvement initiative, SMS should not be a major shift or cultural change.

SMS Auditing - Common Issues in SMS Review & Validation

1. Does the SMS cover the entire company?
2. Are all 12 elements and their major processes accounted for? (Suggest drawing up a “map” or correlation matrix of the documentation before commencing a detailed review if the documentation is not in the same format as the framework).
3. policy, What responsibilities are given to operational/line managers (e.g. flight ops, maintenance, ground services, etc.)? The system should be management driven rather than focused on the safety officer/safety department. Look for directions regarding involvement of management including top management (e.g. CEO, COO, SVPs , Division Managing Directors,
   • safety risk management (SRM),
   • safety assurance (particularly management reviews – element 3.1.10).
4. Are the safety risk management and safety assurance functions focused on the safety office/safety department of are they driven by managers of line organizations (managers who can allocate resources and direct employees’ activities)?
5. Are there a good set of checks and balances between line management and oversight activities of the safety officer/safety department (e.g. auditing and evaluation by both line managers/organizations and the safety officer/organization, access to and accountability of top management)?
6. Does the SRM process look at all levels of risk? SRM should be included in:
   • Strategic decision making and system/process design,
   • Change management,
   • Operational control/supervision,
   • Line operations (crew/team/individual employee activities).
7. Are there clear, practical instructions on how to use and interpret risk assessment tools such as risk matrices?
8. Does the reporting system allow for reporting potential hazards in operations or in the workplace as well as reporting events?
9. Is there a path from data collection to analysis, to assessment, to control or problem resolution? (Data must be used to have value in decision making. This is fundamental to the idea of a “system.”)
10. Do the analysis functions look across reports and data sources to identify patterns and trends or is the system limited to looking at each event, report, or finding independently?
11. Is there a method of tracking hazards and problems in and between SRM and SA processes as well as tracking progress on resolution (e.g. hazard database, action log)?
12. Is hazard status, progress toward mitigation and resolution of problems reviewed periodically? (Must be part of the process and not something “pushed uphill” by the safety officer/safety organization).