GM1 21.A.239(c) Design management system

CAA ORS9 Decision No. 40

SAFETY MANAGEMENT ELEMENT

Safety management seeks to proactively identify hazards and mitigate the related safety risks before they result in aviation accidents and incidents. Safety management enables an organisation to manage its activities in a more systematic and focused manner. When an organisation has a clear understanding of its role in, and contribution to, aviation safety, this enables the organisation to prioritise safety risks and more effectively manage its resources for optimal results.

Safety should not be considered the responsibility of a single person or a limited group of people in the organisation. A safety culture should be developed throughout the organisation, which involves all the personnel as active contributors to the safety of the final product, part, or appliance, (see AMC1 21.A.239(c)(1)).

The principles of the requirements in points 21.A.3A, 21.A.5, 21.A.239, 21.A.245, and 21.A.247, and the related AMC constitute the design management system framework for aviation safety management. This framework addresses the core elements of the International Civil Aviation Organization (ICAO) safety management system (SMS) framework that is defined in ICAO Annex 19, Appendix 2, and facilitates the introduction of the additional safety management element.

This approach is intended to encourage organisations to embed safety management and risk-based decision-making into all their activities, instead of superimposing another system onto their existing management system and governance structure. In addition, if the organisation holds multiple organisation certificates that are issued under UK Regulation (EU) 2018/1139, it may choose to implement a single management system to cover all of its activities. An integrated management system may be used not only to capture multiple management system requirements resulting from UK Regulation (EU) 2018/1139, but also to cover for other regulatory provisions requiring compliance with ICAO Annex 19 or for other business management systems, such as security, occupational health, and environmental management systems. Integration will remove duplication and exploit synergies by managing safety risks across multiple activities. Organisations may determine the best means to structure their management systems to suit their business and organisational needs.

It is important to recognise that safety management will be a continuous activity, as hazards, risks, as well as the effectiveness of safety risk mitigations, will change over time.

The safety management capability of an organisation should be commensurate with the safety risks to be managed, which can be at the product, part, and appliance level or at the organisational level.

The risks that are inherent in a complex structure require a robust safety risk management process (e.g. complex interfaces with different partners that participate in the design of a product may pose hazards that are complex to mitigate).

As a consequence, scalability and suitability of the safety management element should be a function of the inherent safety risk capability of the organisation. For instance, for organisations with a lower risk level:

1. the risk assessment model that is used may be very simple in cases in which the identified hazards are easy to mitigate;

2. expert judgement might be sufficient to measure the efficiency of safety barriers;

3. the collection of data, safety information, and occurrences might be very limited;

4. there might be no need for software or tools to manage the SMS; and

5. the communication policy might be limited.