So Let’s take a look at how we could perform an Audit of the Internal Reporting System within an Operators Management System.
Consider First the Background Regulatory Obligations and to note that we need in this case to comply with both 965/2012 and 376/2014 (Proposed Audit Items are identified as AI-N)
AMC1 ORO.GEN.200(a)(2) Management system
COMPLEX OPERATORS – SAFETY POLICY
(a) The safety policy should:
(4) include safety reporting principles. AI-1
(b) The safety policy should include a commitment:
(5) not to blame someone for reporting something which would not have been otherwise detected. AI-2
GM1 ORO.GEN.200(a)(3) Management system
INTERNAL OCCURRENCE REPORTING SCHEME
(a) The overall purpose of the scheme is to use reported information to improve the level of safety performance of the operator and not to attribute blame.
(b) The objectives of the scheme are to:
(1) enable an assessment to be made of the safety implications of each relevant incident and accident, including previous similar occurrences, so that any necessary action can be initiated; and AI-3
(2) ensure that knowledge of relevant incidents and accidents is disseminated, so that other persons and operators may learn from them. AI-4
(c) The scheme is an essential part of the overall monitoring function and it is complementary to the normal day-to-day procedures and ‘control’ systems and is not intended to duplicate or supersede any of them. The scheme is a tool to identify those instances where routine procedures have failed.
(d) All occurrence reports judged reportable by the person submitting the report should be retained as the significance of such reports may only become obvious at a later date.AI-5
GM1 ORO.GEN.200(a)(2) Management system – Safety Policy
The safety policy should state that the purpose of safety reporting and internal investigations is to improve safety, not to apportion blame to individuals. AI-6
AMC1 ORO.GEN.200(a)(3) Management system
COMPLEX OPERATORS – SAFETY RISK MANAGEMENT
(a) Hazard identification processes
(2) All reporting systems, including confidential reporting schemes, should include an effective feedback process. AI-7
(d) Safety performance monitoring and measurement
(2) This process should include:
(i) safety reporting, addressing also the status of compliance with the applicable requirements;
AMC2 ORO.GEN.200(a)(5) Management system
COMPLEX OPERATORS – SAFETY MANAGEMENT MANUAL
(b) The contents of the safety management manual should include all of the following:
(9) incident investigation and reporting; AI-8
Next Step to Build our List of Auditable Elements
By Carefully going through the Regulatory Requirements and using the information to Develop the Audit Checklist
In this example, we have selected 8 examples for the Audit
Now for each Element, we can develop a similar approach to create our Audit – Question Bank
a) Has the requirement been documented in a clear and effective way within the organisation documentation-?
b) Is there “ownership” of the requirement – If it changed is there a mechanism to change or update the documentation. Any examples of this happening?
c) Is there evidence that the element is actually working – examples of activity – how much? Is it enough – for example how many reports per department / per 1000 Flying hours etc
d) How is the effectiveness of the element measured to demonstrate trend – means how can we show it is working ok (what is the measure)
e) For each Element to ask how it is communicated to the persons who need to know – what training is available (If required) how is the knowledge measured?
Sofema Aviation Services www.sassofia.com and SofemaOnline www.sofemaonline.com offer EASA Regulatory Compliant Training in Quality Safety And Root Cause Analysis – For details of forthcoming training please email office@sassofia.com or online@sassofia.com