September 23, 2025

Steven Bentley

Sofema Aviation Services (SAS) takes a deep dive into the practical use of the EASA MSAT process.

Introduction

The EASA Management System Assessment Tool (MSAT) is designed to help both Competent Authorities and organisations evaluate the maturity and effectiveness of their Management Systems (MS).

It supports a shift from purely compliance-based oversight to performance-based oversight and integrates both Safety Management System (SMS) principles (ICAO Annex 19) and EU-specific compliance monitoring requirements.

Purpose and Scope

  • Primary Objective: Assess the effectiveness of an organisation’s MS, not just its compliance.
  • Applicability: Covers all EASA domains (OPS, CAMO, Part-145, Part-21, etc.) and can be customised for sector-specific needs.
  • Target Users: Primarily Competent Authority assessors, but also organisations for self-assessment or gap analysis.

Core Structure

The MSAT follows the four pillars of the ICAO SMS framework, plus an additional section on Compliance Monitoring:

  • Safety Policy & Objectives
  • Safety Risk Management
  • Safety Assurance
  • Safety Promotion
  • Additional EASA Requirements (e.g., interface management, compliance monitoring)

Maturity Model – PSOE

The tool assesses each feature at one of four maturity levels:

  • Present: Documented in the MS.
  • Suitable: Scaled appropriately to size, nature, and complexity.
  • Operating: Actively used with outputs produced.
  • Effective: Achieving intended safety outcomes and showing a positive safety impact.

Using the MSAT

  • Not a checklist – The tool guides, but assessors must tailor the evaluation based on operational realities.
  • Evidence-based assessment – Relies on documentation review, interviews, and observation.
  • Scalability & Suitability – The MS must be adapted to the organisation’s operational context.
  • Findings vs. Observations – Findings for non-compliance or deficiencies; observations for improvement opportunities.
  • Integration – Supports a single assessment for integrated MS across multiple certificates.

Oversight Cycle Considerations

  • Initial Certification: Ensure all processes are “Present” and “Suitable.”
  • Continuing Oversight: Aim for processes to be “Operating” and ultimately “Effective.”
  • Extending Oversight Cycles: Possible for high-maturity organisations with proven hazard management and no serious findings.

Key Competencies for Assessors

  • Understanding SMS principles, performance-based oversight, suitability/scalability.
  • Ability to conduct interviews, interpret safety performance data, and evaluate safety culture.
  • Avoid “tick-box” mentality—focus on how safe the operation is, not just procedural compliance.

Practical Exercise – Applying the EASA MSAT

Scenario: You are part of a Competent Authority oversight team tasked with evaluating a Part-145 Maintenance Organisation using the EASA MSAT. The organisation holds multiple approvals (Part-145 & Part-CAMO) under a single integrated MS.

Step 1 – Select a Focus Area

Choose one MSAT section to assess. For this exercise:

1.1.1 Safety Policy – Sign-off and Periodic Review

Step 2 – Gather Evidence

From your simulated on-site visit and document review, you find:

  • The safety policy is signed by the Accountable Manager and dated 4 years ago.
  • It is displayed in the main maintenance hangar but not in remote line stations.
  • Staff interviews reveal that only senior supervisors are familiar with the policy.
  • There is no record of a documented periodic review in the past 3 years.
  • The policy mentions compliance with legal requirements but has no explicit measurable safety objectives.

Step 3 – Apply PSOE Maturity Levels

Using MSAT definitions:

  • Present:  (Policy exists and is signed)
  • Suitable:  Partial (Not visible across all locations; lacks measurable objectives)
  • Operating: Limited (Not actively reviewed; low staff awareness outside HQ)
  • Effective: (No evidence it drives safety improvement or is fully embedded)

Step 4 – Identify Findings & Observations

  • Finding: Absence of periodic review breaches AMC1 ORO.GEN.200(a)(2) requirements.
  • Observation: Safety policy not sufficiently communicated to all personnel and lacking measurable objectives linked to safety performance indicators.

Step 5 – Recommend Actions

  • Establish an annual review process for the safety policy.
  • Ensure visibility across all sites and in multiple formats/languages if needed.
  • Integrate measurable safety objectives aligned with organisational risk profile.

Step 6 – Reporting Summary

“The Safety Policy is documented and signed by the Accountable Manager but is not reviewed periodically, reducing its relevance to current operations. Staff awareness is uneven, particularly at remote sites. The absence of measurable safety objectives limits its ability to drive performance-based safety improvement.”

Next Steps

Sofema Aviation Services (SAS) provides the following training Management System Assessment Tool (EASA MSAT) – 2 Days. Please see our online website, Sofema Online (SOL), or email [email protected].

Share this with your network:

Tags:

EASA, Safety Assurance, Safety Management System SMS, SAS blogs, Safety Policy, maturity levels, MSAT, Management System Assessment Tool, Initial Certification, Integration, Gather Evidence, Identify Findings, Observations