SMS Most Wanted
A safety management system includes a list of the ten most wanted fugitive hazards and they are on the run. The most wanted hazards are identifiable hazards, but airports or airlines are unable to locate the whereabouts of their solutions. Hazards are locally different in the operational environment of airport or aircraft operation based on locations, destinations or flight conditions and require an operating environment specific safety risk management system applied.
Conventional wisdom is that hazard is a condition, when left unattended becomes a risk that foreseeable could cause harm to personnel or contribute to an incident or accident. The person managing a safety management system (SMS) has an obligation to identify hazards and carry out risk management analyses of those hazards. When the whereabout of hazards are unknown there are no requirements to carry out risk management. Make sense. The person managing the SMS is also responsible for implement a reporting system to ensure the timely collection of information related to hazards, incidents and accidents that may adversely affect safety. This responsibility does not include collection of all hazards, but only hazards that may adversely affect safety. If a condition is an actual hazard to aviation safety is either determined by emotions or data. When emotions are the determining factor, most activities relating to aviation are hazardous. When data is applied as the determining factor, only past occurrences are applied to hazard identification. Both these hazard identification systems come with one built-in flaw, which is that they are a accepted hazards because someone reported it, or because of past results. What is missing is the identification, or the whereabout of the hazard itself.
That an aircraft did not slide off a runway when landing on a 100% ice covered runway did not eliminate ice on runway as a hazard because it went unreported or the aircraft arrived without an occurrence, but it became one of the most wanted hazards within the decisionmaking process used by an airport operator and aircraft operator. When an airport operator is using a safety data system to monitor and analyze trends in hazards, incidents and accidents, the value of their trend analysis, or return on their investment, is shaped by their decisionmaking process.
The ten SMS most wanted hazards are identified within an SMS Enterprise’s
Hazard classification process;
Risk level process;
Root cause process;
Differences identification process;
Supervision factors process;
A decisionmaking process is a learned process and highly customized to any specific tasks. A pilot may be responsible for the safety of a flight, but for large airlines the decisionmaking process rests with dispatch and management. A decisionmaking process to release an aircraft for departure is a learned process and must fall within approved parameters. Decisionmaking processes for airlines with operational dispatch may not necessarily be a decisionmaking process but are performed based on internal compliance processes to conform to regulatory requirements.
An on-demand and smaller air operator, operating aircraft under 12,500 lbs was using a similar method as their decisionmaking process. Since their routes were pre-established between the same airport and in the same sequence, they applied a standard time enroute and fuel consumption for each flight and applied the same fuel weight for VFR and IFR conditions based on the most critical condition of flight. Without a regulated dispatch, this process was unacceptable. When a decisionmaking process becomes a product of compliance, as opposed to safety limits and parameters, one of the ten most wanted hazards are disguised within the process itself.
The hazard classification process is a process to establish safety critical areas and unacceptable behaviors while performing airside tasks at an airport or operating an aircraft. A safety critical area is an area of airport or airline operations which for the purpose of safety or immediate threat to aviation or personnel should be fail- free. Conditions affecting safety critical areas and establishing unacceptable safety risk levels are unacceptable behaviors for continued operations. Hazard classification are the safety critical area and the safety critical function. A safety critical function is the activity or task performed within the safety critical area. An aircraft is taking off from a paved runway is a safety critical area. As the aircraft rotate and transitions into a 3D environment is a safety critical function of that area. Rotation becomes the function to focus on for both airlines and airport operators. Since both airlines and airports operates with declared distances and point of rotation becomes the critical point of action for airlines, and the clearway the critical point for airport operators.
The purpose of a differences identification process is to identify hazards locally. A process where one-fit-all process does not support a safety management system. An airlines may depart one airport within a set of hazards parameters, while these parameters may be invalid at their next departure point. Airport operators may assess a risk differently for each runway end with the same hazard classification. The most wanted hazard within differences are operational assumptions.
The risk level process is to analyse probability of occurrence (likelihood that a defined hazard will affect the outcome), severity (caused by the occurrence) and exposure of an identified hazard (level of exposure while performing a task). An aircraft is exposed to the same hazards through the entire flight, but one hazard may be more severe during a defined phase of flight. An engine failure may cause a more severe outcome if it happens on takeoff than if it happens in cruise flight. The most wanted hazard is hidden in the justification of likelihood that hazard will affect an operational task. When likelihood is the perfect number probability, but so complex to calculate that it is unrealistic to use it, the hazard lay within the likelihood itself. When calculating the likelihood of an occurrence with a statistically probability of 10-7-10-9 that it will occur includes an analysis of indefinite factors within the affected systems with a probability to activate a hazard. Such an analysis would include the probability that an engine attachment bolt would share off during takeoff due to incorrect installment process. Without justification documented by mathematical calculations the likelihood selection is invalid and a hazard in itself. It has been said that an aircraft is exposed to an engine failure at every takeoff. The hazard of an engine failure exists, but until the engine fails the flight crew is not exposed to an engine failure. The Titanic was not exposed to an iceberg until the iceberg approach its path. Airport operators are also affected by the hidden hazards within their risk level process. The most wanted hidden hazard in the airport operator’s risk level process is to apply the number of times things went wrong in their calculation as opposed to the reasons why things went right. When it is known why things go right, then drift and changes are based on a platform to be analysed.
The purpose of a root cause process is to establish an area, or factor, within operations to target corrective actions. Targeted corrective action plans are more successful in generating expected changes than randomly applied corrections to randomly selected areas. A root cause is allocated to human factors, organizational factors, supervision factors, or environmental factors.
The first step in a root cause analysis is to determine if it is withing scope, control and authority of the SMS enterprise. The litmus test is if the Accountable Executive can freely apply human and financial resources to implement a corrective action plan. An AE at an airport has this authority to apply human and financial resources to airside operations, but does not have this same authority over a construction contractor doing work at the airport. An airline may use towing vendors to move their aircraft, but it is not within the airline’s scope and control to determine the root cause within the towing contractor’s operations system. Two commonly used root cause analysis processes are the 5-WHY process and the fish-bone process. The 5-WHY process is most effective if analyzed within a 5x5 matrix.
When there is only one path to the answer in the 5-WHY process, the first question determines the root cause outcome if the WHY is asked five times, or 100 times. Within a 5x5 matrix there are five first-questions asked, and each question is different. When applying the fish- bone process, there are unlimited brain-storming opportunities. When a root cause is applied outside scope and control, limited reasonable questions are answered, and unless opportunities for a hazard to be activated are exhausted, the most wanted hazard in a root cause analysis is on the run within overcontrolled processes.
The most wanted hazards within Human Factors, Organizational Factors, Supervision Factors, and Environmental Factors are found within the answers to the WHAT-WHEN-WHRE-WHY-WHO (position) and HOW questions.
HUMAN FACTORS are human reaction triggered by eyesight, hearing, taste, touch, or smell. It is human behavior, personal attitude with respect to situation, person or thing, values, beliefs or a just culture environment. Human factors are character and emotions, and other factors affecting the decision-making process and output.
ORGANIZATIONAL FACTORS is the organizational environment a person works within and as it relates to interactions defined in the SHELL model.
SUPERVISION FACTORS are direct supervision, remote supervision, or self- supervision. General types of supervision and leaders are structural, participative, servant-leader, freedom-thinking, and transformational leader.
ENVIRONMENTAL FACTORS are operational environment, topographical environment, climate environment, geo-environment, level of just-culture environment, or workstation environment.
HUMAN FACTORS - Human behavior, performance, and reaction to event ORGANIZATIONAL FACTORS - A framework to outline authority, accountability, roles, responsibilities, and communication processes.
SUPERVISION FACTORS - Function of leading, coordinating, and directing the work of others to accomplish the objective.
ENVIRONMENTAL FACTORS - Design and performance environment of design applicability for job performance and encouraging engagement or disengagement in task-result oriented activities.
HUMAN FACTORS - Aviation safety process and decision making. ORGANIZATIONAL FACTORS - Design of process and application of process in the operational environment.
SUPERVISION FACTORS - Daily, within the regular working hours of personnel, with result-oriented applications.
ENVIRONMENTAL FACTORS - Daily, within working hours in Operations, Maintenance, Flight Following or as assigned location.
HUMAN FACTORS - Operations and within operational management personnel. ORGANIZATIONAL FACTORS - Management policies and operational processes. SUPERVISION FACTORS - Organizational management in a hierarchy of organizational.
ENVIRONMENTAL FACTORS - Operations, Maintenance, Flight Following or as assigned.
HUMAN FACTORS - Human factors knowledge is used to optimize the fit between people and the system in which they work to improve safety and performance. ORGANIZATIONAL FACTORS - Establish an organizational culture for operational processes and expectations for level of safety in operations.
SUPERVISION FACTORS - Establishing authority, accountability, roles, and decision authority within the operational processes.
ENVIRONMENTAL FACTORS - Establishing and maintaining an environment where personnel have access to design tools and encouragement of performance engagement.
HUMAN FACTORS - Anyone with operational or SMS roles and responsibilities in operations, maintenance or flight following or other personnel when designing operational processes.
ORGANIZATIONAL FACTORS - Established, maintained, communicated, and assessed by all Directors and managers reporting to the Safety Management System are responsible for activities on behalf of the Accountable Executive. SUPERVISION FACTORS - The Accountable Executive is responsible for operations and activities on behalf of the certificate holder. All Directors and managers reporting to the Safety Management System are responsible for activities on behalf of the Accountable Executive.
ENVIRONMENTAL FACTORS - Applicable to all personnel, where the Accountable Executive leads with a Safety Policy and objectives and goals safe operation.
HUMAN FACTORS - Application of processes and tasks for both reactive management and proactive management.
ORGANIZATIONAL FACTORS - The delivery of structured processes within the organization.
SUPERVISION FACTORS - Processes within the basic types of supervision. General types of supervision and leader are: Structural, Participative, Servant-Leader, Freedom-Thinking and Transformational Leader.
ENVIRONMENTAL FACTORS - Safety operational systems designed for timely delivery within the SHELL model, designed to achieve user friendliness, and for personnel to stay informed during process application.
A System Analysis is a comprehensive analysis of systems, their sub- subsystems, departments and divisions and on- demand processes. System analysis processes are processes to identify hazards within the context of the system analysis. A system analysis is applied to analyses when considering implementation of new systems, revision of existing systems, or design and development of operational procedures, or identification of hazards, ineffective risk controls through the safety assurance processes, or change management. In addition to a system analysis is of the entire safety management system, a system analysis includes operations or activities authorized under the certificate, and analysis of vendor’s who are performing tasks affecting how the aviation industry perceive the certificate holder and accountable executive performance. A system analysis is applicable to vendors and third-party contractors limited to their tasks of operations. In the unlikely event of an incident, a vendor or third-party contractor may conduct their internal root cause analysis and submit to the airline or airport operator. The inclusion of a system analysis of vendors and third-party contractors operational process does not affect the scope, control and authority of an airline or airport root cause analysis.
The most wanted hazard within a system analysis are hazards beyond scope, control and authority of a certificate holder and their accountable executive.