Ref. Requirement Conform N/a references / Comments/ Evidence of Non-Conformities y n



Download 0.82 Mb.
Page1/9
Date02.02.2017
Size0.82 Mb.
#16229
  1   2   3   4   5   6   7   8   9

IS-BAO Audit Protocols

International Business Aviation Council (IBAC)



ref.

Requirement

Conform

N/A

References / Comments/ Evidence of Non-Conformities

Y

N


3 Safety Management System

3.2

Safety Policy and Objectives

3.2.1a

Management Commitment and Responsibility

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

Is there a safety policy that:
S1. Reflects management’s commitment to safety?

Y







GCOM 2.1.1

S2. Includes a clear statement about providing necessary resources?

Y







GCOM 2.1.1

S3. Includes safety reporting procedures?

Y







GCOM 2.1.1

S4. Clearly indicate which types of behaviours are unacceptable related to the organization’s aviation activities and include the circumstances under which disciplinary action would not apply?

Y







GCOM 2.1.1

S5. Is signed and dated by the Accountable Executive (AE)?

Y







GCOM 2.1.1

S6. Is communicated, with visible endorsement, throughout the organization?

Y







GCOM 2.1

S7. Is periodically reviewed to ensure it remains relevant and appropriate to the organization?

Y







GCOM 2.1

APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)

A1. Is the safety policy relevant to the scope and complexity of the organization’s operations?













A2. Is everyone aware of the safety policy?













EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)

E1. Is the safety policy reinforced by day-to-day decisions?













E2. Is everyone committed to enhancing safety performance?













E3. Is there visible evidence of management demonstrating by example?













3.2.1b

Safety Accountabilities

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

Has the organization:

S1. Identified the AE who has ultimate responsibility and accountability for the implementation and maintenance of the SMS?



Y







GCOM 2.1.2

S2. Established defined lines of safety accountability throughout the organization, including a direct accountability for safety on the part of senior management?

Y







GCOM 1.2 and 2.1.2

S3. Identified the accountabilities of all members of the organization with respect to the safety performance of the SMS?

Y







GCOM 1.2 and 2.1.2




S4. Documented safety responsibilities, accountabilities and authorities and communicated these throughout the organization?

Y







GCOM 1.2 and 2.1.2




S5. Defined the levels of management with authority to make decisions regarding safety risk tolerability?

Y







GCOM 2.1.2




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Do the AE’s terms of reference indicate his/her ultimate responsibility for the SMS?

Y







GCOM 2.1.2




A2. Are there clear lines of safety accountabilities throughout the organisation?

Y







GCOM 1.2 and 2.1.2




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Are the resources available to manage risks effectively?
















E2. Does everyone know their role in the SMS and participate accordingly?













3.2.1c

Appointment of Key Safety Personnel

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1.Does the SMS documentation include an appointment of a safety manager?

Y







GCOM 2.1.3.1




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Is the safety manager properly trained?

Y







GCOM 2.1.3.1




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Are the results of safety management activities formally recorded and analysed?













3.2.1d

Coordination of ERP

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1.Does the SMS documentation include an ERP that is properly coordinated with the emergency response plans of those organizations it must interface with during the provision of its services?


Y







GCOM 2.1.4




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Is the ERP regularly tested, updated and addresses all possible or likely emergency/ crisis scenarios including coordination with other organisations as appropriate?

Y







GCOM 2.1.4 and 5.3




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Is there a procedure appropriate to the size, nature and complexity of the organization with periodic review of the ERP to ensure its continuing relevance and effectiveness?

Y







GCOM 2.1.4 and 5.3.1

3.2.1e

SMS Documentation




SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)




S1. Does the SMS documentation include an SMS implementation plan, formally endorsed by the organization, which defines the organization’s approach to the management of safety in a manner that meets the organization’s safety objectives? (Stage 1 only);

Y







Referenced in GCOM 2.1.5




S2. Does the organization’s SMS documentation describe:

i. Safety policy and objectives;



Y







GCOM Chapter 2




ii. SMS requirements?

Y







GCOM Chapter 2




iii. SMS processes and procedures;

Y







GCOM Chapter 2




iv. Accountabilities, responsibilities and authorities for processes and procedures; and

Y







GCOM Chapter 2 and 1.2




v. SMS outputs?

Y







GCOM Chapter 2




S3. Does the organization have an SMS manual? (may be part of the operations manual)

Y







GCOM Chapter 2




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Is the SMS documentation readily available to ALL personnel?

Y







GCOM page iii




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Is there evidence that the SMS documentation is regularly reviewed and updated?
















E2. Does the documentation provide evidence that safety objectives are being met?














3.2.2

Safety Risk Management

3.2.2a

Hazard Identification

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Is there a formal process to ensure hazards are identified?
Note: A safety-risk profile (SRP) or similar document is the foundation for the SMS and is updated periodically. See “SMS Guidance Manual” Section 9.2, in the SMS Toolkit.


Y







GCOM 2.3.1




S2. Is the hazard identification process based on a combination of reactive, proactive and predictive methods of safety data collection?

Y







GCOM 2.3.1




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Is there a reporting system to capture errors, hazards and near misses that is simple to use and accessible to all personnel?

Y







GCOM 2.3.1.2




A2. Is there a procedure to review hazards/risks from external reports?

Y







GCOM 2.3.1.4




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Are hazards, errors, near misses, and audit findings being identified and reported throughout the organization?
















E2. Are employees confident they can report apparent safety deficiencies without retribution?
















E3. Are both internal and external information used to update the safety risk profile?
















E4. Is there a procedure for periodic review of existing risk analysis records?













3.2.2b

Risk Assessment and Mitigation

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Is there a formal process to manage safety risks that includes:



i. Analysis?

Y







GCOM 2.3.2




ii. Assessment?

Y







GCOM 2.3.2




iii. Control?

Y







GCOM 2.3.2




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Does the AE and management team have visibility of medium and high risks and their controls?

















A2. Do training programs highlight safety critical issues identified in the safety risk profile?
















A3. Does the Ops Manual contain mitigation described in the safety risk profile?
















EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Does the organisation use its risk management results to develop best practices?
















E2. Is the information indicating the need to change respected, valued, validated, and used?
















E3. Is there consistent feedback to encourage the future participation of managers and employees?
















E4. Is the Operations Manual consistently employed by operational managers and staff?
















E5. Does mitigation take into account Human Factors and Organizational Factors?













3.2.3

Safety Assurance

3.2.3a

Safety Performance Monitoring and Measurement

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Is there a process and/or procedure to validate the effectiveness of the safety risk controls?

Y







GCOM 2.4.1




S2. Has the organization established safety performance indicators (SPI’s) and targets?
Note: For examples of SPIs & Targets, see Measuring Safety Performance and Stage 3 SPIs

Y







GCOM 2.4.1 and 2.2.5




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Has the organisation developed a series of safety performance indicators that are appropriate to the type of operation?










GCOM 2.2.5




A2. Are safety indicators and targets specific, measurable, agreed to, relevant and time-based?










GCOM 2.4.1 and 2.2.5




A3. Is the information from occurrences analyzed and where appropriate, used to upgrade policies and procedures?
















A4. Are priorities regularly reviewed, reassessed and, if required, reassigned to address safety issues?


















EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Are safety targets being achieved?
















E2. Is there a means to measure and monitor trends and take appropriate action when necessary?
















E3. Have the controls for the safety risks been evaluated?
















E4. Are the results from internal audits used to measure safety performance?













3.2.3b

Management of Change

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Does the organization have a process to identify changes which may affect the level of safety risks associated with its operation and to identify and manage the safety risks that may arise from those changes?

Y







GCOM 2.4.2




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Are stakeholders involved in the change management process?

Y







GCOM 2.4.2




A2. Are there procedures for managing the revisions of documents, manuals, and checklists?

Y







GCOM 2.4.2




A3. Are changes to critical documents communicated throughout the organization?

Y







GCOM 2.4.2




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Does the organisation use the SMS to proactively assess all major changes to the organisation and its operations such as new aircraft, hangars or personnel?
















E2. Do staff members always use up-to-date documents, manuals, checklists, and/or procedures?













3.2.3c

Continuous Improvement

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Is there a process or procedure to ensure continuous improvement of the SMS?

Y







GCOM 2.4.3




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Is there an internal audit/ assessment process and a follow-up procedure to address audit findings?



Y







GCOM 2.4.3




EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Is there evidence of improvements to policies, procedures, and/or processes based on internal audit findings?













3.2.4

Safety Promotion

3.2.4.a

Training and Education

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

S1. Has the organization developed and maintained safety training programmes that ensure that personnel are competent to perform their SMS duties?

Y







GCOM 2.5.2




S2. Is the scope of the safety training appropriate to each individual’s involvement in the SMS?

Y







GCOM 2.5.2




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Does training include human and organisational factors with the intent of reducing human error?
















A2. Does technical training (i.e. pilot, maintenance, dispatch/ scheduling, etc.) reinforce SMS principles (i.e. human factors, organizational factors, risk assessments, risk management, etc.)?
















EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Is there evidence that all personnel involved in SMS operations have undergone appropriate SMS training?
















E2. Are executives, managers, and staff capable of performing their roles to proactively manage safety?













3.2.4b

Safety Communication

SOUND (Documented, Trained, Foundation in Place to Effectively Manage Risks)

Has the organization developed and maintained a formal means of safety communication that:

S1. Ensures personnel are aware of the SMS to a degree commensurate with their positions?



Y







GCOM 2.5.1




S2. Conveys safety-critical information?

Y







GCOM 2.5.1




S3. Explains why particular safety actions are taken?

Y







GCOM 2.5.1




S4. Explains why safety procedures are introduced or changed?


Y







GCOM 2.5.1




APPROPRIATE (Properly Targeted, Well-Designed to Effectively Manage Risks)




A1. Are significant events and investigation outcomes from internal and external sources communicated to all personnel?
















EFFECTIVE (Measured, Desired Results Being Achieved, Risks are Effectively Managed)




E1. Is there evidence that all personnel are aware of the SMS, safety critical information, and their role in respect of aviation safety?













3.3

Compliance Monitoring

3.3.1

Has the operator established and maintained a system for identifying applicable regulations, standards, approvals, exemptions and demonstrated compliance with them?

(See IG for methods to ensure compliance)



Y







GCOM 2.4.4

3.4

Flight Data Analysis













3.4.1

Has the organization established a flight data analysis programme (Recommended Practice)




N







Comments, Observations, and Recommendations







Analysis of Non-Conformities/Findings







Download 0.82 Mb.

Share with your friends:
  1   2   3   4   5   6   7   8   9




The database is protected by copyright ©ininet.org 2024
send message

    Main page