Approval and Management of Aviation Residual SMS Risk
- Hits: 186
Sofema Online (SOL) www.sofemaonline.com considers the challenges and best practices available to manage SMS Residual Risk
Introduction
Residual risk refers to the remaining exposure after all feasible mitigations and controls have been applied. Managing it effectively ensures that the risk is acceptable to the organization and remains within tolerable safety performance limits.
By establishing clear risk acceptance criteria, fostering accountability, and continuously monitoring risks through Safety Assurance processes, organizations can ensure residual risks remain within acceptable limits.
• Overcoming challenges like subjectivity, complacency, and resource constraints is essential to maintaining safety performance while balancing operational needs.
• The process of approving and managing residual risk in an Aviation Safety Management System (SMS) involves recognizing that not all risks can be eliminated.
Challenges in Managing Residual Risk
• Lack of Defined Risk Tolerance:
>> Without clear organizational criteria for acceptable residual risk, decision-makers may struggle to approve or reject risks.
• Subjectivity in Risk Assessments:
>> Residual risk assessments often rely on subjective interpretations of likelihood and severity. This can lead to inconsistencies.
• Limited Resources for Monitoring:
>> Inadequate staff or tools to continuously monitor and validate residual risks may cause overlooked exposures.
• Complacency Over Time:
>> Risks accepted as “residual” may no longer receive active attention, leading to a false sense of security.
• Balancing Cost vs. Safety:
>> High mitigation costs may force organizations to accept higher residual risks, particularly under financial constraints.
• Integration Across Departments:
>> Residual risks in one area (e.g., maintenance) can affect other departments (e.g., operations).
Best Practices for Approval and Management of Residual Risk
General
• Use cross-departmental risk reviews to assess the broader impact of residual risks.
• Use a Cost-Benefit Analysis to justify resource allocation for high-impact risks.
• Regularly reassess residual risks during scheduled safety reviews or when operational conditions change.
• Allocate dedicated resources for ongoing safety assurance and residual risk monitoring.
• Use standardized tools like the 5x5 Risk Matrix and expert consensus to enhance objectivity.
Establish Clear Risk Acceptance Criteria
• Define acceptable levels of risk in alignment with regulatory guidelines (e.g., ICAO, EASA) and organizational safety objectives.
• Use a Risk Matrix to determine tolerable risk levels based on severity and likelihood.
>> Green (Low Risk): Acceptable with periodic review.
>> Yellow (Medium Risk): Acceptable with monitoring and additional controls.
>> Red (High Risk): Unacceptable, requiring immediate mitigation.
• Document the organization's Risk Acceptance Policy to provide clear guidance for leadership and staff.
Risk Ownership and Accountability
• Assign risk ownership to the relevant business area owner, who is responsible for approving and managing residual risks.
• Ensure the Accountable Manager (AM) or safety team evaluates and approves all significant residual risks.
• Use a formal approval process to document residual risk decisions, including:
>> Description of the hazard and controls applied.
>> Justification for accepting the residual risk.
>> Approval sign-off by senior management.
Implement Systematic Risk Monitoring
• Continuously monitor residual risks to ensure they remain within tolerable levels.
• Establish Safety Performance Indicators (SPIs) and Safety Performance Targets (SPTs) to measure and track residual risk over time.
• Use tools such as:
>> Risk Registers to document and monitor hazards, controls, and residual risk.
>> Event Risk Classification (ERC) to reassess and validate risk levels periodically.
Example: If ground operations have residual risks due to high workload, SPIs could include:
• Number of ground safety incidents per month.
• Staff workload hours exceeding defined thresholds.
Continuous Improvement through Safety Assurance
• Use Safety Assurance processes to validate that residual risk remains stable or decreases over time.
• Perform regular safety audits and risk reviews to identify changes in risk exposure.
• Apply Change Management processes to reassess residual risks during operational changes (e.g., new equipment, processes, or personnel).
• Implement feedback loops where lessons learned from audits or incidents inform future risk assessments and mitigation strategies.
Next Steps
Sofema Aviation Services and Sofema Online provide classroom, webinar and online training – see the following example course: SMS Hazard Identification & Risk Assessment. For comments & questions please email [email protected].