Considerations Related to Hazard Identification and Risk Management within an EASA Part 145 Organisation

Posted by on in Regulatory
  • Font size: Larger Smaller
  • Hits: 85

 Sofema Online www.sofemaonline.com looks at the essential elements of a functioning EASA Part 145 Organisation

Risk management

Risk Management is primarily comprised of two elements.

>> Hazard identification

>> Risk Assessment (and mitigation)

The objective of Risk Management is to identify hazards in maintenance operations, assess the associated risks, and mitigate unacceptable risks that compromise safe maintenance operations.

Risk Management also aims to achieve a balanced allocation of resources to address risks, and apply viable risk controls and mitigation measures.

Nominated Persons within the organization and other delegated management personnel are accountable for identifying hazards, analyzing and eliminating (or mitigating) risks to operations following the  Risk Assessment Procedure

To discharge this accountability, “Risk Assessors” are appointed to conduct a risk assessment(s).

>> All safety risk assessments are conducted a Safety Risk Assessment Form

>> Notification protocols about assigned risks are in line with established organizational structure and lines of reporting as appropriate.

Hazard identification

Definition

>> A hazard is defined as a condition or an object with the potential to cause injuries to personnel, damage to equipment or structures, loss of material, or reduction of ability to perform a prescribed function.

Note – Hazards are not necessarily damaging components of a system. It is only when hazards interface with the operations of the system aimed at service delivery that their damaging potential may become a safety concern.

Subsequently, a consequence is defined as the potential outcome (or outcomes) of a hazard.

Hazards can be grouped into two generic families.

>> Natural Hazards: are consequences of the habitat or environment within which operations related to the provision of services take place.

>> Technical hazards: are results of energy sources (electricity, fuel, hydraulic pressure, pneumatic pressure and so on) or safety-critical functions (potential for hardware failures, software glitches, warnings and so on) necessary for operations related to the delivery of services.

>> Examples of technical hazards include deficiencies regarding: aircraft and aircraft components, systems, subsystems and related equipment;

>> Organization’s facilities, tools and related equipment; and/or facilities, systems, subsystems and related equipment that are external to the organization.

Hazard identification

Hazard Identification is the first element in the risk management process.

>> Hazards may be identified in the aftermath of actual safety events (accidents or incidents), or they may be identified through proactive and predictive processes aimed at identifying hazards before they precipitate safety events.

>> Hazard identification typically includes a combination of reactive and proactive methods of hazard identification from internal or external sources.

>> There are a variety of sources of hazard identification. Some sources are internal to the organization while other sources are external to the organization.

The internal sources of hazard identification include:

>> Occurrence Reporting System considers analysis of safety reports which signify on potential hazard.

>> Safety reviews;

>> Safety studies;

>> Audits and inspections;

>> Safety surveys;

>> Internal safety investigations

Other sources of hazard data may be internal and external surveys, committees (including safety committees) (internal and external) etc.

Hazard identification is a continuous activity and forms an integral part of the organizational safety related processes.

>> All safety information gathered through internal and external sources are the subject of safety data analyses to identify existing hazards, and predict future hazards, to aircraft maintenance operations.

>> Hazard identification and reporting is responsibility of each staff member.

Hazard analysis

Note – Hazard identification is a wasted exercise unless safety information is extracted from the data collected.

The first step in developing safety information is hazard analysis. Hazard analysis is, in essence, a three-step process:

  • First step. Identify the generic hazard. Generic hazard is used as a term that intends to provide focus and perspective on a safety issue, while also helping to simplify the tracking and classification of many individual hazards flowing from the generic hazard.
  • Second step. Break down the generic hazard into specific hazards or components of the generic hazard. Each specific hazard will likely have a different and unique set of causal factors, thus making each specific hazard different and unique in nature.
  • Third step. Link specific hazards to potentially specific consequences, i.e., specific events or outcomes.

Risk assessment (and mitigation) process

Safety System nominated persons are responsible for identifying, analyzing, mitigating and approving hazards and risk in accordance with this risk assessment process

>> The risk assessment aims at the identification, analysis and elimination and/or mitigation of hazards and risks which threaten the capabilities of the organization. It also aims at balanced allocation of resources to address all risks, and viable application of risk control and mitigation measures.

>> Safety risk management is a generic term that encompasses the assessment and mitigation of the safety risks of the consequences of hazards that threaten the capabilities of an organization, to acceptable level of safety (ALOS).

>> The objective of safety risk management is to provide the foundation for a balanced allocation of resources between all assessed safety risks and those safety risks control and mitigation of which are viable.

 >> Safety risk management is therefore a key component of the safety management process. Safety risks assessed as initially falling in the intolerable region are unacceptable under any circumstances.

>> The probability and/ or severity of the consequences of the hazards are of such a magnitude, and the damaging potential of the hazard poses such a threat to the viability of the organization, that immediate mitigation action is required.

Generally speaking, two alternatives are available to the organization to bring the safety risks to the tolerable or acceptable regions:

1/ Allocate resources to reduce the exposure to, and/ or the magnitude of, the damaging potential of the consequences of the hazards; or

2/ If mitigation is not possible, cancel the operation.

Identify Risks

Identified hazards will be passed to “Risk Assessors” to determine the level of risk using the risk management framework.

  • Throughout the risk assessment process all “Risk Assessors” must use their operational knowledge & experience and apply their training, professional expertise and judgment.
  • They should actively engage to communicate and discuss the operation concerned with stakeholders and others who have knowledge of the particular or similar operations to support the decision-making process.
  • The level of risk of each hazard is obtained by determining the likelihood and the severity of the consequence (most credible outcome arising from the hazard).
  • Residual Risk is then determined by considering the effectiveness of existing control measures (if any) and applying the residual risk calculation.

>> Once the residual risk rating has been determined, the “Assessor(s)” (in collaboration with other key stakeholders including “Mitigators”) then identifies any corrective actions necessary with focus on introducing additional controls to further mitigate the risk associated with the identified hazard(s).

>> A “Mitigator” is responsible for ensuring that the actions identified to mitigate risk are implemented to agreed timelines.

>> If there is more than one “Mitigator”, all actions need to be agreed by proxy and accepted by the Assessor before the risk assessment can progress to the approval stage.

>> Once the action(s) are set in place, the “Assessor” formally transfers the action(s) to the “Mitigator” to “accept” or “reject” the proposed corrective actions. The risk assessment cannot be forwarded for approval if all corrective actions are not agreed.

Approving risks

Once the corrective action(s)/ mitigation plan is accepted, the “Assessor” formally transmits the risk assessment to the “Risk Owner” for approval.

>> The risk assessment cannot be forwarded for approval if all mitigation actions are not agreed.

>> The “Risk Owner” may reject the risk assessment and mitigation plan, requiring that adjustments be made if viewed necessary.

>> After granting approval, the “Risk Owner” will be held accountable for the full implementation of the mitigation plan, and closure of risk assessments after all corrective actions are completed.

“Risk Owners” may identify other competent persons who are senior management within their Functional Areas/ Departments to whom they can delegate responsibility and authority to act on their behalf as “Risk Owners”. However, Nominated Person(s) retains accountability for the operation, all identified risks, approval of a risk assessment and the corrective action(s)/ mitigation plan(s).

Controlling risks

>> “Risk Assessors” are responsible for tracking progress of agreed corrective actions(s)/ mitigation plan(s).

>> “Mitigators” are responsible for ensuring that corrective actions/ mitigation plans are completed.

>> If all corrective actions are not completed, the risk assessment cannot be moved to the closed (static) stage.

Note 1: By the “Risk Assessor” actively involving each “Mitigator” early in the process, rejection of the proposed actions should be avoided in most cases.

Note 2: In discharging their accountabilities to identify hazards, analyze and eliminate or mitigate risks to operations, Nominated Persons reserve the right to appoint an individual(s) as both “Assessor(s)” and “Mitigator(s)”.

Approving risks

>> Once the corrective action(s)/ mitigation plan is accepted, the “Assessor” formally transmits the risk assessment to the “Risk Owner” for approval.

>> The risk assessment cannot be forwarded for approval if all mitigation actions are not agreed.

>> The “Risk Owner” may reject the risk assessment and mitigation plan, requiring that adjustments be made if viewed necessary.

>> After granting approval, the “Risk Owner” will be held accountable for the full implementation of the mitigation plan, and closure of risk assessments after all corrective actions are completed.

Note – “Risk Owners” may identify other competent persons who are senior management within their Functional Areas/ Departments to whom they can delegate responsibility and authority to act on their behalf as “Risk Owners”.

Nominated Person(s) retains accountability for the operation, all identified risks, approval of a risk assessment and the corrective action(s)/ mitigation plan(s).

Controlling risks

>> “Risk Assessors” are responsible for tracking progress of agreed corrective actions(s)/ mitigation plan(s).

>> “Mitigators” are responsible for ensuring that corrective actions/ mitigation plans are completed.

Note – If all corrective actions are not completed, the risk assessment cannot be moved to the closed (static) stage.

Closing risks

Once all corrective actions are closed, the assessor can submit the risk assessment to the “Risk Owner” for closure.

>> In circumstances where individuals fulfil the role of both “Assessor” and “Mitigator”, special attention should be placed on seeking the opinion of others who have the relevant knowledge and experience of the same, or similar operations.

 

Follow this link to our Library to find & Download related documents for Free.

Sofema Aviation Services and Sofema Online provide multiple courses covering Safety Management System activities across multiple domains – please see the websites of contact [email protected]

 

Last modified on