Risk-based Oversight

Definitions

Risk-based Oversight (RBO): A way of performing oversight, where:

  • planning is driven by the combination of risk profile and safety performance; and
  • execution focuses on the management of risk, in addition to ensuring compliance.

Risk Profile: The elements of risk that are inherent to the nature and the operations of the regulated entity, this includes:

  • the specific nature of the organization/operator;
  • the complexity of its activities;

the risks stemming from the activities carried out.

Safety Performance: The demonstration of how effectively can a regulated entity (e.g. operator) mitigate its risks, substantiated through the proven ability to:

  • comply with the applicable requirements;
  • implement and maintain effective safety management;
  • identify and manage safety risks;
  • achieve and maintain safe operations;

the results of past certification and/or oversight also need to be taken into account.

Performance-based Oversight

EASA explains the relationship between Performance-based Oversight (PBO) and Risk-based Oversight (RBO) as:

The concept of "performance" conveys the idea of tangibly measuring the health of the system under scrutiny and ultimately assessing its overall performance. Performance indicators, as a means to measure, may specifically help to either identify risks within that system or measure safety risks or monitoring actions mitigating these risks. This means that a PBO can also support the identification of areas of greater risk and serve the risk assessment and mitigation exercise. This is where PBO meets RBO. [1]

Discussion

The implementation of Safety Management Systems signals a shift from reactive and compliance based oversight to a new model that includes proactive and performance-based tools and methods.

Recognising that compliance alone cannot assure safe operations, and that effective and affordable regulatory oversight needs to be targeted, most regulators have altered the relationship between the operators and the Competent Authorities to ensure that greater oversight is applied to those that need it. To achieve this, Inspectors need to be able to assess safety performance and the key factors that influence it. If an Operator's Compliance Monitoring Function demonstrates that regulatory and procedural compliance is being monitored effectively internally then it will attract less external oversight.

A risk-based approach to oversight entails the assessment of the performance influencing factors, organisational changes and other safety performance indicators that make up an operator's risk profile. An operator's risk profile will inevitably be dynamic. The regulator must have a process that acquires and analyses different sources of intelligence that provide insight into the changing risks in an operation such as:

  • reported occurrences;
  • reorganisation and restructuring (e.g new management and reporting structures, new operating bases, new aircraft types, changing working practices);
  • retirement/departure of a key employee (e.g new accountable managersafety manager, or operations director);
  • financial health of the organisation;

Those operators with a high-performing SMS and clear safety leadership will attract less oversight.

Accidents and Incidents

The following events in the SKYbrary database of Accident and Incident reports feature Ineffective Regulatory Oversight as a contributory factor:

On 23 January 2020, a Cessna S550 departed George to conduct a calibration flight under VFR with three persons on board and was about to begin a DME arc at 4,000 feet QNH when control was lost after entering IMC. Recovery from a significant descent which followed was not achieved before the aircraft hit mountainous terrain 1,800 feet below and was destroyed killing all occupants. The Investigation considered that the transition into IMC had probably occurred without preparation and that the inability of the crew to perform a prompt recovery reflected unfavourably on the conduct of the aircraft operator.

On 8 February 2019, a Piper PA46-350P overran the landing runway at Courchevel and collided with a mound of snow which caused significant damage to the aircraft but only one minor injury to a passenger. The Investigation noted that the experience of the Captain was inadequate but the investigation effort was primarily focused on the risk which had resulted from a commercial air transport flight being conducted without complying with the appropriate regulatory requirements for such flights and without either the passengers involved or the State Safety Regulator being aware of this.

On 21 January 2019, a Piper PA46-310P en-route north northwest of Guernsey was reported missing and subsequently confirmed to have broken up in flight during an uncontrolled descent. The Investigation found that neither the pilot nor the aircraft involved were able to be used for commercial passenger flight operations but also found that although the direct cause of loss of control was unproven, it was most likely the consequence of carbon monoxide poisoning originating from an exhaust system leak. The safety implications arising from operation of private flights for commercial passenger transport purposes contrary to regulatory requirements were also highlighted.

On 14 March 2017, control of a Sikorsky S92A positioning in very poor visibility at 200 feet over the sea in accordance with an obstacle-marked FMS ground track in order to refuel at a coastally-located helipad was lost after it collided with late-sighted terrain ahead before crashing into the sea killing all on board. The Investigation attributed the accident to the lack of crew terrain awareness but found a context of inadequate safety management and issues with the operational control and oversight of the operations by the operator, and confusion regarding responsibility for, and the discharge of, aviation oversight of SAR operations in the state.

On 28 November 2020, a Boeing 737-300F taxiing for an early morning departure at Singapore Changi crossed an illuminated red stop bar in daylight and entered the active runway triggering an alert which enabled the controller to instruct the aircraft to immediately exit the runway and allow another aircraft already on approach to land. The Investigation found that the flight was the final one of a sequence of six carried out largely overnight as an extended duty predicated on an augmented crew. The context for the crew error was identified as a poorly managed operator subject to insufficient regulatory oversight.

Related Articles

Further Reading

References

<references>

  1. ^ "Practices for risk-based oversight"; Edition 1, published by EASA 22 November 2016
Category: 

SKYbrary Partners:

Safety knowledge contributed by: