ASSI approvals granted to an aviation Service Provider require regulatory oversight. A key component of this oversight is auditing.
Compliance based auditing measure the Service Provider in terms of findings raised against the AN(OT)O, OTARs and the Service Provider’s own Policies and Procedures (Manuals). There is an expectation that in order to retain an approval findings raised are addressed and the root cause of the finding is identified with actions taken to prevent a re-occurrence in a timely manner. When responding to a finding the Service Provider should submit evidence to corroborate the subsequent actions taken in both the closure of the finding and the prevention of a re-occurrence.
Performance Based Oversight (PBO) auditing focuses on safety performance and risks in relation to a Service Provider’s actual operation. Dependent on this the frequency and focus of regulatory oversight will vary. It may not always mean less oversight. A key element is having up-to-date knowledge of the management of safety performance and operation of individual Service Providers to identify poor performers and/or increasing risks.
Flexing the level of oversight based on safety performance and risks requires our people to work in a joined-up way across our multidiscipline team.
To develop a picture of the safety performance and risk, data needs to be collected from a number of sources. Auditors will need to assess all data based on the Service Provider’s Safety Management System (SMS) along with the auditor’s confidence level in this system, audit findings, response to findings, reaction and follow up to incidents, any regulatory enforcement action and operational data.
For example, the following indicate poor performance:
- ASSI level 1 findings, and/or numerous level 2 findings.
- Repeat findings/findings not closed within original target date.
- Auditor judgement is low/very low confidence levels in safety management.
- Significant reduction in safety performance since last audit.
- Ineffective management systems.
- Significant enforcement action/taken place.
- Poor reaction and follow up to incidents.
The following indicate good performance:
- Few ASSI findings/observations.
- Findings closed within original agreed target date.
- Auditor judgement is high confidence levels in safety management.
- Stable/improving safety performance.
- Effective management systems.
- Good reaction and follow up actions to incidents.
- Just culture evident.
The baseline for oversight is 12 months for most Service Providers. Based on our assessment this periodicity may be flexed ensuring sufficient, but proportionate oversight is planned.