Risk Management Riskhantering i flygföretag Nytt krav inom ledningssystemet ORO.GEN.200(a)(3) med vidhängande AMC1 ORO.GEN.200(a)(1);(2);(3);(5) Magnus Molitor Transportstyrelsen 1
Riskhantering i sitt sammanhang Källa: http://www.faa.gov/about/office_org/headquarters_offices/avs/offices/afs/afs900/sms/media/newsletter/sms_qr_guide.pdf 2
Risk management - förenklat Ni ska ha ett sätt att Hitta faror i er egen verksamhet Bedöma risker (konsekvens och sannolikhet) Sortera dessa risker (från högre till lägre) Vidta åtgärder (enligt er sortering ovan) Kolla att åtgärderna är ändamålsenliga Och allt ska vara dokumenterat! 3
Vad säger regeln? 4
En liten underparagraf i ORO.GEN.200(a) ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 5
1. Hitta farorna ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 6
1. som verksamheten medför ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 7
2. utvärdera farorna ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 8
3. hantera riskerna ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 9
4. vidta åtgärder för att förhindra riskerna ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 10
5. och utvärdera effekten av dessa åtgärder. ORO.GEN.200 Management system (a) The operator shall establish, implement and maintain a management system that includes: (3) the identification of aviation safety hazards entailed by the activities of the operator, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness; 11
Riskhantering Risk Management Källa: ICAO Safety Management Manual 12
Vad säger AMC och GM? Sätten att uppfylla regeln 13
Vägledning, någon? AMC1 ORO.GEN.200(a)(1);(2);(3);(5) Management system NON-COMPLEX OPERATORS - GENERAL (a) Safety risk management may be performed using hazard checklists or similar risk management tools or processes, which are integrated into the activities of the operator. 14
Men detta krävs uttryckligen även för de små AMC1 ORO.GEN.200(a)(1);(2);(3);(5) Management system NON-COMPLEX OPERATORS - GENERAL (b) The operator should manage safety risks related to a change. The management of change should be a documented process to identify external and internal change that may have an adverse effect on safety. It should make use of the operator s existing hazard identification, risk assessment and mitigation processes. 15
Vägledning, för större företag? COMPLEX OPERATORS - SAFETY RISK MANAGEMENT (a) Hazard identification processes (1) Reactive and proactive schemes for hazard identification should be the formal means of collecting, recording, analysing, acting on and generating feedback about hazards and the associated risks that affect the safety of the operational activities of the operator. (2) All reporting systems, including confidential reporting schemes, should include an effective feedback process. 16
Vägledning, för större företag? COMPLEX OPERATORS - SAFETY RISK MANAGEMENT (b) Risk assessment and mitigation processes (1) A formal risk management process should be developed and maintained that ensures analysis (in terms of likelihood and severity of occurrence), assessment (in terms of tolerability) and control (in terms of mitigation) of risks to an acceptable level. 17
Riskhantering Risk Management Källa: ICAO Safety Management Manual 18
Riskmatris: sannolikhet och konsekvens 19
Vägledning, för större företag? COMPLEX OPERATORS - SAFETY RISK MANAGEMENT (b) Risk assessment and mitigation processes (2) The levels of management who have the authority to make decisions regarding the tolerability of safety risks, in accordance with (b)(1), should be specified. Vem tar beslut för högre risker? 20
Riskmatris: vem tar beslut? 21
Riskhantering Risk Management Källa: ICAO Safety Management Manual 22
Vägledning, för större företag? COMPLEX OPERATORS - SAFETY RISK MANAGEMENT (e) The management of change The operator should manage safety risks related to a change. The management of change should be a documented process to identify external and internal change that may have an adverse effect on safety. It should make use of the operator s existing hazard identification, risk assessment and mitigation processes. 23
Risk management en gång till Ni ska ha ett sätt att Hitta faror i er egen verksamhet Bedöma risker (konsekvens och sannolikhet) Sortera risker (från högre till lägre) Vidta åtgärder (enligt er sortering ovan) Kolla att åtgärderna är ändamålsenliga Och det ska vara dokumenterat! Dvs. ni ska ha ett lärande system för er egen skull. Dessutom för att visa myndigheten. Vad blir utfallet om det inträffar? Hur ofta brukar det hända? Fick ni ut någon effekt? Brainstorming? Hazard checklists? Störst risk först! Vem bestämmer vad som är acceptabelt? Följ upp att det sker 24
Några referenser EASA:s hemsida om SMS http://www.easa.europa.eu/sms/ Innehåller även EASp European Aviation Safety Plan 2013-2016 med identifierade faror och åtgärder Skybrary har info om internationellt samarbete http://www.skybrary.aero/index.php/safety_management_intern ational_collaboration_group_(sm_icg) ECAST inom ESSI European Strategic Safety Initiative http://www.easa.europa.eu/essi/ecast/ 25
Tack för mig! Frågor? Magnus Molitor Transportstyrelsen 26