Safety Assurance Processes
Hazard and Risk Assessment / Risk Management
Applicable for:
Airports, Aerodromes & Heliports, Fixed & Rotary Wing Operations, Manufacturing, AMOs.
There are a number of processes that may be employed to meet the requirement for Risk Management as an element of the SMS. The CARs definition for SMS is:
"A systematic, explicit, comprehensive and proactive process for managing safety risks that integrates operational and technical systems with financial and human resource management to achieve safe operations and compliance with Canadian Aviation Regulations."
Safety is about the management of risk and keeping it within an acceptable limit, which naturally leads to the problem of deciding what is acceptable? A Certificate Holder must address the management of risk in a structured and positive manner. To achieve this, safety must also be managed based on the widely accepted understanding of the following definitions:
- A Hazard is defined as a physical situation, often following from some initiating event that can lead to an incident or accident;
- Risk is defined as a combination of the probability or frequency of occurrence of a defined hazard and the magnitude of the consequences of the occurrence;
- Safety is also: “Freedom from unacceptable risk of harm” (IEC 1508 and IEC/ISO Guide 2).
The Hazard and Risk Assessment process takes into consideration but is not limited to the following:
- Hazard Identification;
- Hazard Analysis (severity and probability);
- Risk Tolerability;
- Risk Management;
- Establishing and Maintaining the Acceptable Level of Safety.
(Note: In addition to the above, Risk is also frequently defined as the combination of the probability of an event and its consequences. Risk Management therefore, involves the coordinated and economical application of resources to minimize, monitor, and control the probability of an incident/accident.)
Aerodrome / Airport Security Risk Assessment (ASRA)
Applicable for:
Airports, Aerodromes & Heliports.
The purpose of an Airport Security Risk Assessment (ASRA) is to identify the conceivable and real threat scenarios relevant to vulnerable operational requirements. An ASRA, in conjunction with other operational systems and programmes, is mandatory for Class 1 Aerodromes/Airports and is considered a 'best practice' for Class 2 & 3 operations.
The ASRA provides the Airport Operator and the Regulator with a comprehensive analysis derived from the various threats endemic within an aerodrome`s operation, supporting procedures and infrastructure. Furthermore, an ASRA not only provides for a higher level of due diligence, but also ensures greater ‘duty of care’ in safeguarding the general public and airport staff.
An ASRA is ultimately symbiotic of the Airport Manual (AM) and the Aerodrome/Airport Master Plan (AMP), being primary control documents detailing the physical, technical and operational measures employed at an aerodrome/airport. QualaTech is also cognisant that control documents may not be consistent with international best practice relating to operational and security risk issues. The ASRA constitutes a purpose design report, which includes a dedicated Security Risk Assessment, highlighting credible threats and vulnerabilities, which assesses the security risks for aerodrome management to monitor and control identified risk mitigation activities.
The ASRA provides recommendation for Security enhancement while explaining the logic and reasoning for change in clear and precise language. Consequently, Security enhancement is recommended where needed as a direct result of recognized vulnerabilities and/or identified non-conformances. All recognized Security recommendations are identified in the ASRA Report and correlated to the Security Risk Assessment. Although not the primary function of the ASRA, budget considerations for various continuing security project/programmes are nevertheless equally important for any security upgrade to be deliberated and/or implemented and are identified accordingly.
The ASRA also contains an ‘Implementation Plan’, which divides the Security recommendations into various phases, i.e. immediate and/or temporary, long-term and /or permanent enhancements, etc.
Given the potential implication security risk has on tourism, safety, national security, trade & commerce and investment, to name but a few, it is vital to identify the numerous kinds of threats, and the ways in which each could materialise if left unchecked.
The dedicated Security Risk Analysis gives a precise identification of Threat (Hazard) with associated ‘Risk(s)’ to persons/property under an estimated numerical ‘Severity’ and ‘Probability’ value, which allows threats and risks to be categorised and prioritised. The second part of the Risk Assessment introduces ‘Mitigation Controls’ for each identified Risk and re-calculates the correspondingly adjusted ‘Severity’ and ‘Probability’ score. Thus the ASRA provides the bases for the identification of specific real and perceived threat scenarios, where potential vulnerabilities could have real consequence.
QualaTech provides three direct ASRA Services, comprising of:
1. Initial ASRA – comprehensive preliminary assessment.
2. Update ASRA – annual review of existing ASRA.
3. Recurrent – Similar to Initial ASRA but performed every five years (lustrum).