Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Updated Regulatory
Environment
John Clark & Jon Round
Safety Programme Managers
Performance Based Regulation
19 May 2015
Performance Based Regulation
As the Industry Continues to Evolve…
How do we Continue to Provide Safety Assurance?
1945 2014
Marginal rate of improvement has levelled over time
Significant reducing trend in incidents and events over past
50+ years driven by the expansion of prescriptive rule-
based regulation But further
improvements
require a new
approach
Rate of Safety Incidents
The long term decline in safety incidents and events in
the UK since 1945, which was driven by the expansion
of compliance-based regulation, has levelled out.
Generating further improvements requires a Risk and
Performance based approach.
Short term trend is not
stable
Our current system has worked very well
These are the key drivers for our change in approach
Transforming the CAA to a performance based regulator
The operating environment
The regulatory framework
The need to maximise opportunities from Industry’s SMS
Delivery of the better regulation agenda
The Delta in Safety Risk Assurance
• Prescriptive rules can effectively address safety risks if:
– The Regulator knows about the risk
– The Regulator is convinced of the need to address the risk
– The Regulator knows a solution for the risk
– The Regulator has adopted a proposed solution to the risk
– The Regulator has revised/updated the prescriptive rule to reflect any changes in safety risk
– The Regulator has applied the rule only in a targeted manner to entities faced with such risks
– The Regulator takes into account the impact which the prescriptive rule has on the entities being regulated
– The Regulator understands the impact which the proposed mitigation has on the total system
– Industry complies with the prescriptive rule targeted to address the risk
– The Regulator enforces compliance with the prescriptive rule
The Delta in Safety Risk Assurance
• But in reality:
- Entities experience very different
levels and types of risks
- Compliance with prescriptive rules
enables many areas of key risk to be
addressed, but not all areas
- There will always be a gap or delta in the actual risks encountered by an entity and those risks which are effectively addressed by prescriptive rules.
- Something is needed to contextualise the prescriptive rules, ensuring that the mitigation is proportionate and targeted to effectively address specific risks
PERFORMANCE BASED REGULATION
• A holistic, “entity”* based approach, in the context of unique sectors
within the total system
• Targeted, consistent, and proportionate oversight commensurate with
the actual risks
• New conversations based on risk and performance between the
regulator and stakeholders as well as amongst stakeholders
Transforming the CAA to a performance based regulator *Entity – a single approval, or group of approvals that can be overseen better in an integrated manner
Our Vision
To transform the CAA into a Performance Based
Regulator, working with industry to demonstrably
reduce safety risk across the total aviation system
and develop the capabilities required for future
regulators.
Transforming the CAA to a performance based regulator
Page 1 ESP Briefing, December 2013
The European Context
EASA Pivot to Performance Based Regulation The PBR Programme and associated IT deployments are designed to provide the link
between industry SMS and the requirements placed on National Authorities
Co
mp
ete
nt
Au
tho
rit
y
Management System (the driver)
ARA/ARO.200: The competent authority shall establish and maintain a management system, including as a minimum: (1) documented policies and procedures to ... achieve compliance with Regulation (EC) No 216/2008 (2) a sufficient number of personnel to perform its tasks and discharge its responsibilities. Such personnel shall be qualified to perform their allocated tasks and have the necessary knowledge, experience, initial and recurrent training to ensure continuing competence. A system shall be in place to plan the availability of personnel, in order to ensure the proper completion of all tasks
Oversight Programme
ARA/ARO.GEN.305: ….must be developed taking into account the specific nature of the organisation, the complexity of its activities, the results of past certification and/or oversight activities (required by ARO.GEN and ARO.RAMP) and shall be based on the assessment of associated risks.
Ap
pro
ved
O
rg
an
isati
on
Management System
ORx.GEN.200 (a) 3: The identification of aviation safety hazards entailed by the activities of the operator, their evaluation and management of associated risks, including the actions to mitigate the risk and verify the effectiveness
Rules introduced by the European Aviation Safety Agency (EASA) set the
context for the UK’s transformation to Performance Based Regulation.
Page 1
Context
EASA Pivot to Performance Based Regulation
Recognising that Risk and Performance Based Regulation is central to the EASA system, the UK is moving from:
• Solely relying upon prescriptive rules to identify the safety risks and prescribed mitigation towards:
• Exploiting our many sources of safety risks drawn from individual entities, sectors and the total aviation system
• Targeting those areas in the total aviation system that represent actual and emerging major safety risks to UK passengers and the public
• Using prescriptive rules within the context of addressing the actual risks
• EASA Performance Based Environment (1 Aug 2014)
We will be focussed on Total Aviation System Risk in three Dimensions: The ‘Total Risk Picture’ covers both the complete aviation system in terms of the breadth of the aviation system (service providers, regulators, accident investigators), the depth of the system from the individual pilot/engineer/controller up to the system level, and the interfaces between sectors
Total System EASA
System
UK system
Sector
Entity
Individual
Regulatory Change Management
International Civil Aviation
Organisation
Neighbouring States & FABs
Foreign Accident Investigations
Non-UK Airlines in UK
UK Airlines Overseas
UK CAA Risk Capability
General Aviation
Training Organisations
Aircraft Maintainance
Design & Production
Air Navigation Service Providers
Airports
Airlines
Ground/Non CAA Regulated
Military
Crown Dependencies Overseas Territories
UK Citizen
CAA Oversight
Breadth Depth
Primary components of Performance Based Regulation
PBR ENGAGEMENT
Transforming the CAA to a performance based regulator
•ICAO •European Commision •EASA •Neighbouring NAAs •PBRIG •Opportunities within industry
Transforming the CAA to a performance based regulator Feedback (Sharing knowledge and lessons learnt – Internally & Externally)
INTELLIGENCE RISK OUTCOME ACTION CHECK FEEDBACK
CAA view
Our Actions
Entity
Actions
Entity
view
Risk List
(current
& future)
Agreed
Desired
Outcomes
Identify
Options for
Action (cost/benefit)
Compliance
and
Performance
Proactive
Leading
Indicators
Assessment
Actions
Delivered &
Measured
Total System
Actions
Data
Intelligence
Rules
Risks/Issues: • What CAA knows
• What others know
Planned changes
Incidents &
Accidents
Performance Based Oversight – Core Regulatory Decision Making
CAA Risk List
Performance
Comparison
CAA
Governance of
Safety
International
influence
Unregulated
Sectors
Linear Model
OVERSIGHT (Visits, Desk etc)
Performance Based Oversight Phases
Milestone 2
Prep phase
Milestone 3
CAA Internal review meeting
Milestone 5
Check & Feedback
Milestone 4
Accountable Manager meeting
Milestone 1
Entity set-up
OVERSIGHT
(visits, desktop, phone etc)
Transforming the CAA to a performance based regulator
From Internal Review Meeting to Accountable Manager Meeting
Collaborative Internal Review Meeting
Prepares the Oversight Manager
Effective Accountable Manager Meeting
Transforming the CAA to a performance based regulator
Q-Pulse
• Standard audit and event planning tool
• Standard findings and observations tracking tool
• Powerful Management information
• Implemented across all major capabilities
Output - The Triangle
Red
Amber
Approval status Green
29
23
17
13
8
37 Complexity
Matrix Rating
Annual audit 4 days (FOI, IO, GS & CS) Check R x 2 (FOI +CSI) Check T 1 per fleet (FOI) Check F 1 per fleet (FOI) Check M 2 days (FOI/IO) Check C x 2 (CSI) SAG >4 (FOI/IO) Cabin safety SAG x2
Annual audit 4 days (FOI, IO, GS & CS) Check T 1 per fleet (FOI) Check F, min 2 (FOI) Check M 1 day (FOI/IO) Check C x 2 (CSI) SAG x 2 (FOI/IO) Cabin safety SAG x2
Annual audit 3 days (FOI & IO) Check T & F, 1 day each (FOI) Check M 1 day (FOI/IO) SAG x 1 (FOI/IO)
Annual audit 2 days (FOI & IO) Check T & F, 1 day each (FOI) Check M 1 day (FOI/IO) SAG x 1 (FOI/IO)
Annual audit 2 days (FOI & IO) Check T & F, 1 day each (FOI) Check M ½ day (FOI/IO) SAG x 1 (FOI/IO)
1 day audit per 24 months. (IO) 1 flight check per 24 months (FOI) ½ day desktop (IO)
“Continual oversight” Monthly meetings FOI’s x 3 AA = desktop
Safety Risks
Multiple Privileges can be itemised 2
Contains Safety Actions on same form 1
Risk Assessment Guide
Flexing Oversight parameters
• Vary oversight period (allowable by EASA in some areas)
• Vary days per entity to achieve oversight (already achieved with complexity principles)
• Target specific risks with specific checks (Timing, already done today , what will be different will be a better record of the decision making)
Q
pulse
EPT in
CRM
= PBO
The PBO equation
(Baseline oversight + Risk)
(The ability to vary oversight according to performance)
Transforming the CAA to a performance based regulator
Human Factors
• Initial change resistance in CAA, specifically looking outside technical specialist area
• Risk is not a precise or binary thing. We now require a more sophisticated use of judgement
• Natural resistance to see risks in own area unless observed by others:
• Thus the need for an independent facilitator in risk conversation
• The desire for a precise rating of the risk as opposed to doing something practical about it
Transforming the CAA to a performance based regulator
Questions?