IOSA Workshop

Session 4 – Enhanced IOSA, SMS & ISSA

Topics covered

Enhanced IOSA Background

Enhanced IOSA Process

Safety Management System and IOSA

IATA Standard Safety Assessment (ISSA)

Module objectives

At the end of this module you will be able to:

1.Understand the birth of the E-IOSA

2.Work out the relationship of IOSA with

SMS, and

3.Get an introduction to the ISSA program

Enhanced IOSA

Background

Enhanced IOSA as response to industry’s feedback

Program change to focus on the implementation aspect of

Standards and ensure continuous conformity

Implementation in a transitioned approach by September

2015

Enhanced IOSA applicable to all renewal audits

Enhanced IOSABackground

Enhanced IOSA

ICAO 38th Assembly

endorsed IOSA and its

elements under Enhanced

IOSA for its Global safety

benefits.

Priority

Enhanced IOSA

In June 2013, IATA Board of Governors mandated E-IOSA

for all IOSA Registered Airlines

IATA provides support for airlines in incorporating the

IOSA assessment process into internal QA programs

As of 1 September 2015, all IOSA Registered Airlines

must have fully incorporated Enhanced IOSA for their

renewal audits

Priority

Enhanced IOSAEnhanced IOSA will facilitate the incorporation of four

pillars in airline operations:

Auditing

Standardi-

zation

Reliability

of Airline’s

Quality

Assurance

Functions

Continuous

Conformity

with IOSA

Standards

Focus on

Implement

ation of

IOSA

Standards

The Operator will conduct internal audits against ISARPs

under their quality assurance program during the 24

month period between the two renewal audits

Shortly before the recurrent audit, the operator will

submit a Conformance Report (CR) to the AO, as a

record of internal assessments

The CR is a “live document” that is continually updated

to reflect the current status of conformity of the Operator

Enhanced IOSA Pillars

1. Continuous Conformity

Through the CR, Airline auditors will additionally confirm

implementation

Use of Auditor Actions will support the assessment of

implementation

Mandatory observations will be linked with specific

ISARPs

Enhanced IOSA Elements2. Focus on Implementation

Operator will strengthen its quality assurance through

continuous internal assessments using the ISARPs

AO will validate the CR as part of the assessment of the

operator’s QA program

Use of Auditor Actions will assist in checking implementation

and increase the reliability and standardization of self-

assessments

Enhanced IOSA Elements

3. Reliability of Quality Assurance

Increased level of standardization of airline internal QA

auditing through use of:

Training for all airline internal auditors

Standardized auditing techniques amongst all

operators, including use of Auditor Actions

Objective of continuous conformity with ISARPs

Enhanced IOSA Elements4. Auditing Standardization

Continuous conformity with ISARPs

Improved conformity with ICAO requirements

Increased reliability of QA programs

Improved auditing capabilities

Increased Safety and Quality performance

Enhanced IOSABenefits for Operators

Standardized self-assessments cover ICAO safety and security provisions from ICAO Annexes 1, 2, 6, 8, 17, 18 and 19 and industry best practices

Increased continuity of conformity with ISARPs

Transparent and reliable auditing procedures and techniques

Improved focus on the assessment of implementation by Audit Organizations

Enhanced IOSA

Benefits for Regulators

Enhanced IOSA

Process

Enhanced IOSA Process

Registration

Renewal

Last

Renewal

Audit

T-150

DaysAudit

Date

Submission of

CR 14 days

before Audit

Internal Assessments

in 24 month period

Internal Assessments

in 24 month period

AO reviews CR prior to Audit

During the Audit, IOSA Auditors will assess

the CR contents using selection of ISARPs

the operator’s training and qualification program

IOSA Auditors will try to understand, how the operator

assessed the ISARPs

Audit Organization’s Responsibilities

Audit Methodology for IOSA Audits by AOs will not

change

Mandatory observations will be completed as usual

AO makes final assessment of ISARPs under IOSA Audit

If AO assesses ISARP as nonconformity, the conventional

corrective action process follows (close findings not later

than 1 month prior to expiry date)

Audit Organization’s Responsibilities

Qualify and train Internal Auditors as per internal training

program

Internally assess all ISARPs at least once in registration

period (24 months)

Obtain signed declaration of respective Senior Manager

Produce and Submit Conformance Report to AO 2 weeks

prior to IOSA Renewal Audits

Make internal auditors available during IOSA Audit

Airline’s Role Under E-IOSA

ISM Applicability for Internal Assessments

20

Registration

Expiry

T-150

DaysAudit

Date

Submission of

CR 14 days before Audit

Latest ISM Edition

does not have to be

incorporated

5 months

Registration

Expiry

Current ISM Edition to be

used

Will involve 2-3 editions in

24 months

19 months

Published on www.iata.org/iosa

Outlines all relevant procedures and guidance for airlines

to undergo E-IOSA it contains:

IOSA Overview

Internal Audit Program Management

Audit Methodology

Conformance Report

Audit Procedures

IOSA Audit Handbook for Airlines

1. IOSA Overview

ISM, ISARPs (Conditional Phrases, PCO, Notes and

Symbols, etc.)

Documented and implemented

Outsourced functions, repeated ISARPs, upgrades to

Standards, etc.

IOSA Audit Handbook for Airlines

2. Internal Audit Program Management

QA Program (program requirements, IOSA registration

period, alignment of ISARPs with regulations),

Auditors (basic principles, selection, training and

qualification, record of internal auditors, etc.)

IOSA Audit Handbook for Airlines

3. Audit Methodology

Assessing Conformance documented, implemented,

systemic applicability,

Conformance and Evidence evidence collection,

examining documents,

interviewing personnel,

auditor actions, auditing

ORG, auditing repeated ISARPs,

auditing outsourced functions, recording of nonconformities

IOSA Audit Handbook for Airlines

4. Conformance Report

description of the CR,

CR template,

options for production of CR,

description of relevant ISARPs,

CR completion, submission deadline, contradictions in

assessments

IOSA Audit Handbook for Airlines

5. Audit Procedures

general procedures application of IOSA procedures, interpretation of ISARPs,

assessing documentation and implementation, sampling,

identifying N/As, systemic applicability, etc.

specific procedures and options used in the IOSA process ISARPs with PCO,

repeated ORG ISARPs, SMS ISARPs, interlinked ISARPS, etc.,

procedures for the submission of the CR submission deadline,

CR changes after submission

IOSA Audit Handbook for Airlines

Provides opportunity to identify weaknesses in

organizational management systems

Under E-IOSA, airlines required to audit against all ORG

provisions

Auditing ORG is one of challenging tasks for airlines

Assessing Organization and Management

Assessment of outsourced functions different than the

procedure used by the AOs

Airlines must assess outsourced functions and their

conformity with ISARPs (auditing recommended)

The results of the assessments must be available as

proof for AOs

Assessing Outsourced Functions

Safety Management

System and IOSA

30

Fundamental safety management concepts

incorporated since the first edition of the ISM

Identified as “requirements” in ORG Section

e.g. accountability, management review, policy,

planning, communication, resources, quality

management and processes and emergency response

IOSA SMS Principles

31

SMS For IOSA Registered Operators Today

An IOSA operator will already have certain SMS elements in place

Complete restructuring of management system not necessary

Certain existing policies and procedures may need modification

New processes likely needed in the area of safety risk management

and safety assurance

Conformity with IOSA standards helps the transition to SMS

32

Approximately 1000 IATA has integrated all elements of ICAO SMS framework into IOSA

The expanded auditing requirements appear in the IOSA Standards Manual (ISM) 10th Edition

Incorporates all elements of the ICAO-mandated SMS framework (Annex 19).

68 SMS Standards provisions

50 provisions are currently designated as repeated provisions

ISM 10th Edition - The “SMS” IOSA

33

Key Components and Principles of IOSA SMS

Conservative approach adopted for the introduction of SMS

All IOSA SMS recommended practices will be upgraded to

standards incrementally over a four-year period beginning with

the publication of ISM Edition 7.

Some SMS provisions designated as Recommended Practices

Non-conformity results in an Observation

With the publication of ISM Edition 10, effective 1 September

2016, all SMS recommended practices will have been upgraded to

standards.

34

SMS Hard-Linked ISARPsORG 1.1.10 A is a SMS control standard and must be assessed as a non

conformity if nay SMS ISARP has been assessed as non conformity

IATA Standard Safety

Assessment (ISSA)

ISSA Program

Many operators are technically not eligible for an IOSA

Audit because of:

Operating aircraft below 5,700Kg MTOW

Business model does not allow for conformity with IOSA

requirements

Because of vast amount of those operators, IATA decided

to develop a new evaluation program for the industry

called “IATA Standard Safety Assessment”

Background

ISSA Program

Measuring operator’s

conformity with relevant

ICAO Requirements and

Industry Practices

Gradual Implementation of

SMS Elements

Benefits

Assessment completion

provides eligibility for entry

on ISSA Registry

Improved marketing and

commercial advantages

ISSA Program

Commercial passenger and/or cargo operations

Aircraft with one or more turbine powered and/or multiple

reciprocating engines

Single and/or Two-pilot operations

IFR and/or VFR operations

Aircraft with MTOW below 5700Kg

Aircraft with MTOW above 5700Kg will be allowed on

ISSA Registry for one term, after that need to go for IOSA

Eligibility

ISSA Program

Aircraft with single reciprocating engines

Helicopters/ Seaplanes

Any operator that is currently on the IOSA Registry

Operators with no aircraft on the AOC (only wet-lease

operations)

Scope Exclusions

ISSA Program

Audit Standards derived directly from all IOSA disciplines;

emphasis on the Organization Management System

Verification of both documentation and implementation

required

Approximately 116 Standards and

Recommended Practices (subject to

change)

Audit and Program Standards

ISSA Program

Initial assessment, followed by biennial renewal

assessments

Assessments planned to be conducted by two Auditors for

two days

Assessment follow-up (closure of findings) and

registration period in alignment with IOSA

Assessment Conduct

ISSA Program

The new assessment program will:

not be linked, associated or conditional on IATA

Membership

be priced to suit the intended market

be promoted and marketed in a manner that clearly defines

and manages expectations, including a clear distinction

from IOSA

Other Characteristics

ISSA Program

Assessments will be performed by independent Audit

Organizations

Program will become operational in early 2015

Cooperation and Audit Organizations

ISSA Program

5 Beta-test assessments in first half of 2014

program launched in early 2015

Project

PlanningPrepare Test

Period

3-5 Beta-test audits

Q12013 Q2 Q3 Q4

Review and

Adjustments

Official

Program

Launch

2014 Q12015

Summary The Enhanced IOSA program was developed to

enhance the IOSA and take it to a higher level

The EIOSA program has merged into the IOSA

program

The IOSA program requires the SMS to be

implemented in the airline

For smaller planes, there is the option of

undergoing an ISSA

****

****

****

***

**

****

****

****

*

Questions ?

47

SMS Designated ISARPs1. Overall SMS Control ISARP: assessed as a non-conformity if any other SMS ISARP is a non-conformity

ORG 1.1.10A

2. ORG ISARPs with hard-linked assessment requirements: assessed as a non-conformity if any other SMS ISARP

ISARP in the same line is anon-conformity

ORG 3.1.1A FLT 1.12.1A DSP 1.12.1A MNT 1.12.1A CAB 1.11.1A GRH 1.11.1A CGO 1.11.1A

ORG 3.1.2A FLT 1.12.2A DSP 1.12.2A MNT 1.12.2A CAB 1.11.2A GRH 1.11.2A CGO 1.11.2A

ORG 3.1.3 FLT 1.12.3 DSP 1.12.3 MNT 1.12.3 CAB 1.11.3 GRH 1.11.3 CGO 1.11.3

ORG 3.1.4

ORG 3.2.1A FLT 1.12.5 A DSP 1.12.5A MNT 1.12.5A CAB 1.11.5A GRH 1.11.5A CGO 1.11.5A

ORG 1.6.5A FLT 2.5.1A DSP 2.5.1A MNT 1.12.6A CAB 2.4.1A GRH 2.3.1A CGO 2.3.1A

3. ORG ISARPs which do not have additional assessment links.

ORG 1.1.3 ORG 1.1.12A ORG 1.2.1 ORG 1.1.3A ORG 1.3.1 ORG 1.4.2 ORG 1.5.2A

ORG 2.1.5A ORG 3.2.2A ORG 3.3.1 ORG 3.3.3 ORG 3.3.4 ORG 3.3.10 ORG 3.3.11

ORG 3.3.13 ORG 3.4.5 ORG 4.1.1 ORG 4.1.4A

4. Repeated ISARPs with no hard-linked SMS assessment requirement, but directly associated with the

assessment for ORG 3.4.1 and ORG 3.4.4

ORG 3.4.1 FLT 1.10.1 DSP 1.10.1 MNT 1.10.1 CAB 1.9.1 GRH 1.9.1 CGO 1.9.1

ORG 3.4.4 FLT 1.10.3 DSP 1.10.3 MNT 1.10.3 CAB 1.9.3 GRH 1.9.3 CGO 1.9.3