Organisational Reviews and Risk Management in Aviation Training: ATO Compliance, Exercises of Aviation

The requirements for organisational reviews and risk management in Approved Training Organisations (ATOs) providing flight training under European Union regulations. It covers review items, risk assessment and mitigation, and facility requirements. ATOs must provide information for certificate application and maintain training manuals.

Typology: Exercises

2021/2022

Uploaded on 08/01/2022

hal_s95
hal_s95 🇵🇭

4.4

(655)

10K documents

1 / 101

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
PART-ORA
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Organisational Reviews and Risk Management in Aviation Training: ATO Compliance and more Exercises Aviation in PDF only on Docsity!

PART-ORA

Annex VII - Part ORA

Part-ORA - Content V1, June 2016

Disclaimer

This version has been prepared by the Agency in order to provide stakeholders with an updated and easy-to-read publication. It has been prepared by combining the officially published texts of the corresponding regulations together with the Acceptable Means of Compliance and Guidance Material (including the amendments) adopted so far. However, this is not an official publication and the Agency accepts no liability for damage of any kind resulting from the risks inherent in the use of this document. This document will be updated regularly if needed to take into account further amendments. The format of this document has been adjusted in order to make it easier to read and for reference purposes. Readers are invited and encouraged to report to fcl.easa.europa.eu any perceived errors, or comments relating to this publication.

Consolidated version

Subpart Version Subpart GEN V1, June 2016 Subpart ATO V1, June 2016 Subpart FSTD V1, June 2016 Subpart AeMC V1, June 2016

Part-ORA - Content V1, June 2016

Amendments

Commission Regulations (Implementing rules)

Regulation (EU) Date 2016/539 07/04/ 2015/445 17/03/ 245/2014 13/03/ 70/2014 27/01/ 290/2012 30/03/ 1178/2011 03/11/

EASA Decisions (AMC & GM)

Amendment Date Amdt 3 15/04/ Amdt 2 02/04/ Amdt 1 16/04/ Part-ORA 19/04/

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

HT head of training IFR instrument flight rules IMC instrument meteorological conditions IOS instructor operation station IR Implementing Rule LAPL light aircraft pilot licence LIFUS line flying under supervision LVO low visibility operation MCC multi-crew cooperation MMEL master minimum equipment list MPA multi-pilot aeroplane MPL multi-crew pilot licence NVIS night vision imaging system OPC operator proficiency check ORA organisation requirements for aircrew OSD operational suitability data OTD other training device PBN performance-based navigation PF pilot flying PIC pilot-in-command PPL private pilot licence QTG qualification test guide SMM safety management manual SOP standard operating procedure SPL sailplane pilot licence TAWS terrain awareness warning system TRE type rating examiner TRI type rating instructor VDR validation data roadmap ZFTT zero flight-time training

ORA.GEN.105 Competent authority

(a) For the purpose of this Part, the competent authority exercising oversight over:

(1) organisations subject to a certification obligation shall be:

(i) for organisations having their principal place of business in a Member State, the authority designated by that Member State;

(ii) for organisations having their principal place of business located in a third country, the Agency;

(2) FSTDs shall be:

(i) the Agency, for FSTDs:

  • located outside the territory of the Member States, or,
  • located within the territory of the Member States and operated by organisations having their principal place of business located in a third country,

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

(ii) for FSTDs located within the territory of the Member States and operated by organisations having their principal place of business in a Member State, the authority designated by the Member State where the organisation operating it has its principle place of business, or the Agency, if so requested by the Member State concerned.

(b) When the FSTD located outside the territory of the Member States is operated by an organisation certified by a Member State, the Agency shall qualify this FSTD in coordination with the Member State that has certified the organisation that operates such FSTD.

ORA.GEN.115 Application for an organisation certificate

(a) The application for an organisation certificate or an amendment to an existing certificate shall be made in a form and manner established by the competent authority, taking into account the applicable requirements of Regulation (EC) No 216/2008 and its Implementing Rules.

(b) Applicants for an initial certificate shall provide the competent authority with documentation demonstrating how they will comply with the requirements established in Regulation (EC) No 216/2008 and its Implementing Rules. Such documentation shall include a procedure describing how changes not requiring prior approval will be managed and notified to the competent authority.

ORA.GEN.120 Means of compliance

(a) Alternative means of compliance to the AMC adopted by the Agency may be used by an organisation to establish compliance with Regulation (EC) No 216/2008 and its Implementing Rules.

(b) When an organisation wishes to use an alternative means of compliance, it shall, prior to implementing it, provide the competent authority with a full description of the alternative means of compliance. The description shall include any revisions to manuals or procedures that may be relevant, as well as an assessment demonstrating that Regulation (EC) No 216/2008 and its Implementing Rules are met.

The organisation may implement these alternative means of compliance subject to prior approval by the competent authority and upon receipt of the notification as prescribed in ARA.GEN.120(d).

AMC1 ORA.GEN.120(a) Means of compliance DEMONSTRATION OF COMPLIANCE

In order to demonstrate that the Implementing Rules are met, a risk assessment should be completed and documented. The result of this risk assessment should demonstrate that an equivalent level of safety to that established by the Acceptable Means of Compliance (AMC) adopted by the Agency is reached.

ORA.GEN.125 Terms of approval and privileges of an organisation

A certified organisation shall comply with the scope and privileges defined in the terms of approval attached to the organisation’s certificate.

AMC1 ORA.GEN.125 Terms of approval and privileges of an organisation MANAGEMENT SYSTEM DOCUMENTATION

The management system documentation should contain the privileges and detailed scope of activities for which the organisation is certified, as relevant to the applicable requirements. The

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

(a) Typical examples of changes that may affect the certificate or the terms of approval are listed below:

(1) the name of the organisation;

(2) the organisation’s principal place of business;

(3) the organisation’s scope of activities;

(4) additional locations of the organisation;

(5) the accountable manager;

(6) any of the persons referred to in ORA.GEN.210 (a) and (b);

(7) the organisation’s documentation as required by this Part, safety policy and procedures;

(8) the facilities.

(b) Prior approval by the competent authority is required for any changes to the organisation’s procedure describing how changes not requiring prior approval will be managed and notified to the competent authority.

(c) Changes requiring prior approval may only be implemented upon receipt of formal approval by the competent authority.

GM2 ORA.GEN.130(a) Changes to organisations CHANGE OF NAME OF THE ORGANISATION

A change of name requires the organisation to submit a new application as a matter of urgency. Where this is the only change to report, the new application can be accompanied by a copy of the documentation previously submitted to the competent authority under the previous name, as a means of demonstrating how the organisation complies with the applicable requirements.

ORA.GEN.135 Continued validity

(a) The organisation’s certificate shall remain valid subject to:

(1) the organisation remaining in compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules, taking into account the provisions related to the handling of findings as specified under ORA.GEN.150;

(2) the competent authority being granted access to the organisation as defined in ORA.GEN.140 to determine continued compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules; and

(3) the certificate not being surrendered or revoked.

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

(b) Upon revocation or surrender the certificate shall be returned to the competent authority without delay.

ORA.GEN.140 Access

For the purpose of determining compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules, the organisation shall grant access to any facility, aircraft, document, records, data, procedures or any other material relevant to its activity subject to certification, whether it is contracted or not, to any person authorised by:

(a) the competent authority defined in ORA.GEN.105; or

(b) the authority acting under the provisions of ARA.GEN.300(d), ARA.GEN.300(e) or ARO.RAMP.

ORA.GEN.150 Findings

After receipt of notification of findings, the organisation shall:

(a) identify the root cause of the non-compliance;

(b) define a corrective action plan; and

(c) demonstrate corrective action implementation to the satisfaction of the competent authority within a period agreed with that authority as defined in ARA.GEN.350(d).

AMC1 ORA.GEN.150(b) Findings GENERAL

The corrective action plan defined by the organisation should address the effects of the non- conformity, as well as its root-cause.

GM1 ORA.GEN.150 Findings GENERAL

(a) Corrective action is the action to eliminate or mitigate the root cause(s) and prevent recurrence of an existing detected non-compliance or other undesirable condition or situation.

(b) Proper determination of the root cause is crucial for defining effective corrective actions.

ORA.GEN.155 Immediate reaction to a safety problem

The organisation shall implement:

(a) any safety measures mandated by the competent authority in accordance with ARA.GEN.135(c); and

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

SECTION II - Management

ORA.GEN.200 Management system

(a) The organisation shall establish, implement and maintain a management system that includes:

(1) clearly defined lines of responsibility and accountability throughout the organisation, including a direct safety accountability of the accountable manager;

(2) a description of the overall philosophies and principles of the organisation with regard to safety, referred to as the safety policy;

(3) the identification of aviation safety hazards entailed by the activities of the organisation, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness;

(4) maintaining personnel trained and competent to perform their tasks;

(5) documentation of all management system key processes, including a process for making personnel aware of their responsibilities and the procedure for amending this documentation;

(6) a function to monitor compliance of the organisation with the relevant requirements. Compliance monitoring shall include a feedback system of findings to the accountable manager to ensure effective implementation of corrective actions as necessary; and

(7) any additional requirements that are prescribed in the relevant subparts of this Part or other applicable Parts.

(b) The management system shall correspond to the size of the organisation and the nature and complexity of its activities, taking into account the hazards and associated risks inherent in these activities.

(c) Notwithstanding point (a), in an organisation providing training only for the LAPL, PPL, SPL or BPL and the associated ratings or certificates, safety risk management and compliance monitoring defined in points (a)(3) and (a)(6) may be accomplished by an organisational review, to be performed at least once every calendar year. The competent authority shall be notified about the results of this review by the organisation without undue delay.

AMC1 ORA.GEN.200(a)(1);(2);(3);(5) Management system NON-COMPLEX ORGANISATIONS - GENERAL

(a) Safety risk management may be performed using hazard checklists or similar risk management tools or processes, which are integrated into the activities of the organisation.

(b) The organisation should manage safety risks related to a change. The management of change should be a documented process to identify external and internal change that may have an adverse effect on safety. It should make use of the organisation’s existing hazard identification, risk assessment and mitigation processes.

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

(c) The organisation should identify a person who fulfils the role of safety manager and who is responsible for coordinating the safety management system. This person may be the accountable manager or a person with an operational role in the organisation.

(d) Within the organisation, responsibilities should be identified for hazard identification, risk assessment and mitigation.

(e) The safety policy should include a commitment to improve towards the highest safety standards, comply with all applicable legal requirements, meet all applicable standards, consider best practices and provide appropriate resources.

(f) The organisation should, in cooperation with other stakeholders, develop, coordinate and maintain an emergency response plan (ERP) that ensures orderly and safe transition from normal to emergency operations and return to normal operations. The ERP should provide the actions to be taken by the organisation or specified individuals in an emergency and reflect the size, nature and complexity of the activities performed by the organisation.

AMC1 ORA.GEN.200(a)(1) Management system COMPLEX ORGANISATIONS - ORGANISATION AND ACCOUNTABILITIES

The management system of an organisation should encompass safety by including a safety manager and a safety review board in the organisational structure.

(a) Safety manager

(1) The safety manager should act as the focal point and be responsible for the development, administration and maintenance of an effective safety management system.

(2) The functions of the safety manager should be to:

(i) facilitate hazard identification, risk analysis and management;

(ii) monitor the implementation of actions taken to mitigate risks, as listed in the safety action plan;

(iii) provide periodic reports on safety performance;

(iv) ensure maintenance of safety management documentation;

(v) ensure that there is safety management training available and that it meets acceptable standards;

(vi) provide advice on safety matters; and

(vii) ensure initiation and follow-up of internal occurrence / accident investigations.

(b) Safety review board

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

(2) resolve identified risks;

(3) assess the impact on safety of operational changes; and

(4) ensure that safety actions are implemented within agreed timescales.

(e) The safety action group should review the effectiveness of previous safety recommendations and safety promotion.

AMC1 ORA.GEN.200(a)(2) Management system COMPLEX ORGANISATIONS - SAFETY POLICY

(a) The safety policy should:

(1) be endorsed by the accountable manager;

(2) reflect organisational commitments regarding safety and its proactive and systematic management;

(3) be communicated, with visible endorsement, throughout the organisation; and

(4) include safety reporting principles.

(b) The safety policy should include a commitment:

(1) to improve towards the highest safety standards;

(2) to comply with all applicable legislation, meet all applicable standards and consider best practices;

(3) to provide appropriate resources;

(4) to enforce safety as one primary responsibility of all managers; and

(5) not to blame someone for reporting something which would not have been otherwise detected.

(c) Senior management should:

(1) continually promote the safety policy to all personnel and demonstrate their commitment to it;

(2) provide necessary human and financial resources for its implementation; and

(3) establish safety objectives and performance standards.

GM1 ORA.GEN.200(a)(2) Management system SAFETY POLICY

Part-ORA – Subpart GEN, AMC and GM V1, June 2016 Go back to Subpart GEN Go back to the content

The safety policy is the means whereby the organisation states its intention to maintain and, where practicable, improve safety levels in all its activities and to minimise its contribution to the risk of an aircraft accident as far as is reasonably practicable.

The safety policy should state that the purpose of safety reporting and internal investigations is to improve safety, not to apportion blame to individuals.

AMC1 ORA.GEN.200(a)(3) Management system COMPLEX ORGANISATIONS - SAFETY RISK MANAGEMENT

(a) Hazard identification processes

(1) Reactive and proactive schemes for hazard identification should be the formal means of collecting, recording, analysing, acting on and generating feedback about hazards and the associated risks that affect the safety of the operational activities of the organisation.

(2) All reporting systems, including confidential reporting schemes, should include an effective feedback process.

(b) Risk assessment and mitigation processes

(1) A formal risk management process should be developed and maintained that ensures analysis (in terms of likelihood and severity of occurrence), assessment (in terms of tolerability) and control (in terms of mitigation) of risks to an acceptable level.

(2) The levels of management who have the authority to make decisions regarding the tolerability of safety risks, in accordance with (b)(1), should be specified.

(c) Internal safety investigation

(1) The scope of internal safety investigations should extend beyond the scope of occurrences required to be reported to the competent authority.

(d) Safety performance monitoring and measurement

(1) Safety performance monitoring and measurement should be the process by which the safety performance of the organisation is verified in comparison to the safety policy and objectives.

(2) This process should include:

(i) safety reporting;

(ii) safety studies, that is, rather large analyses encompassing broad safety concerns;

(iii) safety reviews including trends reviews, which would be conducted during introduction and deployment of new technologies, change or implementation of procedures, or in situations of structural change in operations;