Safety Management System

Performance: Going for the Deep Dive

In this series’s previous post, I discussed the identification of critical controls in the service of a fully-functioning airport (or anything for that matter) safety assurance, but that is not the end of the story.

The point of having these critical controls is to provide your organisation with an account of how it manages risk.

The role of the Accountable Executive, supported by their subordinates, is to be in a position to provide that account and to ensure that it aligns with the organisation’s strategy and objectives, or vice versa.

There may be some discussion on the level to which this account should reach but the following article outlines what is thought to be an effective and achievable middle ground.

A Model for Doing Stuff

When approaching the problem of assessment, it is advisable to have general model of how stuff gets done. In this case, you need a model of a systematic approach to doing.

Probably one of the most widely accepted models is PDCA which stands for Plan, Do, Check, Act. There is plenty of information on the Internet on PDCA and perhaps it is the result of an inadequate understanding on my part but I like to modify it slightly.

For me (and others), the D(o) and the A(ct) are the same thing, and you may not want to act if you haven’t planned that action appropriately.

So I like to look at it as PDC and while the P-D-C steps are in order, they may not always flow one after the other. You might have ten goes at the doing before you do a check and that might send you right back to the doing part. Below, is a somewhat colourful and hopefully informative diagram.

PDC Diagram

Starting at the Start

I hope it is obvious that this circular, feedback driven process starts with a plan. This plan will be based on the identified risk, any legislated standards and/or regulatory requirements as well as industry best practices. This is where your assessment standard will also need to start.

The assessment of the “plan” step will include answering the following questions:

  1. Does the plan address the risk, does it meet standards and requirements and is it best practice?
  2. Is the plan documented (for example, in the Aerodrome Manual or in the Wildlife Hazard Management Plan)?
  3. Does the plan result in assessable procedures, tools and/or training?

Going for a Ride

The next step of the assessment (and therefore the next part of the assessment standard) will look at the “do” part. This process will involve:

  1. Checking that the do-er has access to the procedures
  2. Checking that the do-er’s tools are fit-for-purpose, available and serviceable
  3. Checking that the do-er is trained
  4. Checking that it all comes together to achieve the plan

Who Checks the Checkers?

Some people might argue that the process I am outlining here (critical controls and assessment standards), is the “check” step - I don’t agree.

This step in the cycle is for those in the cycle. This overall process of assurance discussed here, sits outside the cycle. It is independent (and hopefully, objective) as its goal is not in the doing but in the managing or governance.

The “check” step is about feedback to the do-er and will be, itself, laid out in the plan. The plan should discuss when a supervisor or manager will review records to identify trends or sign-off work as complete - it will vary. At the very least, you are looking for feedback.

Probably, the best example I can think of is for regular but random checks of airside drivers. The authorising of drivers is the “doing” part but going out on the movement area and checking licences or measuring vehicle speeds is the “checking”.

Your assessment standard should include these steps to provide an overall picture of the system in action.

Pulling it Together

With assessment standard in hand, it is time to get to work - auditing. Some might not consider auditing real work but it can be challenging, especially when your goal is addressing risk in a functional, yet efficient way.

Runway Entry

The end result will be a condense but complete picture of how a critical control is performing. This digestible form will allow your Accountable Executive to have a full appreciation of the process by which your organisation manages risk. Put it together with some contextual statistics (e.g. significant events, losses, magnitude of operations), and your assurance processes will put you in the drivers position in terms of accountability and improvement.

This was part 3 in a 3-part series on proactive safety assurance in relation to risk assessment - part 1 looked at the Safety Assurance process overall while part 2 explored the concept of critical controls.

Feel free to contribute to this post and other posts by leaving a comment below (registration needed before you can comment).

Photo of sun by APilotsEye

Editor's note: New Airport Insider is independent and free from advertising. We want to keep it this way to create an optimal user experience. At the same time, we are growing fast and this requires further financial investment. This is why we are now seeking sponsors and benefactors. If you are interested, contact us at hello[at] Thank you.

Subscribe to New Airport Insider by Email

Critical Controls: What Keeps You Up at Night?

airport safety assuranceToday's post on safety assurance will focus on identifying and measuring critical controls.

Checking an entire system of controls is a big job. Reporting on those checks would be an even bigger job and not necessarily a welcome thing if your senior management is as busy as mine. The company I work for employs a criticality filter to focus our accountability on those activities that mean the most.

This article is going the explore both why you might want to use criticality and how you might apply it to your long list of controls.

How Do You Manage a Deluge?

Anyone who has dealt with a large spreadsheet knows about filters. Power users of Excel or Numbers will have used them to their advantage and, if they have done it in front of others, have probably earned themselves a few admirers.

But even the most tech-noob amongst us is using filtering all the time. Human perception filters out, supposedly, unneeded data automatically either to allow us effectively operate or because our body is suffering under stress (think, tunnel vision leading passing out when subject to G-force).

As stated above, a criticality filter can take your lists of (potentially hundreds of) controls down to 3-10 and if this list if truly your most importance risk control activities, then now you have the time go into depth on these controls and then report up to your Accountable Executive in a way that they can digest, comprehend and articulate, if required.

Pick Your Favourite Child?

Once you've accepted that you need to choose some of your control activities for special attention, now you need to pick them. This is probably the part of the process where things have the potential to become contentious and to be stalled.

The primary piece of advice given to me when I was first introduced to this approach was to consider "what controls, if not working properly would keep me up of night?" At that time, I was still new in my job, so I have a few things I wanted to change and these kept me up at night already - so it was easy.

But having been through the process now, I have developed some other guidelines to help identify the critical aspects of your operations. They are proactivity, persistence and multi-purposes.

  • Proactive Controls

Don't rely on a trigger to be enacted/implemented. Obviously, this applies to activities like habitat control (grass management) and serviceability inspections.

  • Persistent Controls

These are ones that are always there during operations. Passenger screening and approach slope guidance lights are good examples having this quality.

  • Multi-purpose Controls

These are signal activities that address two or more hazards/risks. A perimeter fence is a great example of this as it address both the safety risk of animals and the security risk from agents with intent.

Don't Forget Context

As with nearly everything in the field of safety management, a definitive answer on critical controls cannot be given. Because your context will be different to mine, and even mine is changing over time.

The matrix below shows the critical controls I've been working with for the last year but they are under review at the moment.

Example Airport Critical Control Matrix (CC) Dan Parsons

Given I think that this is a contentious topic, I'd love to hear your point of view in the comments below.

In part 3, we'll go into what you do with these critical controls through the development of a standard against which your audit/review is conducted.  Part 1 provided an overview of Safety Assurance.

Photo credits: 1 is by APilotsEye 

Setting the Airport Wildlife Hazard Scene

7 Steps to Airport Wildlife Risk Management

This is part 2 of a 7  part series exploring the use of the ISO 31000 risk management framework in the Airport Wildlife Risk Management; part 1 was about establishing an Airport Wildlife Risk Management Framework.

A good airport operator knows that bird strikes and other airport wildlife hazards require special attention.  In part 1 of this series, Safety Management System (SMS) processes had identified the overall risk associated with the hazard and you began consulting with your airport stakeholders.

But before making a list of bird and animal species and checking it twice, we need to set the context for the rest of this process - after all, context is everything.

As we are dealing here with a very operational form of risk management, we are going to need a very operational context. The objectives of this step in the ISO31000 risk management process are to get all stakeholders on the same page and to pave the way for the risk assessment.

The Big Picture

There are quite a few pieces to this jigsaw puzzle and, of course, they will vary for each airport but the following is a good start.

1. Operational Context

This includes the basic details of the airport operation such as who operates the airport, its operational hours, critical aircraft, number of flights and passengers, etc. This information will plug into the analysis section of the risk assessment.

2. Environmental Context

This section starts to build a wider picture. First, I would situate the airport in the wider world - general location, basic geography and climate.  Then I get specific with the following:

  • Off-Airport Habitats and Activities  Within a 15km radius of the airport, what environments exist and activities are undertaken which will cause birds and animals to come to or transit over your airport? The big ones are human-related such as garbage dumps, sewage plants, slums, agricultural, etc. But natural environments should also be considered with natural food sources and roosting locations need to be considered.
  • On-Airport Habitats Due to the proximity to operating aircraft, this area requires more scrutiny. Each environment on the airport needs to be identified and understood. This includes natural areas like grasslands and heavier vegetation as well as man-made areas like garbage stations and perching structures.
  • On-Airport Activities Look to what you do that may attract birds. Mowing is a big one on my airport but others include lighting attracting insects and transferring garbage.

3. Historical Context

Within the airport environment, events have occurred which contribute to the risk picture.  These events include:

  • Natural Phenomena What has occurred or does occur at the airport to bring the wildlife? Seasonal weather variations, migratory activity or, as in my airport’s case, insect infestations.
  • Strike History This one is pretty straight forward and a big part of the analysis process.
  • Count History  A serious amount of bad luck is required for a bird strike, so strike data might not provide the full picture. Counts really help to fill in the gaps.

Building a Picture

This step can go a long way in identifying the sources of airport wildlife risk, but we’ll get to that next. Instead, this step can be limited to airport stakeholders discussing the context over a map or two of the airport and its surroundings. The real trick is to get this down on paper so that step forms the foundation of each progress set.

In part 3, we will get out “there” to see what birds and animals we have at and around our airport. Before you grab your sunglasses, hat and sunscreen, why not help build our context by leaving a comment below?

Additional Resources More information on wildlife hazard management and bird strikes can be found at:

Airport Wildlife Risk Management: Framework and Consultation

7 Steps to Airport Wildlife Risk Management

It can be easy for an airport operator to brush off the impact of a bird strike. The majority of the cost, estimated to be between $700 million BSC USA and $1 billion EASA per year, is borne by airlines. But aviation is a team-sport and, as an airport manager, when I get a call notifying me of a bird strike, I run through my management choices again, each and every time.

Those choices and business decisions can be tough. The effect of various wildlife management techniques can be hard to measure as there is no silver bullet.

Risk management is, of course, the method du jour for making decisions and it is making real inroads into the wildlife hazard management area. By now airports are exercising their risk management muscles through their Safety Management System and other business systems.

However, as a generic philosophy, risk management can sometimes be hard to apply in specific situations without a good understanding of the overall framework, tools, techniques, etc. In this series, we’ll look at the specifics as they relate to the important issue of wildlife hazard management.


Although the ICAO Safety Management  System (SMS) has its own risk management framework, it’s also a good idea to consider the almost universally accepted international standard - ISO 31000. The benefit of using the ISO standard is that it is rather agnostic about the level the process is being used.

The SMS framework is rather strategic and may not suit, without manipulation, the more operational level of a wildlife hazard management plan.

Wildlife hazard management is a process within the overall airport’s safety management system. However, when you are close to the frontline, it requires a different set of tools and approaches.

This article is the first in a series which looks at risk management in the context of wildlife hazard management in the development of a wildlife hazard management plan.

We can start the process as follows:

Consulting with Stakeholders

Actually, consultation is not the first step in the risk management process; rather, it is something you do throughout the process, in many forms. And it does not need to be a committee.


ISO 31000 sums up a stakeholders a a “person or organisation that can affect, be affected by, or perceive themselves to be affected by a decision or activity”. So you need to start with a list; possibly, a long list.

Airports need to think about internal stakeholders, on-airport, off-airport, direct relationships, indirect relationships, upstream suppliers, downstream beneficiaries, the list goes on and will vary between airports. Some airport stakeholder categories are:

  • Airlines and Aircraft Operators
  • On-airport businesses who are likely to contribute to the presence of wildlife attractants
  • Neighbouring businesses or properties who are also likely to contribute to the environment’s attractiveness to wildlife
  • Local government planning authorities and operators of essential infrastructure (think waste dump and sewage plant operators)
  • Wildlife specialists such as biologists, ornithologists, both academic and professional
  • Senior management - especially when it comes to risk attitude, tolerance and criteria


The form of communication will vary. Sometimes, committees will be needed. Brainstorming activities to define the context and strategize treatments will work better in a group environment. Other activities like setting risk attitude might be better worked out in private.

Whichever form is chosen, it must be recordable, cooperative and two-way. Communication needs to be part of the process with its output becoming inputs in the other steps and vice versa.

Process Outcomes

ISO 31000 tells us what we want out of this process. It says that a consultative approach is designed to:

  • Help establish context;
  • Ensure the risk identification process achieves an appropriate level of completeness;
  • Provide different perspectives on risk analysis;
  • Achieve buy-in on the treatment plan

Set up to Succeed

From the above list, it is clear why consultation is critical. As we go through the remainder of the risk management process, we will, time and time again, reach back to our stakeholders to ensure that the end result is the best we can achieve. In part 2, we will dive into setting the context for the risk assessment and treatment further down the line. But in the meantime, why not consult with us on the process so far by leaving a comment below?

This article is part 1 in a series of 7 exploring the use of the ISO31000 risk management framework in  wildlife management.

Additional Resources More information on wildlife hazard management and bird strikes

About The Author: Dan manages a growing regional airport in Australia. He has also worked in the airport industry as a consultant, surveyor and inspector, including 4 years with the Civil Aviation Authority. He has a special internet in pragmatic risk management for manager in the complex and dynamic aviation environment. You can find him on Twitter.