background image

25 

Federal Aviation Administration, DOT 

§ 5.73 

§ 5.53

System analysis and hazard 

identification. 

(a) When applying safety risk man-

agement, the certificate holder must 
analyze the systems identified in § 5.51. 
Those system analyses must be used to 
identify hazards under paragraph (c) of 
this section, and in developing and im-
plementing risk controls related to the 
system under § 5.55(c). 

(b) In conducting the system anal-

ysis, the following information must be 
considered: 

(1) Function and purpose of the sys-

tem. 

(2) The system’s operating environ-

ment. 

(3) An outline of the system’s proc-

esses and procedures. 

(4) The personnel, equipment, and fa-

cilities necessary for operation of the 
system. 

(c) The certificate holder must de-

velop and maintain processes to iden-
tify hazards within the context of the 
system analysis. 

§ 5.55

Safety risk assessment and con-

trol. 

(a) The certificate holder must de-

velop and maintain processes to ana-
lyze safety risk associated with the 
hazards identified in § 5.53(c). 

(b) The certificate holder must define 

a process for conducting risk assess-
ment that allows for the determination 
of acceptable safety risk. 

(c) The certificate holder must de-

velop and maintain processes to de-
velop safety risk controls that are nec-
essary as a result of the safety risk as-
sessment process under paragraph (b) 
of this section. 

(d) The certificate holder must evalu-

ate whether the risk will be acceptable 
with the proposed safety risk control 
applied, before the safety risk control 
is implemented. 

Subpart D—Safety Assurance 

§ 5.71

Safety performance monitoring 

and measurement. 

(a) The certificate holder must de-

velop and maintain processes and sys-
tems to acquire data with respect to its 
operations, products, and services to 
monitor the safety performance of the 
organization. These processes and sys-

tems must include, at a minimum, the 
following: 

(1) Monitoring of operational proc-

esses. 

(2) Monitoring of the operational en-

vironment to detect changes. 

(3) Auditing of operational processes 

and systems. 

(4) Evaluations of the SMS and oper-

ational processes and systems. 

(5) Investigations of incidents and ac-

cidents. 

(6) Investigations of reports regard-

ing potential non-compliance with reg-
ulatory standards or other safety risk 
controls established by the certificate 
holder through the safety risk manage-
ment process established in subpart C 
of this part. 

(7) A confidential employee reporting 

system in which employees can report 
hazards, issues, concerns, occurrences, 
incidents, as well as propose solutions 
and safety improvements. 

(b) The certificate holder must de-

velop and maintain processes that ana-
lyze the data acquired through the 
processes and systems identified under 
paragraph (a) of this section and any 
other relevant data with respect to its 
operations, products, and services. 

[80 FR 1326, Jan. 8, 2015, as amended at 82 FR 
24010, May 25, 2017] 

§ 5.73

Safety performance assessment. 

(a) The certificate holder must con-

duct assessments of its safety perform-
ance against its safety objectives, 
which include reviews by the account-
able executive, to: 

(1) Ensure compliance with the safety 

risk controls established by the certifi-
cate holder. 

(2) Evaluate the performance of the 

SMS. 

(3) Evaluate the effectiveness of the 

safety risk controls established under 
§ 5.55(c) and identify any ineffective 
controls. 

(4) Identify changes in the oper-

ational environment that may intro-
duce new hazards. 

(5) Identify new hazards. 
(b) Upon completion of the assess-

ment, if ineffective controls or new 
hazards are identified under paragraphs 
(a)(2) through (5) of this section, the 
certificate holder must use the safety 

VerDate Sep<11>2014 

09:06 Jun 28, 2024

Jkt 262046

PO 00000

Frm 00035

Fmt 8010

Sfmt 8010

Y:\SGML\262046.XXX

262046

jspears on DSK121TN23PROD with CFR

background image

26 

14 CFR Ch. I (1–1–24 Edition) 

§ 5.75 

risk management process described in 
subpart C of this part. 

§ 5.75

Continuous improvement. 

The certificate holder must establish 

and implement processes to correct 
safety performance deficiencies identi-
fied in the assessments conducted 
under § 5.73. 

Subpart E—Safety Promotion 

§ 5.91

Competencies and training. 

The certificate holder must provide 

training to each individual identified 
in § 5.23 to ensure the individuals attain 
and maintain the competencies nec-
essary to perform their duties relevant 
to the operation and performance of 
the SMS. 

§ 5.93

Safety communication. 

The certificate holder must develop 

and maintain means for commu-
nicating safety information that, at a 
minimum: 

(a) Ensures that employees are aware 

of the SMS policies, processes, and 
tools that are relevant to their respon-
sibilities. 

(b) Conveys hazard information rel-

evant to the employee’s responsibil-
ities. 

(c) Explains why safety actions have 

been taken. 

(d) Explains why safety procedures 

are introduced or changed. 

Subpart F—SMS Documentation 

and Recordkeeping 

§ 5.95

SMS documentation. 

The certificate holder must develop 

and maintain SMS documentation that 
describes the certificate holder’s: 

(a) Safety policy. 
(b) SMS processes and procedures. 

§ 5.97

SMS records. 

(a) The certificate holder must main-

tain records of outputs of safety risk 
management processes as described in 
subpart C of this part. Such records 
must be retained for as long as the con-
trol remains relevant to the operation. 

(b) The certificate holder must main-

tain records of outputs of safety assur-
ance processes as described in subpart 
D of this part. Such records must be re-
tained for a minimum of 5 years. 

(c) The certificate holder must main-

tain a record of all training provided 
under § 5.91 for each individual. Such 
records must be retained for as long as 
the individual is employed by the cer-
tificate holder. 

(d) The certificate holder must retain 

records of all communications provided 
under § 5.93 for a minimum of 24 con-
secutive calendar months. 

VerDate Sep<11>2014 

09:06 Jun 28, 2024

Jkt 262046

PO 00000

Frm 00036

Fmt 8010

Sfmt 8010

Y:\SGML\262046.XXX

262046

jspears on DSK121TN23PROD with CFR