Appendix 2 - GUIDANCE ON SMS GAP ANALYSIS AND IMPLEMENTATION PLAN

1 Initial Gap Analysis Checklist (Table 1)

The initial gap analysis questions checklist (Table 1) that follows can be used as a template to conduct the first step of a
SMS gap analysis. This format with its overall ―Yes/ No/ Partial‖ response will provide an initial indication of the broad
scope of gaps and hence overall workload to be expected. The questionnaire may be adjusted to suit the needs of the
organization and the nature of the product or service provided. This initial information should be useful to senior
management in anticipating the scale of the SMS implementation effort and hence the resources to be provided (This
initial checklist would need to be followed up by an appropriate implementation plan per Table 2 & 3).

A ―Yes‖ answer indicates that the organization meets or exceeds the expectation of the question concerned. A ―No‖
answer indicates a substantial gap in the existing system with respect to the question‘s expectation. A ―Partial‖ answer
indicates that further enhancement or development work is required to an existing process in order to meet the
question‘s expectations.

Note: SMM references within [ ] brackets contain guidance materials relevant to the Gap analysis question.

Table 1
No. Aspect to be analysed or question to be answered Answer Status of implementation

Component 1 — SAFETY POLICY AND OBJECTIVES

Element 1.1 — Management commitment and responsibility

1 Is there a safety policy in place?  Yes

[4.3.1; 4.5.2(a)]  No
 Partial

2 Does the safety policy reflect senior management commitments regarding  Yes
safety management?  No
[4.3.1]  Partial

3 The Safety Policy is appropriate to the size, nature and complexity of the  Yes
organization.  No
[4.3.1]  Partial
4 The Safety Policy is relevant to aviation safety.  Yes
[4.3.1]  No
 Partial
5 Is the safety policy signed by the Accountable Executive?  Yes
[4.3.1; 4.5.2]  No
 Partial
6 Is the safety policy communicated, with visible endorsement, throughout the  Yes
[organization]?  No
[4.5.2]  Partial
7 Is the safety policy periodically reviewed to ensure it remains relevant and  Yes
appropriate to the [organization]?  No
[4.5.2]  Partial
Element 1.2 — Safety accountabilities

1 Has the [organization] identified an Accountable Executive who, irrespective  Yes

of other functions, shall have ultimate responsibility and accountability, on  No
behalf of the [organization], for the implementation and maintenance of the  Partial

1
No. Aspect to be analysed or question to be answered Answer Status of implementation

SMS? [4.5.1; 4.3.2]

2 Does the Accountable Executive have full control of the financial and human  Yes
resources required for the operations authorized to be conducted under the  No
operations certificate? [4.3.2]  Partial
3 Does the Accountable Executive have final authority over all aviation  Yes
activities of his organization?  No
[4.3.2]  Partial
4 Has the organization identified and documented the safety accountabilities of  Yes
management as well as operational personnel, with respect to the SMS?  No
[4.3.2]  Partial
5 Is there a Safety Committee or Review board for the purpose of reviewing  Yes
SMS and safety performance?  No
[4.3.3 and App 3]  Partial
6 Is the Safety Committee chaired by the Accountable Executive or by  Yes
an appropriately assigned deputy, duly substantiated in the SMS  No
manual? [4.3.3 and App 3]  Partial
7 Does the Safety Committee include relevant operational or departmental  Yes
Heads as applicable?  No
[4.3.3 and App 3]  Partial
8 Are there Safety Action Groups that work in conjunction with the Safety  Yes
Committee? (large/ complex organizations as appropriate)  No
[4.3.3 and App 3]  Partial

Element 1.3 — Appointment of key safety personnel

1 Has the organization appointed a qualified person to manage and oversee  Yes
the day-to-day operation of the SMS?  No
[4.5.1; 4.3.3; App 1]  Partial
2 Does the qualified person have direct access or reporting to the Accountable  Yes
Executive concerning the implementation & operation of the SMS?  No
[4.3.3; App 1, 6.1]  Partial
3 The Manager responsible for administering the SMS does not hold other  Yes
responsibilities that may conflict or impair his role as SMS manager.  No
[App 1, 6.4]  Partial
4 The SMS Manager is a senior management position not lower than or  Yes
subservient to other operational or production positions  No
[App1, 6.4]  Partial
Element 1.4 — Coordination of emergency response planning

1 Does the [organization] have an emergency response/contingency  Yes

plan appropriate to the size, nature and complexity of the  No
organization? [App 4]  Partial

2 Does the Emergency/ Contingency plan address all possible or likely  Yes
emergency/ crisis scenarios relating to the organization‘s aviation product or  No
service deliveries? [App 4, 4(f)]  Partial

3 Does the ERP include procedures for the continuing safe production, delivery  Yes
or support of its aviation products or services during such emergencies or  No
contingencies? [App 4, 4(e)]  Partial
4 Is there a plan and record for drills or exercises with respect to the ERP?  Yes
[App 4, 5c]  No
 Partial
5 Does the ERP address necessary coordination of its emergency  Yes
response/contingency procedures with the emergency/response contingency  No

2
No. Aspect to be analysed or question to be answered Answer Status of implementation

procedures of other organizations where applicable? [App 4, 4(d)]  Partial

6 Does the [organization] have a process to distribute and communicate the  Yes
ERP to all relevant personnel, including relevant external organizations?  No
[App 4, 5(a)]  Partial
7 Is there a procedure for periodic review of the ERP to ensure its continuing  Yes
relevance & effectiveness?  No
[App 4, 5(d)]  Partial
Element 1.5 — SMS documentation

1 There is a top level SMS summary or exposition Document which is  Yes

approved by the Accountable Manager and accepted by the CAA.  No
[4.3.5]  Partial

2 Does the SMS Documentation address the organization‘s SMS and its  Yes
associated components and elements?  No
[4.3.5; 4.4.1; App 3]  Partial

3 Is the organization‘s SMS framework in alignment to the regulatory SMS  Yes

framework?  No
[4.3.5; 4.4.1; App 3]  Partial

4 Does the organization maintain a record of relevant supporting  Yes

documentation pertinent to the implementation and operation of the SMS?  No
[4.3.5; 4.5.4]  Partial

5 Does the organization have a SMS implementation plan to establish its SMS  Yes
implementation process, including specific tasks and their relevant  No
implementation milestones? [4.4.4]  Partial
6 Does the SMS implementation plan address the coordination between the  Yes
service provider‘s SMS and the SMS of external organizations where  No
applicable? [4.4.4]  Partial
7 Is the SMS implementation plan endorsed by the Accountable Executive?  Yes
[4.5.1; 4.4.4]  No
 Partial
Component 2 — SAFETY RISK MANAGEMENT

Element 2.1 — Hazard identification

1 There is a process for voluntary hazards/ threats reporting by all employees.  Yes
[4.5.3(a); 4.3.6]  No
 Partial
2 Is the voluntary hazard/ threats reporting simple, available to all personnel  Yes
involved in safety-related duties and commensurate with the size of the  No
service provider? 4.3.6]  Partial
3 Does the [organization‘s] SDCPS include procedures for incident/ accident  Yes
reporting by operational or production personnel?  No
[4.3.8; 4.5.3; Xref chpt 3, App 12]  Partial
4 Is incident/ accident reporting simple, accessible to all personnel involved in  Yes
safety-related duties and commensurate with the size of the service  No
provider? [4.5.3; 4.3.8]  Partial
5 Does the [organization] have procedures for investigation of all reported  Yes
incident/ accidents?.  No
[4.5.3; 4.3.8]  Partial
6 Are there procedures to ensure that hazards/ threats identified or uncovered  Yes
during incident/ accident investigation processes are appropriately accounted  No
for and integrated into the organization‘s hazard collection and risk mitigation  Partial
procedure? [1.12.2; 1.12.3; 4.3.6]

3
No. Aspect to be analysed or question to be answered Answer Status of implementation

7 Are there procedures to review hazards/ threats from relevant industry  Yes
reports for follow up actions or risk evaluation where applicable?  No
[1.12.2; 1.12.3]  Partial

4
No. Aspect to be analysed or question to be answered Answer Status of implementation

Element 2.2 — Safety risk assessment and mitigation

1 Is there a documented Hazard Identification and Risk Mitigation (HIRM)  Yes
procedure involving the use of objective risk analysis tools.  No
[1.12; 1.14; 4.3.7]  Partial
2 Is the risk assessment reports approved by departmental managers or higher  Yes
level where appropriate? [4.3.7; 1.15.1]  No
 Partial
3 Is there a procedure for periodic review of existing risk mitigation records?  Yes
[4.5.3]  No
 Partial
4 Is there a procedure to account for mitigation actions whenever unacceptable  Yes
risk levels are identified? [4.5.3]  No
 Partial
5 Is there a procedure to prioritise identified hazards for risk mitigation actions?  Yes
[4.5.3]  No
 Partial
6 Is there a program for systematic and progressive HIRM performance of all  Yes
aviation safety-related operations/ processes/ facilities/ equipment as  No
identified by the organization? [4.5.3]  Partial
Component 3 — SAFETY ASSURANCE

Element 3.1 — Safety performance monitoring and measurement

1 Are there identified safety performance indicators for measuring & monitoring  Yes
safety performance of the organization's aviation activities?  No
[4.5.3; 4.3.8; App 6]  Partial
2 Are safety performance indicators relevant to the organization‘s safety policy  Yes
as well as management‘s high level safety objectives/ goals?  No
[4.5.3; 4.3.8; App 6]  Partial
3 Do the safety performance indicators include alert/ target settings to define  Yes
unacceptable performance regions and planned improvement goals?  No
[4.5.3; 4.3.8; App 6]  Partial

4 Is the setting of alert levels or out of control criteria based on objective safety  Yes
metrics principles?  No
[4.3.8; App 6]  Partial

5 Do the safety performance indicators include quantitative monitoring of high  Yes

consequence safety outcomes (eg accident & serious incident rates) as well  No
as lower consequence events (eg rate of non compliance, deviations)?  Partial
[4.3.8; App 6]

6 Are safety performance indicators and their associated performance settings  Yes
developed in consultation with, and subject to the Aviation Authority‘s  No
agreement? [4.5.3; 4.3.8]  Partial
7 Is there a procedure for corrective or follow up action to be taken when  Yes
targets are not achieved and alert levels are exceeded/ breached?  No
[4.4.5]  Partial
8 Are the safety performance indicators periodically reviewed?  Yes
[4.4.5; App 6]  No
 Partial
Element 3.2 — The management of change

1 Is there a procedure for review of relevant existing aviation safety related  Yes
facilities and equipment (including any HIRM records) whenever there are  No
pertinent changes to those facilities or equipment? [4.3.9; 4.5.3]  Partial

5
No. Aspect to be analysed or question to be answered Answer Status of implementation

2 Is there a procedure for review of relevant existing aviation safety related  Yes
operations and processes (including any HIRM records) whenever there are  No
pertinent changes to those operations or processes? [4.3.9; 4.5.3]  Partial

3 Is there a procedure for review of new aviation safety related operations and  Yes
processes for hazards/ risks before they are commissioned?  No
[4.5.3]  Partial

4 Is there a procedure for review of relevant existing facilities, equipment,  Yes

operations or processes (including any HIRM records) whenever there are  No
pertinent changes external to the organization such as regulatory/ industry  Partial
standards, best practices or technology? [4.5.3]

Element 3.3 — Continuous improvement of the SMS

1 Is there a procedure for periodic internal audit/ assessment of the SMS?  Yes
[4.3.10; 4.5.3; 4.5.4]  No
 Partial

2 Is there a current internal SMS audit/ assessment plan?  Yes

[4.3.10; 4.5.3; 4.5.4]  No
 Partial

3 Does the SMS audit plan include the sampling of completed/ existing safety  Yes
risk assessments?  No
[4.5.4]  Partial

4 Does the SMS audit plan include the sampling of safety performance  Yes
indicators for data currency and their target/ alert settings performance?  No
[4.5.4]  Partial

5 Does the SMS audit plan cover the SMS interface with sub-contractors or  Yes
customers where applicable? [4.5.4]  No
 Partial
6 There is a process for SMS audit/ assessment reports to be submitted or  Yes
highlighted for the Accountable Manager‘s attention where appropriate.  No
[4.5.4]  Partial
Component 4 — SAFETY PROMOTION
Element 4.1 — Training and education

1 Is there a program to provide SMS training/ familiarization to personnel  Yes

involved in the implementation or operation of the SMS?  No
[4.3.11; 4.5.4]  Partial
2 Has the Accountable Executive undergone appropriate SMS familiarisation,  Yes
briefing or training?  No
[4.3.11; 4.5.4]  Partial
3 Are personnel involved in conducting risk mitigation provided with  Yes
appropriate risk management training or familiarisation?  No
[4.3.11; 4.5.4]  Partial
4 Is there evidence of organization wide SMS education or awareness efforts?  Yes
[4.3.11; 4.5.4]  No
 Partial
Element 4.2 — Safety communication

1 Does the organization participate in safety information sharing with relevant  Yes
external industry product and service providers or organizations, including  No
the relevant aviation regulatory organizations? [4.3.12; 4.5.4]  Partial

2 There is evidence of a Safety (SMS) publication, circular or channel for  Yes

communicating Safety (SMS) matters to employees.  No
[4.3.12; 4.5.4]  Partial

6
No. Aspect to be analysed or question to be answered Answer Status of implementation

3 Are the organization‘s SMS manual and related guidance materials  Yes
accessible or disseminated to all relevant personnel?  No
[4.3.12; 4.5.4]  Partial

2 Detailed SMS Gap Analysis & Implementation Tasks (Table 2)

The above Table 1 initial gap analysis checklist will now need to be followed up by a detailed ―Required Tasks/
Actions‖ plan such as per Table 2 example below. This Table 2 will provide follow up analysis on details of the gaps and
translating these into actual required tasks and sub-tasks in the specific context of the organization‘s processes and
procedures. Each Task is accordingly assigned to appropriate individuals or groups for action. It is important that
correlation of individual element/ task development to their descriptive placeholders in the SMS Document be provided
for in this Table 2. This will trigger progressive updating of the draft SMS Document even as each element is being
enhanced or implemented. (Initial element write-ups in SMS documents tend to be anticipatory rather than declaratory).

3 Actions/ Tasks Implementation Schedule (Table 3)

Table 3 may be a separate consolidation of all outstanding Actions/ Tasks or if preferred, be a continuation of Table 2 in
the form of a spread sheet. This Table will show the milestones (Start-End dates) as scheduled for each Task/ Action.
For a Phased implementation approach, these Tasks/Actions would need to be sorted according to its related element‘s
Phase allocation. Refer to Phased Approach Section of this chapter for the phased prioritization of SMS elements as
appropriate. Where it is anticipated that the actual number of Tasks/ Actions and their milestones are sufficiently
voluminous and complex as to require utilising a project management software to management them, this may be done
by using such as MS project/ Gantt chart as appropriate. Table 4 is an illustration of such a Gantt chart.