Saturday, February 11, 2017

Safety Burnout

About 4 years ago, the first blog in this post was written and published. Since then safety never got bored, or bunt-out, but became more exiting to work with as time went on. The first story was about the Safety Management System and how aviation has evolved from the “trial and error” method to proactive and no longer accepting that accidents happens. There was never an acceptance of accidents, but the aviation industry did not make necessary changes until it was too late and a catastrophic event had happened. Over the last decade or so, SMS in aviation has been accepted as the New Generation of Aviation Safety. It is widely accepted that there is no profit in operating without documentation of established safety processes.

Safety has become a task to check the job completed box.
There is still an ongoing debate of what SMS actually is with multiple and inconsistent answers given. SMS is simple in concept, but often buried in bureaucratic paperwork and presented to the aviation industry as a system that nobody can understand, except to be able to fill in the check-boxes and comply with opinions.

SMS is about job-performance and a confidence level of how safe the outcomes are of tasks completed. Some believe that it is possible to have a process for everything within an SMS system and a 100% confidence level that they are operating safe, but it isn’t. An organization without an SMS implemented my live by this myth since it is their justification based on opinion and not data.

SMS is a businesslike approach to safety and an additional layer of safety of what the aviation industry already had in place. An effective SMS system parallels the operations. In the pre-SMS days, an operator would call up a friend and ask how they would do certain things and how it works. For other issues, they would call up other friends and get information of the best and safest way to operate. This was not a businesslike approach, but a fly-by-the-seat-of-your-pants approach. Corrective actions were not initiated until the airplane took an unexpected turn.

The fly-by-the-seat-of-your-pants system, which is a follow-me-system, and a Safety Management System which is leadership system are two different system approaches and incompatible systems. However, there are some who insists that these two systems are merged by applying follow-me opinions as requirements and demanding compliance with the leadership and accountability system. With this attempt to merge two incompatible systems, applying failures to each opinion that are not met and continuing to make attempts to merge after the first one failed leads to safety burnout. There are two indicators of safety burnout, or being on a slippery-slope to safety burnout, which are the “check-box” syndrome and the “opinion-syndrome”.

Expectations and process on collision course.
As a businesslike approach to safety SMS becomes simple and enjoyable as safety goals are reached and continuous safety improvements achieved. Without allowing for an SMS to function the task to manage safety is to look backwards and dwell on failures when at the same time attempting to move forward with corrections. It is more convenient for regulators to see SMS in a backwards view, rather than allowing time for SMS to move forward. Without the business knowledge of applying a business-like approach to safety, but demanding immediate return on investment, SMS is viewed as to be in non-compliance. When an SMS is found in an opinion-non-compliance the most convenient process to change is to change the process for compliance with opinions. The regulators are admitting this themselves by referencing to SMS expectations for non-compliance findings, since expectations are nothing else but opinions.  

When these two opposing forces of a follow-me system and leadership system are colliding, it is creating a dysfunctional operating environment identified by SMS. As often, the messenger is being blamed and findings are given to the SMS system, when it should be given to the opinion that changed the performance of operations. When an SMS functions as it was indented, there will never be burn-outs, since there will always be another and new safety challenge to take on and move forward with excitement. Safety burnout is the result of check-box and opinion-based SMS compliance.


Saturday, January 28, 2017

How Does One Know If An Organization Is Applying The Non-Punitive Policy

That an organization has a non-punitive policy is an organizational and senior management statement
of accountability and a commitment of support for improved job-performance. In many
With the stroke of a pen the reactions to future events are set.
organizations, personnel job-performance has reached its limits with little, or no room for improvements, until there are unexpected and major quality flaws or improper customer services discovered. Sometime these events are named “mistakes” which initiate the process of learning-stagnation and there is no further action to learn from this “mistake”. Applying the non-punitive reporting policy is a policy to learn from mistakes and train for improvements.

A safety management system should include any requirements for an effective and continuous improvement of the SMS system. A non-punitive policy is a system-design regiment to be included as any additional requirements for the safety management system. This requirement is not a specific non-punitive policy design requirement, but it becomes an operational performance criteria for the SMS to function effectively.  When assessing the performance of an SMS, there is a requirement to apply a policy for the internal reporting of hazards, incidents and accidents, including the conditions under which immunity from disciplinary action will be granted. Immunity is for a person to be protected, or exempted from something, especially an obligation or penalty.

Data is formatted to comprehensive information.
This requirement to include a policy where there is immunity from disciplinary actions is applicable to the organization itself, or to the senior management team and is not applicable to employees of the organization. However, the non-punitive policy the organization develops becomes applicable to their employees in just-culture environment as an occurrence reporting tool, and applicable to the management to ensure this policy is applied as intended.   

There  are several tools available to analyze operational data either to confirm that the policy is applied as intended or to discredit opinions of an effective policy. One of these tools is to analyze identified training and training records for the person who submitted a report. After the airport, or airline received the report they applied their non-punitive policy to the contributor's behavior. An organization may have a check-box marked on the paper-format report form, or in electronic format that the non-punitive policy was applied, but these check-box tasks does not qualify as data to confirm, or discredit that the policy is applied. Check boxes are not direct-data, but indirect-data as triggers for further actions. The confirmation of applying the non-punitive policy is found in the training records.        


Saturday, January 14, 2017

Understanding the Non-Punitive Policy

A non-punitive policy is not a “get-out-of jail free card”, but a policy for continuous, or continual safety improvements within an SMS system. When a non-punitive policy is understood within an
Writing a non-punitive policy is a skill of quality assurance.
organization all personnel have an opportunity to raise safety concerns and report hazards as their contribution to safety improvement. When hazards are not identified, they are latent and unknown risk factors with a potential to cause an incident or accident. In organizations where there is no training provided for understanding the non-punitive policy, the doors are left wide open to apply the policy to any non-job performance activities. When a non-punitive policy is applied as a “get-out-of-jail” free card it could be applied to report excuses for inferior job performance rather than reporting specific to the hazard, or incident itself.

Applying a non-punitive policy as a safety-excuse tool is when contributors reports on themselves to avoid being questioned about their job-performance. This type of report may take form in of projecting a less desired outcome to a mistake with the assumption that others in the organization have had similar thoughts and experiences as oneself and therefore accept the report without further investigation. Where mistakes are widely accepted in an organization to be non-punitive policy applicable, the door to learning is forever closed.

In organizations where the door to learning is closed, another door opens wide to report on others of their job-performance mistakes. These types of reports may take form of projecting a less desired job quality onto safety. Since learning already is inhibited by organizational acceptance of mistakes the safety-card becomes the “straight-flush” to generate a hazardous working environment.

When these types of reports are accepted as a replacement for learning the organization is undermining the concept of learning and the promotion of continuous, or continual safety improvements.

Understanding the message of a non-punitive policy is a learning process.
Contributors of hazard reports may expect that hazards reported are eliminated immediately even if the hazard reported is a low impact hazard. This expectation comes from the fact that a hazard stated is assumed to have a safety impact and that someone else has an obligation eliminate the hazard immediately. That someone has an opinion of a hazard being a safety concern does not automatically make this hazard a safety risk. It takes an analytic process to identify the risk factor of a hazard including collection of more data. An identified hazard accompanied by an opinion of being a safety risk, is only an opinion of a hazard. An identified hazard does not automatically become a risk, even if accompanied by that opinion.

When the non-punitive policy is understood in an organization and applied within a Just Culture, opportunities of options becomes available to improve safety. The key to success of a non-punitive policy is to build a bridge between an organizational culture where learning is promoted and mistakes are accepted as a learning tool but not accepted as an excuse. This bridge is called the bridge of accountability.

These options to improve safety are available since learning is acceptable, reporting has become fact-finding mission and the organization is prepared to learn from the expert. The experts being someone who just learned the hard way by making an error in job performance. Understanding the non-punitive policy is to feel the contribution of productivity when performing job-tasked responsibilities of high quality. A non-punitive policy can only be understood in an environment where “the boss” accepts to hear “bad news”.


Saturday, December 31, 2016

New Year Resolution: Non-Punitive Actions

New year is the time of the year when most of us make promises to ourselves to live a different lifestyle or take on challenges that have been out of reach before. These promises are often made in the spur of the moment and without consequences if not kept. Often, when a new-year resolution is made, it becomes a game to see if anyone can make it last past the first month of the year.

Illegal activity of the SMS.
This year a new-year’s resolution could be to implement a non-punitive policy in the organization. When a safety management system in aviation is required by the regulations a non-punitive policy must be in place to conform to regulatory requirements. This policy is written and implemented, but there are several options to find an “out” when there are issues that goes against operational practices. Unless there is a total commitment to safety in aviation, where information and data is critical to improve safety, the expectations for a non-punitive policy is that it is not applicable to: illegal activity, negligence or willful misconduct. These conditions make fully sense not to include as a “get out of jail free” card to personnel. However, when organizations are unable to pre-qualify and define what actions are included in illegal activity, negligence or willful misconduct, decisions are made in the spur of the moment and after the fact.

Illegal activity must be pre-defined in a job description, or for a job performance evaluation and based of decisions made by the courts. Illegal activity cannot be applied as punishment by a private individual, or an organization, to any person for a job description violation, or lack of job performance. When integrating illegal activity into SMS the management has an obligation to determine if there was an act of illegal activity to any and all incidents or accidents.
Negligence becomes a challenge to defined in a job-description or apply to a job-performance evaluation since this would involve the organization’s effectiveness of training. When an error, mistake, on unplanned event happen to someone the organization has an obligation to determine if the action must be classified as negligence. For a safety management system to identify negligence data must be collected, analyzed and investigated. Within the SMS system there are no regulatory requirement, or standard to assess, or audit a job performance against negligence as this also would jeopardize the just-culture of the SMS system.

Willful misconduct is a human behavior action and the violation is enforceable by a regulation, standard or policy. An organization that includes willful misconduct in their job description, or as a standard for an on-the-job evaluation, have an obligation to assume that every incident, or
Without data, it’s just some person’s opinion.
accident are the result of willful misconduct. When willful misconduct is applied in the SMS investigation processes the organization has developed a culture where job-performance reviews are elevated to a level beyond a functional SMS.

The Safety Management System is a system that can only operate within a just-culture, or a culture where learning is accepted and encouraged. When applying illegal activity, negligence or willful misconduct opportunities for learning are eliminated since these activities are only intended as enforceable policies. When applying these criteria, an organization is moving outside the scope of operational activities and job-performance standards. In addition, these policies are contradictory to a functional Safety Management System and an operational safety culture within a just-culture. Illegal activity, negligence or willful misconduct are the new-year resolutions of aviation safety.


Friday, December 16, 2016

Santa's UAV Deliveries

Santa Claus is manufacturing gifts and presents like never before, with production going exceptionally well. A new toy is the “magic rock” toy, which has the ability to project someone’s thoughts to the rock for viewing. Santa ran into production issues when the supply of rock at the North Pole was running out, but after months and weeks of production Santa finally completed these super-orders and is set for deliveries all over the world.

Santa’s improvement of effectiveness.
This year Santa had improved the SMS, or the Streamlined Mission Service, to include continuous improvement. During the pre-production period Santa did much research of industry standards for deliveries, but since Santa is the only supplier of this specialty delivery service, industry standards were not available. Over the years of deliveries Santa often crashed on roof-tops and damaged the equipment. These crash-variable were not only expenses which reduced profit, but also causing lack of customer service when presents were not delivered on time, or in good working order. In the old days, before technology and fragile freight handling, a crash or two on a roof top did not totally destroy, or damage the gifts and often the snow would cushion the impact. However, with the change in the gift market to almost all electronic gifts, the impact of service had changed. Santa reviewed the Santa Production’s SMS policy annually for applicability to operations, but some changes were not major, or immediate detectable. When reviewing the Safety Policy this year Santa Claus discovered a trend of incident reports and the affect it had on customer service and delivery reliability.

This year Santa had made an improvement to the delivery process by using the UAV, (Universal Autonomous Vessel), or drone. This improved process includes no-landing deliveries and is expected to improve customer service and delivery reliability. As a test-run, Santa loaded up the sleigh with samples and UAV. The size of the UAV fits in the Santa Sleigh by replacing the helpers. Santa completed the test-run and found this new process to be effective above and beyond expectations, but with two hazards. One was that the reindeer would not get rested since the UAV are launched on-the-fly. The other residual hazard was that by doing UAV deliveries, Santa’s long time personal contact with home-owners, home-decorations and getting stuck by climbing down the chimneys was identified as a hazard to customer service with a high probability that customers would be unsatisfied and search for other delivery options.

Santa’s deliveries are tailored to individual homes.
Santa had improved the delivery processes, but was not sure if the success story of this business over of Santa’s deliveries was the gift that people received, or if it was the many centuries visit from Santa that was behind the success. Santa had to implement a safety risk control, since there was a probability that the UAV’s effectiveness could ruin the business. Santa needed to monitor processes and collect data of customer satisfaction. As a safety risk control and data collection, Santa included a mini magic-rock that automatically sends back to Santa a customers’ satisfaction survey of delivery method and the impact that had on the appreciation of the gifts. Santa needed to know if it was his short visit to the families that made Christmas wonderful, or if it was receiving the presents.  Santa’s timeline for evaluation was established and for a review the success of this year’s service package prior to the Elves’ Delivery Review in May of 2017.


Saturday, December 3, 2016

Non-Punitive Reporting of Hazards, Incidents Or Accidents

Variables are the forks in the road and A simple non-punitive reporting policy is the road to success.
A non-punitive policy under an SMS program is a policy for the internal reporting of hazards, incidents or accidents, including the conditions under which immunity from disciplinary action will be granted. The intent of the policy is for organizations to receive data from personnel and then analyse how organizational processes are functioning, or why they are not being as safe as first
A simple non-punitive reporting policy.
assumed. Within an SMS organization, the outcome of processes is not totally dependant on inputs, but also on human factors variables. The concept in process management that outcome is dependant on what is put into the process is based on standard inputs without variation. Within an SMS environment the variables are human factors, where the same input to a process may yield a different outcome with different personnel involved. If the outputs of SMS processes did not vary the variables of human factors, a non-punitive policy would be redundant and ineffective.

Since the beginning of aviation, airports and airlines, have been audited, inspected and assessed for compliance. One year the audit result was found to be in compliance, while the next year the same systems were found not to be in compliance. Often, there were changes to audit and inspection results when an organization hired new personnel to do audits and inspections. This does not imply that one was more correct than the other, but that the variables of human factors made a change in outcome with the same process. In a real world, human factors variations spread out like a dropped bag of marbles.

Human factors variations could be controlled by enforcement. When applying this concept, variations are not managed, or considered, they are only enforced. Some industries are heavily into enforcing technical standards. When enforcing an outcome, the enforcement is of the outcome, or process result itself, and not of the processes which lead up to the result. This is an effective tool for selective non-compliance discovery, but an extreme ineffective and resource demanding tool for an unbiased process compliance discovery. In addition, for fully compliance with this enforcement process, the technical enforcement process itself must also self be enforced, which is a concept causing an indefinite level of layers of enforcement. However, when applying a non-punitive policy of process compliance, the resource demand is drastically reduced, compliance increased and higher profit generated.

Variables are the forks in the road.
Safety Management System in aviation has recognized that human factors exist and that identifying these variables will increase safety margins of processes with the result of a more effective and streamlined organization. With a non-punitive policy in place, the odds of receiving data of critical importance to safety are increasingly in favor of the airports, or airlines. A non-punitive policy does not imply that in times prior to SMS, personnel received punitive punishment for internal reporting of a hazard, an incident or an accident. The non-punitive policy is a defined link within an SMS system for the system be compliance with organizational polices, that it is documented, approved, accountable and applied to operational processes.


Saturday, November 19, 2016

Implement Safety Policy At All Levels

In some countries drivers are expected to drive on the right side of the road, while other places the expectation is to drive on the left side. At times a country may change this practice and change from driving on one side of the road over to the other side. Several years ago when one country changed from driving on the left side to the right side it was said that for a smooth transition they would first begin with trucks and busses to drive on the right side, and a month later cars would change over to right hand side driving.

The safety policy belongs in all branches.
Human nature is to ease into changes to slow down the reaction of emotional impact of changes, rather than make a determination to change and move beyond emotions. Stories says that some, when starting a new job, must ease into the job by only working a few hours a day. And most of us do not appreciate the emotions of the sudden change of ice-cold water, and is very hesitant to just jump in without first ease into it first.

A Safety Management System (SMS) Safety Policy is still in a developing stage and new to most aviation service suppliers. Safety may have been implemented in several of the exploration and mining industries, but in aviation safety became the hit-and-miss approach. The fact that the majority of airlines operate without major accidents does not support that there are streamlined and effective safety operational processes in place. What this data of few accidents tells us is that there were few accidents. The data don’t tell any stories of how effective operational safety processes are.

A safety policy keeps the tracks lined up at all levels.
The effectiveness of safety processes begins with the Safety Policy and have no ending, but continues on with human factors. A Safety Policy is only applicable to an organization when implemented at all levels. There are positions in any organization, aviation industry included, which at first sight does not appear to be a part of safety. However, these positions will always be a part of the second phase of implementing driving on left-hand-side to right-hand-side. Or, in other words, when the Safety Policy is not implemented at all levels in the organization, these positions become a hazard to aviation safety.

The top management is an SMS organization is the Accountable Executive (AE). Should an aviation organization not make the Safety Policy applicable to the AE, the organization does not have a Safety Management System in place, no matter what processes are implemented. At the opposite end, unless lower level personnel are included in the Safety Policy there is no SMS in place. A safety polity that is selectively implemented is not a valid policy and if not applicable to all, it’s applicable to none.

Safety in aviation must be viewed from a customer’s point of view and what safety risk the customer is willing to accept. All travelling customers only accept Zero Tolerance to Compromise Aviation Safety, which begins with the Safety Policy and have no ending, but continues on with human factors.