The document is a module from an ICAO SMS course that discusses basic safety concepts. It covers the evolution of safety thinking from technical to human to organizational factors. It introduces James Reason's model of accident causation and the concept of latent failures within organizations. It also discusses models for understanding the relationship between humans and their operational environment, including Reason's SHEL model. The module emphasizes that errors are inevitable in complex systems and must be managed through strategies like error reduction, capturing, and tolerance. It stresses the importance of a just culture with effective safety reporting for continuous learning and improvement.
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODELIJCSEIT Journal
Success of any software system largely looms upon its vigilance efficiency that prompts organizations to
meet the set of objectives in the arena of networks. In the highly competitive world, everything appears to
be vulnerable; information system is also not an exception to this fact. The security of information system
has become a cause of great concern. On the contrary, till time the software security engineers are trying
hard to develop fully protected and highly secured information systems but all these developments are at
nascent stages. It is quite revelling that in the earlier research studies, little attention is paid to highlight an
accurate status of the security alertness for developed software. Hence, keeping all these factors at the
backdrop, this paper is an attempt to propose a holistic Security Maturity Model (SMM), in which five
levels/stars have been developed, driven on the strength of the security vigilance occurring at the various
stages for any software. SMM is in its conceptual stage; the detailed steps will certainly require time to be
developed so that every software system can reap out the benefits of this model. To categorize/discriminate
the level of potency, SMM will be highlighted through appropriate ranking/star system. It is hoped that if
SMM will be followed in its true letter and sprit; undoubtedly, this will restore the clients’ trust and
confidence on the software as well as their corresponding vendors. Moreover, this will also enable software
industry to follow transparent and ethical practices.
SECURITY VIGILANCE SYSTEM THROUGH LEVEL DRIVEN SECURITY MATURITY MODELIJCSEIT Journal
Success of any software system largely looms upon its vigilance efficiency that prompts organizations to
meet the set of objectives in the arena of networks. In the highly competitive world, everything appears to
be vulnerable; information system is also not an exception to this fact. The security of information system
has become a cause of great concern. On the contrary, till time the software security engineers are trying
hard to develop fully protected and highly secured information systems but all these developments are at
nascent stages. It is quite revelling that in the earlier research studies, little attention is paid to highlight an
accurate status of the security alertness for developed software. Hence, keeping all these factors at the
backdrop, this paper is an attempt to propose a holistic Security Maturity Model (SMM), in which five
levels/stars have been developed, driven on the strength of the security vigilance occurring at the various
stages for any software. SMM is in its conceptual stage; the detailed steps will certainly require time to be
developed so that every software system can reap out the benefits of this model. To categorize/discriminate
the level of potency, SMM will be highlighted through appropriate ranking/star system. It is hoped that if
SMM will be followed in its true letter and sprit; undoubtedly, this will restore the clients’ trust and
confidence on the software as well as their corresponding vendors. Moreover, this will also enable software
industry to follow transparent and ethical practices.
Introduction to Functional Safety and SIL CertificationISA Boston Section
This overview session will acquaint attendees with the key concepts in the IEC 61508 standard for functional safety of electrical/electronic and programmable electronic systems. An introduction is provided to safety integrity levels (SIL), the safety lifecycle and the requirements needed to achieve a functional safety certificate. Information will be provided on documentation requirements and an introduction to the basic objectives of product design for functional safety.
Multi-vocal Review of security orchestrationChadni Islam
Organizations use diverse types of security solutions to prevent cyber-attacks. Multiple vendors provide security solutions developed using heterogeneous technologies and paradigms. Hence, it is a challenging rather impossible to easily make security solutions to work an integrated fashion. Security orchestration aims at smoothly integrating multivendor security tools that can effectively and efficiently interoperate to support security staff of a Security Operation Centre (SOC). Given the increasing role and importance of security orchestration, there has been an increasing amount of literature on different aspects of security orchestration solutions. However, there has been no effort to systematically review and analyze the reported solutions. We report a Multivocal Literature Review that has systematically selected and reviewed both academic and grey (blogs, web pages, white papers) literature on different aspects of security orchestration published from January 2007 until July 2017. The review has enabled us to provide a working definition of security orchestration and classify the main functionalities of security orchestration into three main areas – unification, orchestration, and automation. We have also identified the core components of a security orchestration platform and categorized the drivers of security orchestration based on technical and socio-technical aspects. We also provide a taxonomy of security orchestration based on the execution environment, automation strategy, deployment type, mode of task, and resource type. This review has helped us to reveal several areas of further research and development in security orchestration.
This talk will attempt to illustrate the close link between both safety and security, as well as the reasons they should remain distinct and separated efforts; the speakers will discuss case studies that relate to security incidents with safety impact, discuss practices that may be adopted in this space, before opening a discussion on the means for maintaining effective security and safety programs that neither overlap, nor underlap each other. The talk is aimed at those with an interest in Operational Technology security; whilst it will be open to a range of knowledge and abilities, the emphasis is towards the simple, basic concepts that are often found wanting in relation to cyber-attacks in the industry.
Depending on the nature of the task, the level of safety management training required will vary from general safety familiarization to expert level for safety specialists, for example:
a) Corporate safety training for all staff,
b) Training aimed at management’s safety responsibilities,
c) Training for operational personnel (such as pilots, maintenance engineers, dispatchers / FOO’s and personnel with apron or ramp duties), and
d) Training for aviation safety specialists (such as the Safety Management System and Flight Data Analysts).
The scope of SMS training must be appropriate to each individual’s roles and responsibilities within the operation. Training should follow a building-block approach. As part of the ICAO requirements, an operator must provide training to its operational personnel (including cabin crew), managers and supervisors, senior managers, and the accountable executive for the SMS.
Training should address the specific role that cabin crew members play in the operation. This includes, but is not limited to training with regards to:
a) Unit 1 SMS fundamentals and overview of the operator’s SMS;
b) Unit 2 Safety policy;
c) Unit 3 Hazard identification and reporting; and
d) Unit 4 Safety Communication.
e) Unit 5 Review of Company Safety Management
f) Unit 6 Review of Safety Reporting
The base content comes from many sources but all aligned to the ICAO syllabus requirements, and created for an international operational airline.
If you are a startup airline, or looking to align courses with your specific operational standards, please take a look and check out
pghclearningsolutions@gmail.com leave a message and I will contact you where we can discuss your requirements, send you examples and if required, download my editable masters which you can customize to meet your own specific operational training requirements.
future internetArticleERMOCTAVE A Risk Management FraDustiBuckner14
future internet
Article
ERMOCTAVE: A Risk Management Framework for IT
Systems Which Adopt Cloud Computing
Masky Mackita 1, Soo-Young Shin 2 and Tae-Young Choe 3,*
1 ING Bank, B-1040 Brussels, Belgium; [email protected]
2 Department of IT Convergence Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea;
[email protected]
3 Department of Computer Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea
* Correspondence: [email protected]; Tel.: +82-54-478-7526
Received: 22 June 2019; Accepted: 3 September 2019; Published: 10 September 2019
����������
�������
Abstract: Many companies are adapting cloud computing technology because moving to the cloud
has an array of benefits. During decision-making, having processed for adopting cloud computing,
the importance of risk management is progressively recognized. However, traditional risk management
methods cannot be applied directly to cloud computing when data are transmitted and processed by
external providers. When they are directly applied, risk management processes can fail by ignoring
the distributed nature of cloud computing and leaving numerous risks unidentified. In order to fix
this backdrop, this paper introduces a new risk management method, Enterprise Risk Management
for Operationally Critical Threat, Asset, and Vulnerability Evaluation (ERMOCTAVE), which combines
Enterprise Risk Management and Operationally Critical Threat, Asset, and Vulnerability Evaluation for
mitigating risks that can arise with cloud computing. ERMOCTAVE is composed of two risk management
methods by combining each component with another processes for comprehensive perception of risks.
In order to explain ERMOCTAVE in detail, a case study scenario is presented where an Internet seller
migrates some modules to Microsoft Azure cloud. The functionality comparison with ENISA and
Microsoft cloud risk assessment shows that ERMOCTAVE has additional features, such as key objectives
and strategies, critical assets, and risk measurement criteria.
Keywords: risk management; ERM; OCTAVE; cloud computing; Microsoft Azure
1. Introduction
Cloud computing is a technology that uses virtualized resources to deliver IT services through the
Internet. It can also be defined as a model that allows network access to a pool of computing resources
such as servers, applications, storage, and services, which can be quickly offered by service providers [1].
One of properties of the cloud is its distributed nature [2]. Data in the cloud environments had become
gradually distributed, moving from a centralized model to a distributed model. That distributed nature
causes cloud computing actors to face problems like loss of data control, difficulties to demonstrate
compliance, and additional legal risks as data migration from one legal jurisdiction to another. An example
is Salesforce.com, which suffered a huge outage, locking more than 900,000 subscribers out of important
resources needed for business trans ...
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Introduction to Functional Safety and SIL CertificationISA Boston Section
This overview session will acquaint attendees with the key concepts in the IEC 61508 standard for functional safety of electrical/electronic and programmable electronic systems. An introduction is provided to safety integrity levels (SIL), the safety lifecycle and the requirements needed to achieve a functional safety certificate. Information will be provided on documentation requirements and an introduction to the basic objectives of product design for functional safety.
Multi-vocal Review of security orchestrationChadni Islam
Organizations use diverse types of security solutions to prevent cyber-attacks. Multiple vendors provide security solutions developed using heterogeneous technologies and paradigms. Hence, it is a challenging rather impossible to easily make security solutions to work an integrated fashion. Security orchestration aims at smoothly integrating multivendor security tools that can effectively and efficiently interoperate to support security staff of a Security Operation Centre (SOC). Given the increasing role and importance of security orchestration, there has been an increasing amount of literature on different aspects of security orchestration solutions. However, there has been no effort to systematically review and analyze the reported solutions. We report a Multivocal Literature Review that has systematically selected and reviewed both academic and grey (blogs, web pages, white papers) literature on different aspects of security orchestration published from January 2007 until July 2017. The review has enabled us to provide a working definition of security orchestration and classify the main functionalities of security orchestration into three main areas – unification, orchestration, and automation. We have also identified the core components of a security orchestration platform and categorized the drivers of security orchestration based on technical and socio-technical aspects. We also provide a taxonomy of security orchestration based on the execution environment, automation strategy, deployment type, mode of task, and resource type. This review has helped us to reveal several areas of further research and development in security orchestration.
This talk will attempt to illustrate the close link between both safety and security, as well as the reasons they should remain distinct and separated efforts; the speakers will discuss case studies that relate to security incidents with safety impact, discuss practices that may be adopted in this space, before opening a discussion on the means for maintaining effective security and safety programs that neither overlap, nor underlap each other. The talk is aimed at those with an interest in Operational Technology security; whilst it will be open to a range of knowledge and abilities, the emphasis is towards the simple, basic concepts that are often found wanting in relation to cyber-attacks in the industry.
Depending on the nature of the task, the level of safety management training required will vary from general safety familiarization to expert level for safety specialists, for example:
a) Corporate safety training for all staff,
b) Training aimed at management’s safety responsibilities,
c) Training for operational personnel (such as pilots, maintenance engineers, dispatchers / FOO’s and personnel with apron or ramp duties), and
d) Training for aviation safety specialists (such as the Safety Management System and Flight Data Analysts).
The scope of SMS training must be appropriate to each individual’s roles and responsibilities within the operation. Training should follow a building-block approach. As part of the ICAO requirements, an operator must provide training to its operational personnel (including cabin crew), managers and supervisors, senior managers, and the accountable executive for the SMS.
Training should address the specific role that cabin crew members play in the operation. This includes, but is not limited to training with regards to:
a) Unit 1 SMS fundamentals and overview of the operator’s SMS;
b) Unit 2 Safety policy;
c) Unit 3 Hazard identification and reporting; and
d) Unit 4 Safety Communication.
e) Unit 5 Review of Company Safety Management
f) Unit 6 Review of Safety Reporting
The base content comes from many sources but all aligned to the ICAO syllabus requirements, and created for an international operational airline.
If you are a startup airline, or looking to align courses with your specific operational standards, please take a look and check out
pghclearningsolutions@gmail.com leave a message and I will contact you where we can discuss your requirements, send you examples and if required, download my editable masters which you can customize to meet your own specific operational training requirements.
future internetArticleERMOCTAVE A Risk Management FraDustiBuckner14
future internet
Article
ERMOCTAVE: A Risk Management Framework for IT
Systems Which Adopt Cloud Computing
Masky Mackita 1, Soo-Young Shin 2 and Tae-Young Choe 3,*
1 ING Bank, B-1040 Brussels, Belgium; [email protected]
2 Department of IT Convergence Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea;
[email protected]
3 Department of Computer Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea
* Correspondence: [email protected]; Tel.: +82-54-478-7526
Received: 22 June 2019; Accepted: 3 September 2019; Published: 10 September 2019
����������
�������
Abstract: Many companies are adapting cloud computing technology because moving to the cloud
has an array of benefits. During decision-making, having processed for adopting cloud computing,
the importance of risk management is progressively recognized. However, traditional risk management
methods cannot be applied directly to cloud computing when data are transmitted and processed by
external providers. When they are directly applied, risk management processes can fail by ignoring
the distributed nature of cloud computing and leaving numerous risks unidentified. In order to fix
this backdrop, this paper introduces a new risk management method, Enterprise Risk Management
for Operationally Critical Threat, Asset, and Vulnerability Evaluation (ERMOCTAVE), which combines
Enterprise Risk Management and Operationally Critical Threat, Asset, and Vulnerability Evaluation for
mitigating risks that can arise with cloud computing. ERMOCTAVE is composed of two risk management
methods by combining each component with another processes for comprehensive perception of risks.
In order to explain ERMOCTAVE in detail, a case study scenario is presented where an Internet seller
migrates some modules to Microsoft Azure cloud. The functionality comparison with ENISA and
Microsoft cloud risk assessment shows that ERMOCTAVE has additional features, such as key objectives
and strategies, critical assets, and risk measurement criteria.
Keywords: risk management; ERM; OCTAVE; cloud computing; Microsoft Azure
1. Introduction
Cloud computing is a technology that uses virtualized resources to deliver IT services through the
Internet. It can also be defined as a model that allows network access to a pool of computing resources
such as servers, applications, storage, and services, which can be quickly offered by service providers [1].
One of properties of the cloud is its distributed nature [2]. Data in the cloud environments had become
gradually distributed, moving from a centralized model to a distributed model. That distributed nature
causes cloud computing actors to face problems like loss of data control, difficulties to demonstrate
compliance, and additional legal risks as data migration from one legal jurisdiction to another. An example
is Salesforce.com, which suffered a huge outage, locking more than 900,000 subscribers out of important
resources needed for business trans ...
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
2. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Building an SMS
Module 1
SMS course
introduction
Module 2
Basic safety
concepts
Module 3
Introduction
to safety
management
Module 4
Hazards
Module 5
Risks
Module 6
SMS regulation
Module 7
Introduction to SMS
Module 8
SMS planning
Module 9
SMS operation
Module 10
Phased approach to
SSP and SMS
Implementation
Safety
Management
System
Module 2
Basic safety
concepts
3. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Objective
At the end of this module, participants will be able to explain
the strengths and weaknesses of traditional methods to
manage safety, and describe new perspectives and
methods for managing safety
4. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Outline
Concept of safety
The evolution of safety thinking
A concept of accident causation – Reason model
The organizational accident
People, context and safety – SHEL(L) model
Errors and violations
Safety investigation
Questions and answers
Points to remember
5. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Concept of safety
What is safety?
Zero accidents or serious incidents (a view widely held
by the travelling public)
Freedom from hazards (i.e. those factors which cause
or are likely to cause harm)
Attitudes towards unsafe acts and conditions by
employees of aviation organizations
Error avoidance
Regulatory compliance
… ?
6. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Concept of safety
Consider (the weaknesses in the notion of perfection)
The elimination of accidents (and serious incidents) is
unachievable
Failures will occur, in spite of the most accomplished
prevention efforts
No human activity or human-made system can be
guaranteed to be absolutely free from hazard and
operational errors
Controlled risk and controlled error are acceptable in
an inherently safe system
7. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Concept of safety (Doc 9859)
Safety is the state in which the risk of harm to persons or
property damage is reduced to, and maintained at or below,
an acceptable level through a continuing process of
hazard identification and risk management
8. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Safety
Traditional approach – Preventing accidents
Focus on outcomes (causes)
Unsafe acts by operational personnel
Attach blame/punish for failures to “perform safely”
Address identified safety concern exclusively
Regulatory compliance
Identifies:
WHAT? WHO? WHEN?
WHY? HOW?
But not always discloses:
9. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
TODAY
1950s 2000s
1970s 1990s
The evolution of safety thinking
TECHNICAL FACTORS
HUMAN FACTORS
ORGANIZATIONAL FACTORS
Fuente: James Reason
10. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
A concept of accident causation
Activities over which any organization has a reasonable degree
of direct control
Factors that directly influence the efficiency of people in
aviation workplaces.
Actions or inactions by people (pilots, controllers, maintenance
engineers, aerodrome staff, etc.) that have an immediate
adverse effect.
Resources to protect against the risks that organizations
involved in production activities generate and must control.
Conditions present in the system before the accident, made
evident by triggering factors.
Latent conditions trajectory
11. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Organizational processes
Activities over which any organization has a reasonable degree
of direct control
Policy-making
Planning
Communication
Allocation of resources
Supervision
...
12. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Conditions present in the system before the accident, made evident
by triggering factors.
Inadequate hazard
identification and
risk management
Normalization of
deviance
Organizational processes
Latent
conditions
13. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Resources to protect against the risks that organizations involved
in production activities generate and must control.
Technology
Training
Regulations Defences
Organizational processes
Latent
conditions
14. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Factors that directly influence the efficiency of people in
aviation workplaces.
Workforce stability
Qualifications and
experience
Morale
Credibility
Ergonomics
...
Organizational processes
Workplace
conditions
15. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Actions or inactions by people (pilots, controllers, maintenance
engineers, aerodrome staff, etc.) that have an immediate adverse effect.
Errors
Violations
Organizational processes
Workplace
conditions
Active
failures
16. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The perspective of the organizational accident
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Organizational processes
Latent
conditions
Workplace
conditions
Defences
Active
failures
Improve Identify
Monitor
Contain
Reinforce
17. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
People and safety
Aviation workplaces involve
complex interrelationships
among its many
components
To understand operational
performance, we must
understand how it may be
affected by the
interrelationships among
the various components
of the aviation work places Source: Dedale
18. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
B
A
19. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Processes and outcomes
Causes and
consequences
of operational
errors are not
linear in their
magnitude
Source: Dedale
20. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
The SHEL(L) model
S
H L
E
L
S
H L L
E
S
H L L
E
Software
Hardware
Environment
Liveware
Liveware, other
persons
Understanding the relationship between people and operational
contexts
21. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Operational performance and technology
In production-intensive
industries like contemporary
aviation, technology is
essential
As a result of the massive
introduction of technology,
the operational
consequences of the
interactions between people
and technology are often
overlooked, leading to
human error
22. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Understanding operational errors
Human error is considered
contributing factor in most
aviation occurrences
Even competent personnel
commit errors
Errors must be accepted as
a normal component of any
system where humans and
technology interact
23. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Errors and safety – A non linear relationship
Statistically, millions of
operational errors are made
before a major safety
breakdown occurs
Source: Dedale
24. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Accident investigation – Once in a million flights
Error Deviation Amplification Degradation /
breakdown
25. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Safety management – On almost every flight
Error Normal flight
Deviation Amplification
26. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Three strategies for the control of human error
Error reduction strategies
intervene at the source of
the error by reducing or
eliminating the contributing
factors
Human-centred design
Ergonomic factors
Training
…
27. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Three strategies for the control of human error
Error capturing strategies
intervene once the error
has already been made,
capturing the error before it
generates adverse
consequences
Checklists
Task cards
Flight strips
…
28. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Three strategies for the control of human error
Error tolerance strategies
intervene to increase the
ability of a system to accept
errors without serious
consequence
System redundancies
Structural inspections
…
29. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Understanding violations – Are we ready?
System output Maximum
Minimum
Risk
High
Low
Violation
space
Incident
Accident
System’s
production
objective(s)
Exceptional
violation
space
30. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Safety culture
A trendy notion with potential for misperceptions and
misunderstandings
A construct, an abstraction
It is the consequence of a series of organizational
processes (i.e., an outcome)
Safety culture is not an end in itself, but a means to
achieve an essential safety management prerequisite:
Effective safety reporting
31. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Effective safety reporting – Five basic traits
Information
People are knowledgeable about the human, technical and
organizational factors that determine the safety of the system
as a whole.
Flexibility
People can adapt reporting
when facing unusual
circumstances, shifting from
the established mode to a
direct mode thus allowing
information to quickly reach
the appropriate decision-
making level.
Learning
People have the competence
to draw conclusions from
safety information systems
and the will to implement
major reforms.
Willingness
People are willing to
report their errors and
experiences.
Accountability
People are encouraged (and rewarded) for providing essential
safety-related information. However, there is a clear line that
differentiates between acceptable and unacceptable behaviour.
Effective safety
reporting
32. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Three options
Organizations and the management of information
Pathological – Hide the information
Bureaucratic – Restrain the information
Generative – Value the information
Source: Ron Westrum
33. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Three possible organizational cultures
Hidden
Shouted
Shirked
Discouraged
Covered up
Crushed
Conflicted
organization
Ignored
Tolerated
Boxed
Allowed
Merciful
Problematic
“Red tape”
organization
Sought
Trained
Shared
Rewarded
Scrutinized
Welcomed
Reliable
organization
Pathological Bureaucratic Generative
Information
Messengers
Responsibilities
Reports
Failures
New ideas
Resulting
organization
Source: Ron Westrum
34. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Errors ...
… are like mosquitoes …
35. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
To fight them …
... drain their breeding swamps.
36. Module N° 2 ICAO Safety Management Systems (SMS) Course ‹#›
Points to remember
1. The organizational accident.
2. Operational contexts and human performance
3. Errors and violations.
4. Organizational culture and effective safety reporting.
5. The management of safety information.