Risk-Based IOSA: A Quick Update
Knowledge / August 14, 2024
The New Risk-Based Approach
The International Air Transport Association (IATA) is transitioning its Operational Safety Audit (IOSA) program to a new Risk-Based IOSA model (RBI – risk-based IOSA). This shift aims to improve the audit process through reduced but more focused audit scope, remote documentation review, and shorter on-site audits. The new risk-based IOSA audit approach also introduces a maturity assessment to evaluate the effectiveness of an airline’s safety management systems (SMS).
Updates from IATA
In a Q&A on risk-based IOSA held in April, IATA shared some additional information gathered from the first audits conducted with the new methodology so far:
- Baseline Conformity with ISM: Operators are expected to maintain a baseline level of compliance across all ISARPS. However, the specific scope of the RBI audit is defined by IATA before each audit based on the airline’s specific risk profile. Emerging safety concerns that universally affect the industry will also be considered. All new IOSA-registrants will be evaluated according to the traditional methodology, to establish a baseline before undergoing an RBI.
- Increased Mandatory Observations: While the way how mandatory observations are being performed stays the same, their number will be increased with a focus on safety critical areas. The typical onsite audit duration has been reduced from 25 to 20 auditor days (except for initial IOSA registration audits).Furthermore, a process based audit approach is introduced with the RBI concept, this will also require different skills of internal auditors.
- Maturity Assessment Criteria: RBI will assess how well an airline manages safety. The information obtained from risk-based audits will enable the airline to continously improve its safety- and quality management performance. While specific IATA maturity criteria are still under development, ICAO Doc 9859 already provides valuable details on Safety Management Systems (SMS), which is a key focus area in the maturity assessment. According to IATA, the current maturity criteria will be shared with airlines scheduled for a RBI Audit in 2024, with plans to extend this access to all IOSA operators at the latest with the publication of ISM 17 Revision 1.
How iQSMS Can Support You:
- Up-to-date Regulations Database: We will continue to provide the latest and most relevant information on ISARPS through our Regulations Database. Access to the latest ISM for your internal preparation audits in iQSMS is ensured for IOSA operators.
- Perfect IOSA Preparation Partner: With its remote-audit capabilities, the iQSMS Quality Module serves as your comprehensive tool to prepare for IOSA audits effectively. With the included risk assessment for findings, safety-critical areas can be identified and efficient mitigation actions can be traceable defined.
- ASQS Is Your Trusted IOSA Partner: We are committed to assisting you throughout the IOSA audit process. Get in touch with us and explore how iQSMS can support you in handling your audits.
For more details, we recommend the following resources directly from IATA: