Risk Management
Risk Management
Article Information
Category:
Content source:
Content control:
Last modified:
09.Jul.2025
Article UID:
Cite This Page
SKYbrary Aviation Safety. (July 9, 2025). Risk Management.
Retrieved June 4, 2026
from https://skybrary.aero/articles/risk-management
UID: 24023
Copied!
COPY
Definition
Risk management. The identification, analysis and elimination (and/or mitigation to an acceptable or tolerable level) of those hazards, as well as the subsequent risks, that threaten the viability of an organisation.” (ICAO Doc 9859).
Safety risk management (SRM) - A process within the Safety Management System composed of describing the system, identifying the hazards, and analyzing, assessing, and controlling the risk.” (FAA AC No: 120-92B, Safety Management Systems for Aviation Service Providers)
Objective
The objective of Risk Management is to ensure that the risks associated with hazards to flight operations are systematically and formally identified, assessed, and managed within acceptable safety levels.
ICAO Provisions
Several Annexes of the Chicago Convention aim to harmonise and extend the provisions relating to safety management by aircraft operators and aviation service providers. These changes introduce a framework for the implementation and maintenance of a safety management system (SMS) by the operators/service providers. The framework consists of four main components:
- Safety Policy and Objectives
- Safety Risk Management
- Safety Assurance
- Safety Promotion
Consistent with the ICAO provisions, the European Regulation 1035/2011 - Common Requirements for the Provision of Air Navigation Services and EUROCONTROL ESARR 3 identify risk assessment and mitigation as an essential component of the Safety Achievement domain of the SMS. (see further reading)
Description
The complete elimination of risk in aviation operations obviously is an unachievable and impractical goal (being perfectly safe would require stopping all aviation activities and to grounding all aircraft) as not all risks can be removed and not all possible risk mitigation measures are economically practical. In other words, it is accepted that there will be some residual risk of harm to people, property or environment, but this is considered to be acceptable or tolerable by the responsible authority and the society.
Risk management, being a central component of the SMS, plays vital role in addressing the risk in practical terms. It requires a coherent and consistent process of objective analysis, in particular for evaluating the operational risks. In general, Risk Management is a structured approach and systematic actions aimed to achieve the balance between the identified and assessed risk and practicable risk mitigation.
Risk Management Elements
Risk management consists of three essential elements:
- Hazard identification - Identification of undesired or adverse events that can lead to the occurrence of a hazard and the analysis of mechanisms by which these events may occur and cause harm. Both reactive and proactive methods and techniques should be used for hazard identification.
- Risk assessment - Identified hazards are assessed in terms of criticality of their harmful effect and ranked in order of their risk-bearing potential. They are assessed often by experienced personnel, or by utilising more formal techniques and through analytical expertise. The severity of consequences and the likelihood (frequency) of occurrence of hazards are determined. If the risk is considered acceptable, operation continues without any intervention. If it is not acceptable, the risk mitigation process is engaged.
- Risk mitigation - If the risk is considered to be unacceptable, then control measures are taken to fortify and increase the level of defences against that risk or to avoid or remove the risk, if this is economically feasible.
The flow chart below depicting the Risk Management process:
Risk Management process (extracted from ICAO Doc 9859 - Safety Management Manual)
Furthermore, effective Risk Management requires that the safety “cost-benefit” of the planned and implemented course of actions is analysed, including the case of choosing a “do nothing” strategy. If it is decided to act for limiting the exposure to the identified risks, each risk control measure needs to be evaluated, to reveal possible latent hazards and dormant risks that may arise from activating that measure. Once these control measures are implemented, the organisation needs to ensure they are engaged in a correct way, and this is achieved through a set of arrangements, processes and systematic actions, which build the Safety Assurance domain of the SMS.
Risk Management is based on a variety of hazard identification means. According to ICAO Doc 9859 this SMS component may include both proactive and reactive methods and techniques. Safety occurrence reporting and investigation, being assigned to the reactive category, are well known essential means for identifying key risk areas and corrective risk mitigation measures. In addition, the increasing integration, automation and complexity of flight operations requires a proactive, systematic and structured approach to risk assessment and mitigation using predictive and monitoring techniques. Risk assessment need to be conducted for any changes that may impact the safety of services provided by the operator/service provider.
The risk management concept is equally important in all aviation sectors and should be implemented in a consistent manner by airline operators, air navigation service providers, certified aerodrome operators, maintenance organisations and training organisations. Its strategies include identifying the risk, assessing the risk, avoiding or reducing the risk and accepting certain risks.
Further Reading
ICAO
- ICAO Doc 9859 - Safety Management Manual, Fourth Edition - 2018;
- ICAO Integrated Safety Management website;
European Commission
EUROCONTROL
- EUROCONTROL Safety Regulatory Requirement (ESARR 4);
- FAA/EUROCONTROL ATM Safety Techniques and Toolbox;
FAA
- FAA Advisory Circular No. 120-92D, Safety Management Systems for Aviation Service Providers
- Safety Risk Management at the State Level; Dr Hazel Courtney, UK CAA and Amer Younossi, USA FAA. - presentation given to IASS 2015, November 2015.
Others
- The Evolution of APF: ENAV Approach October, 2010
- Managing Risk at easyJet October, 2010
- The Past is no Predictor of the Future Chris Johnson, 2017
Categories
What Links Here (34)
- Aligned Weather Impact Management
- Airport Bird Hazard Management
- Operators Checklist for Bird Strike Hazard Management
- Flight Operations Risk Assessment Checklist - Active Runway Crossing
- Crew Training for Functional Check Flights
- Ageing Aircraft - Structural Failure
- Bow Tie Risk Management Methodology
- Company Safety Culture (OGHFA BN)
- Continuous Improvement of the SMS
- Flight Operations Risk Assessment Checklist - New Destination
- Helicopter SMS Toolkit
- ICAO Annex 19, Safety Management
- Improving Safety Culture in Air Traffic Control
- Management of Change
- Risk Assessment
- Risk Mitigation
- Safety Achievement
- Safety Assurance
- Safety Audits
- Safety Documentation
- Safety Improvement
- Safety Management
- Safety Management System
- Safety Occurrence Investigation
- Safety Occurrence Reporting
- Safety Performance Monitoring and Measurement
- Safety Policy
- Safety Promotion
- Sample Safety Policy Statement
- SMS in Aerodrome Operation
- SMS in Air Traffic Management
- State Safety Programme (SSP)
- Voluntary Occurrence Reporting
- Safety Information Exchange
