EASA’s Part-NCC regulations and compliance need to be kept up-to-date continually. But what is the best way to make sure you are operating in accordance with what is defined in your manuals, policies and procedures? Recurring small internal audit tasks are an easy way to help keep your operation running smoothly and ensure you are ready when an auditor visits.
Why perform an internal audit?
Part-NCC, established by EASA, is a set of rules governing private aircraft operators of certain aircraft types. These rules outline requirements operators must meet including specifications for operations manuals, SMS, and compliance monitoring. For operators subject to Part-NCC, there is now the possibility of being audited by their respective national aviation authorities at any time. It is therefore critical to always stay up to date and compliant.
Performing internal audits will help ensure you are better prepared for an external audit by confirming that you are operating in accordance with regulations and what you have defined at all times. The audit tasks will check that you are conforming to the latest regulatory guidance and that you are following the procedures defined in your manuals. Expanding the internal audit beyond regulations to include your operational authorizations, approvals, exemptions, and manuals will not only ensure you are following them, but also provide you with the opportunity to ensure they are still appropriate for your operation in their current form. Implementing smaller recurring checks will help you remain on top of things as changes occur, so you don’t have to worry about updating everything all at once with a backlog of revisions.
In essence, the point of internal audits is to discover what needs to be changed and then actually making those changes. It’s the perfect opportunity to improve your organization, without automatically having to rely on an external person coming in to help you.
How do you do an internal audit?
As a best practice, internal audits should be performed throughout the year with the participation of multiple parties so the program becomes an easily manageable part of your operation. Start by creating a book of audit tasks.
Each operation is different and your book of audit tasks should be customized to how your company operates. Using standards, policies, and procedures outlined in your manuals and documentation, write a task that asks the reviewer to assess whether there is any discrepancy between what’s written and what’s actually being executed. Be sure to include a list of relevant documents the person performing the task should have on hand, such as manuals, training records, flight logs, operational authorizations, exemptions, etc., to make the auditing process simpler.
Most tasks should be written so that anyone in the company can perform them. This allows the work to be divided among all of the team members so they feel part of the operation’s improvement efforts and thus also ensuring the work does not end up solely with the Safety Manager or Chief Pilot.
After you have created your book of audit tasks, create a manageable system by splitting the tasks up into bite-size clusters to be performed periodically (e.g., monthly, quarterly, etc.). It’s easier to create an ongoing process of minor course corrections throughout the year than perform one large annual review. As the scheduled audit task dates approach, assign one or two tasks to various team members. After each person completes their assigned task, they should document their findings.
What do you do after your internal audit?
Once you’ve completed your audit, hopefully, the results show that everything is running smoothly and that your operation is complying with the regulations and following your own defined policies and procedures. But sometimes an audit can uncover issues, such as a necessary procedural update or new training requirements, which could affect the operations manual or the safety management system.
If there are discrepancies found, be sure to investigate the root cause of the discrepancy so that you can determine and implement corrective actions. Set a reminder to re-evaluate the corrective actions at a later date to ensure they have had the desired effect. Keep in mind that in some cases you may find that it is not the operation that is at fault, it’s your documents that need to be changed. This may be especially true if you have recently gone through any significant operational changes.
If your operation is not compliant, you run the risk of being grounded. So, make those spot-checks a regular part of your operation.