Page 366 - UK Continuing Airworthiness Regulations (Consolidated) 201121
P. 366
Part CAMO - ANNEX Vc - Organisational Requirements for Continuing Airworthiness Management
capability to perform any of the tasks required by Part-CAMO;
(5) a record of the actions taken to mitigate risks is maintained, showing the status of
each action and the owner of the action;
(6) there is a follow-up on the implementation of all risk mitigation actions;
(7) risk mitigation actions are assessed for their effectiveness; and
(8) the results of risk assessments are periodically reviewed to check whether they
remain relevant. (Are the assumptions still valid? Is there new information?).
CAMO.B.200(a)(5) GM1 Management system
SAFETY RISK MANAGEMENT PROCESS
The purpose of safety risk management as part of the management system framework for
competent authorities is to ensure the effectiveness of the management system. As for any
organisation, hazard identification and risk management is expected to contribute to effective
decision-making, to guide the allocation of resources and contribute to organisational success.
The safety risk management process required by point CAMO.B.200 is intended to address the
safety risks that are directly related to the CAA’s organisation and processes, and which may affect
its capability to perform its tasks and discharge its responsibilities. This process is not intended to be
a substitute for the State safety risk management SARPs defined in ICAO Annex 19, Chapter 3,
component 3.3. This does not mean, however, that the CAA may not use information and data that is
obtained through its State Safety Programme (SSP), including oversight data and information, for the
purpose of safety risk management as part of its management system.
The safety risk management process is also to be applied to the management of changes
(CAMO.B.210), which is intended to ensure that the management system remains effective
whenever changes occur.
CAMO.B.205 Allocation of tasks to qualified entities
(a) Tasks related to the initial certification, or continuing oversight of persons, or organisations
subject to Regulation (EU) 2018/1139 and its delegated and implementing acts may be
allocated by the CAA only to qualified entities. When allocating tasks, the CAA shall ensure
that it has:
(1) put a system in place to initially and continuously assess that the qualified entity
complies with Annex VI ‘Essential requirements for qualified entities’ to Regulation
(EU) 2018/1139. This system and the results of the assessments shall be
documented;
(2) established a documented agreement with the qualified entity, approved by both
parties at the appropriate management level, which clearly defines:
(i) the tasks to be performed;
(ii) the declarations, reports, and records to be provided;
(iii) the technical conditions to be met in performing such tasks;
(iv) the related liability coverage;
(v) the protection given to information acquired in carrying out such tasks.
(b) The CAA shall ensure that the internal audit process and safety risk management process
required by point (a)(5) of point CAMO.B.200 covers all certification, or continuing
oversight tasks performed on its behalf.
CAMO.B.205 GM1 Allocation of tasks to qualified entities
CERTIFICATION TASKS
The tasks that may be performed by a qualified entity on behalf of the CAA include those that are
related to the initial certification and to the continuing oversight of persons and organisations as
defined in Regulation (EU) No 1321/2014.
CAMO.B.210 Changes in the management system
(a) The CAA shall have a system in place to identify changes that affect its capability to
perform its tasks and discharge its responsibilities as defined in Regulation (EU)
2018/1139 and its delegated and implementing acts. This system shall enable it to take
action as appropriate to ensure that its management system remains adequate and
effective.
(b) The CAA shall update its management system to reflect any change to Regulation (EU)
2018/1139 and its delegated and implementing acts in a timely manner, so as to ensure
effective implementation.
CAMO.B.220 Record-keeping
(a) The CAA shall establish a system of record-keeping that allows adequate storage,
accessibility, and reliable traceability of:
(1) the management system's documented policies and procedures;
(2) training, qualification, and authorisation of its personnel;
(3) the allocation of tasks, covering the elements required by point CAMO.B.205, as
well as the details of tasks allocated;
(4) certification processes and continuing oversight of certified organisations, including:
(i) the application for an organisation certificate;
(ii) the CAA's continuing oversight programme, including all assessment, audit
and inspection records;
(iii) the organisation certificate, including any changes thereto;
(iv) a copy of the oversight programme listing the dates when audits are due and
when audits were carried out;
(v) copies of all formal correspondence;
20 November 2021 366 of 412
