Page 94 - UK Air Operations Regulations 201121
P. 94
Part ORO - ANNEX III - Organisational Requirement for Air Operations
ORO.GEN.200(a)(6) GM4 Management system
AUDIT AND INSPECTION
(a) ‘Audit’ means a systematic, independent and documented process for obtaining evidence
and evaluating it objectively to determine the extent to which requirements are complied
with.
(b) ‘Inspection’ means an independent documented conformity evaluation by observation and
judgement accompanied as appropriate by measurement, testing or gauging, in order to
verify compliance with applicable requirements.
ORO.GEN.200(b) AMC1 Management system
SIZE, NATURE AND COMPLEXITY OF THE ACTIVITY
(a) An operator should be considered as complex when it has a workforce of more than 20
full time equivalents (FTEs) involved in the activity subject to Regulation (EC) No
216/2008 and its Implementing Rules.
(b) Operators with up to 20 FTEs involved in the activity subject to Regulation (EC) No
216/2008 and its Implementing Rules may also be considered complex based on an
assessment of the following factors:
(1) in terms of complexity, the extent and scope of contracted activities subject to the
approval;
(2) in terms of risk criteria, the extent of the following:
(i) operations requiring a specific approval;
(ii) high-risk commercial specialised operations;
(iii) operations with different types of aircraft used; and
(iv) operations in challenging environment (offshore, mountainous area, etc.).
ORO.GEN.205 Contracted activities
(a) When contracting or purchasing any services or products as a part of its activities, the
operator shall ensure all of the following:
(1) that the contracted or purchased services or products comply with the applicable
requirements;
(2) that any aviation safety hazards associated with contracted or purchased services
or products are considered by the operator's management system.
(b) When the certified operator or the SPO authorisation holder contracts any part of its
activity to an organisation that is not itself certified or authorised in accordance with this
Part to carry out such activity, the contracted organisation shall work under the approval of
the operator. The contracting organisation shall ensure that the CAA is given access to
the contracted organisation, to determine continued compliance with the applicable
requirements.
ORO.GEN.205 AMC1 Contracted activities
RESPONSIBILITY WHEN CONTRACTING ACTIVITIES
(a) The operator may decide to contract certain activities to external organisations.
(b) A written agreement should exist between the operator and the contracted organisation
clearly defining the contracted activities and the applicable requirements.
(c) The contracted safety-related activities relevant to the agreement should be included in
the operator's safety management and compliance monitoring programmes.
(d) The operator should ensure that the contracted organisation has the necessary
authorisation or approval when required, and commands the resources and competence
to undertake the task.
ORO.GEN.205 AMC2 Contracted activities
THIRD-PARTY PROVIDERS
(a) The initial audit and/or the continuous monitoring of contracted organisations may be
performed by a third-party provider on behalf of the operator when it is demonstrated that:
(1) a documented arrangement has been established with the third-party provider;
(2) the audit standards applied by the third-party provider address the scope of this
Regulation in sufficient detail;
(3) the third-party provider uses an evaluation system, designed to assess the
operational, management and control systems of the contracted organisation;
20th November 2021 94 of 856