Eole Air Passion
Nous contacter au 06 08 24 20 62 - PAGE FACEBOOK Facebook

AIRCREW - ANNEX VII - PART ORA


Regulation (EU) No 1178/2011 AIRCREW : Pilot Licenses
Revision from August 2023

Annexe VII : [PART ORA] - Organisation Requirements for Aircrew

SUBPART GEN – GENERAL REQUIREMENTS

SECTION I – GENERAL

ORA.GEN.105 Competent authority - Regulation (EU) No 1178/2011

  1. For the purpose of this Part, the competent authority exercising oversight over:
    1. organisations subject to a certification obligation shall be:
      1. for organisations having their principal place of business in a Member State, the authority designated by that Member State;
      2. for organisations having their principal place of business located in a third country, the Agency;
    2. FSTDs shall be:
      1. the Agency, for FSTDs:
        • located outside the territory of the Member States, or,
        • located within the territory of the Member States and operated by organisations having their principal place of business located in a third country,
      2. for FSTDs located within the territory of the Member States and operated by organisations having their principal place of business in a Member State, the authority designated by the Member State where the organisation operating it has its principle place of business, or the Agency, ifso requested by the Member State concerned.
  2. When the FSTD located outside the territory of the Member States is operated by an organisation certified by a Member State, the Agency shall qualify this FSTD in coordination with the Member State that has certified the organisation that operates such FSTD.

ORA.GEN.115 Application for an organisation certificate - Regulation (EU) No 1178/2011

  1. The application for an organisation certificate or an amendment to an existing certificate shall be made in a form and manner established by the competent authority,taking into account the applicable requirements of Regulation (EC) No 216/2008 and its Implementing Rules.
  2. Applicants for an initial certificate shall provide the competent authority with documentation demonstrating how they will comply with the requirements established in Regulation (EC) No 216/2008 and its Implementing Rules. Such documentation shall include a procedure describing how changes not requiring prior approval will be managed and notified to the competent authority.

ORA.GEN.120 Means of compliance - Regulation (EU) No 290/2012

  1. Alternative means of compliance to the AMC adopted by the Agency may be used by an organisation to establish compliance with Regulation (EC) No 216/2008 and its Implementing Rules.
  2. When an organisation wishes to use an alternative means of compliance, it shall, prior to implementing it, provide the competent authority with a full description of the alternative means of compliance. The description shall include any revisions to manuals or procedures that may be relevant, as well as an assessment demonstrating that Regulation (EC) No 216/2008 and its Implementing Rules are met.
    The organisation may implement these alternative means of compliance subject to prior approval by the competent authority and upon receipt of the notification as prescribed in ARA.GEN.120(d).

AMC1 ORA.GEN.120(a) Means of compliance - ED Decision 2012/007/R

DEMONSTRATION OF COMPLIANCE

In order to demonstrate that the Implementing Rules are met, a risk assessment should be completed and documented. The result of this risk assessment should demonstrate that an equivalent level of safety to that established by the Acceptable Means of Compliance (AMC) adopted by the Agency is reached.

ORA.GEN.125 Terms of approval and privileges of an organisation - Regulation (EU) No 1178/2011

A certified organisation shall comply with the scope and privileges defined in the terms of approval attached to the organisation’s certificate.

AMC1 ORA.GEN.125 Terms of approval and privileges of an organisation - ED Decision 2012/007/R

MANAGEMENT SYSTEM DOCUMENTATION

The management system documentation should contain the privileges and detailed scope of activities for which the organisation is certified, as relevant to the applicable requirements. The scope of activities defined in the management system documentation should be consistent with the terms of approval.

ORA.GEN.130 Changes to organisations - Regulation (EU) No 1178/2011

  1. Any change affecting:
    1. the scope of the certificate or the terms of approval of an organisation; or
    2. any of the elements of the organisation’s management system as required in ORA.GEN.200(a)(1) and (a)(2),

    shall require prior approval by the competent authority.

  2. For any changes requiring prior approval in accordance with Regulation (EC) No 216/2008 and its Implementing Rules, the organisation shall apply for and obtain an approval issued by the competent authority. The application shall be submitted before any such change takes place, in order to enable the competent authority to determine continued compliance with Regulation (EC) No 216/2008 and its Implementing Rules and to amend, if necessary, the organisation certificate and related terms of approval attached to it.
    The organisation shall provide the competent authority with any relevant documentation.
    The change shall only be implemented upon receipt of formal approval by the competent authority in accordance with ARA.GEN.330.
    The organisation shall operate under the conditions prescribed by the competent authority during such changes, as applicable.
  3. All changes not requiring prior approval shall be managed and notified to the competent authority as defined in the procedure approved by the competent authority in accordance with ARA.GEN.310(c).

AMC1 ORA.GEN.130 Changes to organisationsED Decision 2012/007/R

APPLICATION TIME FRAMES

  1. The application for the amendment of an organisation certificate should be submitted at least 30 days before the date of the intended changes.
  2. In the case of a planned change of a nominated person, the organisation should inform the competent authority at least 10 days before the date of the proposed change.
  3. Unforeseen changes should be notified at the earliest opportunity, in order to enable the competent authority to determine continued compliance with the applicable requirements and to amend, if necessary, the organisation certificate and related terms of approval.

GM1 ORA.GEN.130(a) Changes to organisations - ED Decision 2017/022/R

GENERAL

  1. Typical examples of changes requiring prior approval which may affect the certificate or the terms of approval are listed below:
    1. the name of the organisation;
    2. the organisation’s principal place of business;
    3. the organisation’s scope of activities;
    4. additional locations of the organisation;
    5. the accountable manager;
    6. any of the persons referred to in ORA.GEN.210(a) and (b);
    7. the organisation’s documentation as required by this Part, safety policy and procedures;
    8. the facilities.
  2. Prior approval by the competent authority is required for any changes to the organisation’s procedure describing how changes not requiring prior approval will be managed and notified to the competent authority.
  3. Changes requiring prior approval may only be implemented upon receipt of formal approval by the competent authority.

GM2 ORA.GEN.130(a) Changes to organisations - ED Decision 2012/007/R

CHANGE OF NAME OF THE ORGANISATION

A change of name requires the organisation to submit a new application as a matter of urgency.

Where this is the only change to report, the new application can be accompanied by a copy of the documentation previously submitted to the competent authority under the previous name, as a means of demonstrating how the organisation complies with the applicable requirements.

GM1 ORA.GEN.130(c) Changes to organisations - ED Decision 2017/022/R

GENERAL

Typical examples of changes not requiring prior approval are to the following items:

  1. medical equipment (e.g. electrocardiograph (ECG), ophthalmoscope);
  2. flight simulation training device (FSTD) operator’s technical personnel;
  3. change in schedule of preventive maintenance; and
  4. list of instructors.

It is recommended that all information on changes not requiring prior approval be included as annexes to the approved training organisation (ATO)’s, FSTD operator’s, as well as aeromedical centre’s documentation

ORA.GEN.135 Continued validity - Regulation (EU) No 1178/2011

  1. The organisation’s certificate shall remain valid subject to:
    1. the organisation remaining in compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules,taking into account the provisions related to the handling of findings as specified under ORA.GEN.150;
    2. the competent authority being granted access to the organisation as defined in ORA.GEN.140 to determine continued compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules; and
    3. the certificate not being surrendered or revoked.
  2. Upon revocation or surrender the certificate shall be returned to the competent authority without delay.

ORA.GEN.140 Access - Regulation (EU) No 290/2012

For the purpose of determining compliance with the relevant requirements of Regulation (EC) No 216/2008 and its Implementing Rules, the organisation shall grant access to any facility, aircraft, document, records, data, procedures or any other material relevant to its activity subject to certification, whether it is contracted or not, to any person authorised by:

  1. the competent authority defined in ORA.GEN.105; or
  2. the authority acting under the provisions of ARA.GEN.300(d), ARA.GEN.300(e) or ARO.RAMP.

ORA.GEN.150 Findings - Regulation (EU) No 1178/2011

After receipt of notification of findings, the organisation shall:

  1. identify the root cause of the non-compliance;
  2. define a corrective action plan; and
  3. demonstrate corrective action implementation to the satisfaction of the competent authority within a period agreed with that authority as defined in ARA.GEN.350(d).

AMC1 ORA.GEN.150(b) Findings - ED Decision 2012/007/R

GENERAL

The corrective action plan defined by the organisation should address the effects of the non-conformity, as well as its root-cause.

GM1 ORA.GEN.150 Findings - ED Decision 2012/007/R

GENERAL

  1. Corrective action is the action to eliminate or mitigate the root cause(s) and prevent recurrence of an existing detected non-compliance or other undesirable condition or situation.
  2. Proper determination of the root cause is crucial for defining effective corrective actions.

ORA.GEN.155 Immediate reaction to a safety problem - Regulation (EU) No 1178/2011

The organisation shall implement:

  1. any safety measures mandated by the competent authority in accordance with ARA.GEN.135(c); and
  2. any relevant mandatory safety information issued by the Agency, including airworthiness directives.

ORA.GEN.160 Occurrence reporting - Regulation (EU) No 70/2014

  1. The organisation shall report to the competent authority, and to any other organisation required by the State of the operator to be informed, any accident, serious incident and occurrence as defined in Regulation (EU) No 996/2010 of the European Parliament and of the Council1 and Directive 2003/42/EC of the European Parliament and of the Council2.
  2. Without prejudice to paragraph (a) the organisation shall report to the competent authority and to the organisation responsible for the design of the aircraft any incident, malfunction, technical defect, exceeding of technical limitations and any occurrence that would highlight inaccurate, incomplete or ambiguous information contained in the operational suitability data established in accordance with Commission Regulation (EU) No 748/20123 or other irregular circumstance that has or may have endangered the safe operation of the aircraft and that has not resulted in an accident or serious incident.
  3. Without prejudice to Regulation (EU) No 996/2010, Directive 2003/42/EC, Commission Regulation (EC) No 1321/20074 and Commission Regulation (EC) No 1330/20075, the reports referred in paragraphs (a) and (b) shall be made in a form and manner established by the competent authority and contain all pertinent information about the condition known to the organisation.
  4. Reports shall be made as soon as practicable, but in any case within 72 hours of the organisation identifying the condition to which the report relates, unless exceptional circumstances prevent this.
  5. Where relevant, the organisation shall produce a follow-up report to provide details of actions it intends to take to prevent similar occurrences in the future, as soon as these actions have been identified. This report shall be produced in a form and manner established by the competent authority.

AMC1 ORA.GEN.160 Occurrence reporting - ED Decision 2012/007/R

GENERAL

  1. The organisation should report all occurrences defined in AMC 20-8, and as required by the applicable national rules implementing Directive 2003/43/EC6 on occurrence reporting in civil aviation.
  2. In addition to the reports required by AMC 20-8 and Directive 2003/43/EC, the organisation should report volcanic ash clouds encountered during flight.
  • 1 OJ L 295, 12.11.2010, p. 35.
  • 2 OJ L 167, 4.7.2003, p. 23.
  • 3 OJ L 224, 21.8.2012, p. 1.
  • 4 OJ L 294, 13.11.2007, p. 3.
  • 5 OJ L 295, 14.11.2007, p. 7.
  • 6 Directive 2003/42/EC of the European Parliament and of the Council of 13 June 2003 on occurrence reporting in civil aviation OJ L 167, 4.7.2003, p. 23-36.

SECTION II – MANAGEMENT

ORA.GEN.200 Management system - Regulation (EU) 2015/445

  1. The organisation shall establish, implement and maintain a management system that includes:
    1. clearly defined lines of responsibility and accountability throughout the organisation, including a direct safety accountability of the accountable manager;
    2. a description of the overall philosophies and principles of the organisationwith regard to safety, referred to as the safety policy;
    3. the identification of aviation safety hazards entailed by the activities of the organisation, their evaluation and the management of associated risks, including taking actions to mitigate the risk and verify their effectiveness;
    4. maintaining personnel trained and competent to perform their tasks;
    5. documentation of all management system key processes, including a process for making personnel aware of their responsibilities and the procedure for amending this documentation;
    6. a function to monitor compliance of the organisation with the relevant requirements. Compliance monitoring shall include a feedback system of findings to the accountable manager to ensure effective implementation of corrective actions as necessary; and
    7. any additional requirements that are prescribed in the relevant subparts of this Part or other applicable Parts.
  2. The management system shall correspond to the size of the organisation and the nature and complexity of its activities,taking into account the hazards and associated risks inherent in these activities.
  3. Notwithstanding point (a), in an organisation providing training only for the LAPL, PPL, SPL or BPL and the associated ratings or certificates, safety risk management and compliance monitoring defined in points (a)(3) and (a)(6) may be accomplished by an organisational review, to be performed at least once every calendar year. The competent authority shall be notified about the results of this review by the organisation without undue delay.

AMC1 ORA.GEN.200(a)(1);(2);(3);(5) Management system - ED Decision 2012/007/R

NON-COMPLEX ORGANISATIONS - GENERAL

  1. Safety risk management may be performed using hazard checklists or similar risk management tools or processes, which are integrated into the activities of the organisation.
  2. The organisation should manage safety risks related to a change. The management of change should be a documented process to identify external and internal change that may have an adverse effect on safety. It should make use of the organisation’s existing hazard identification, risk assessment and mitigation processes.
  3. The organisation should identify a person who fulfils the role of safety manager and who is responsible for coordinating the safety management system. This person may be the accountable manager or a person with an operational role in the organisation.
  4. Within the organisation, responsibilities should be identified for hazard identification, risk assessment and mitigation.
  5. The safety policy should include a commitment to improve towards the highest safety standards, comply with all applicable legal requirements, meet all applicable standards, consider best practices and provide appropriate resources.
  6. The organisation should, in cooperation with other stakeholders, develop, coordinate and maintain an emergency response plan (ERP) that ensures orderly and safe transition from normal to emergency operations and return to normal operations. The ERP should provide the actions to be taken by the organisation or specified individuals in an emergency and reflect the size, nature and complexity of the activities performed by the organisation.

AMC1 ORA.GEN.200(a)(1) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS - ORGANISATION AND ACCOUNTABILITIES

// TODO

GM1 ORA.GEN.200(a)(1) Management system - ED Decision 2012/007/R

SAFETY MANAGER

  1. Depending on the size of the organisation and the nature and complexity of its activities, the safety manager may be assisted by additional safety personnel for the performance of all safety management related tasks.
  2. Regardless of the organisational set-up it is important that the safety manager remains the unique focal point as regards the development, administration and maintenance of the organisation’s safety management system.

GM2 ORA.GEN.200(a)(1) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS - SAFETY ACTION GROUP

// TODO

AMC1 ORA.GEN.200(a)(2) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS - SAFETY POLICY

// TODO

GM1 ORA.GEN.200(a)(2) Management system - ED Decision 2012/007/R

SAFETY POLICY

The safety policy is the means whereby the organisation states its intention to maintain and, where practicable, improve safety levels in all its activities and to minimise its contribution to the risk of an aircraft accident as far as is reasonably practicable.

The safety policy should state that the purpose of safety reporting and internal investigations is to improve safety, not to apportion blame to individuals.

AMC1 ORA.GEN.200(a)(3) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS - SAFETY RISK MANAGEMENT

// TODO

GM1 ORA.GEN.200(a)(3) Management system - ED Decision 2012/007/R

INTERNAL OCCURRENCE REPORTING SCHEME

  1. The overall purpose of the scheme is to use reported information to improve the level of safety performance of the organisation and not to attribute blame.
  2. The objectives of the scheme are to:
    1. enable an assessment to be made of the safety implications of each relevant incident and accident, including previous similar occurrences, so that any necessary action can be initiated; and
    2. ensure that knowledge of relevant incidents and accidents is disseminated, so that other persons and organisations may learn from them.
  3. The scheme is an essential part of the overall monitoring function and it is complementary to the normal day-to-day procedures and ‘control’ systems and is not intended to duplicate or supersede any of them. The scheme is a tool to identify those instances where routine procedures have failed.
  4. All occurrence reports judged reportable by the person submitting the report should be retained as the significance of such reports may only become obvious at a later date.

GM3 ORA.GEN.200(a)(3) Management system - ED Decision 2013/008/R

APPROVED TRAINING ORGANISATIONS - RISK MANAGEMENT OF FLIGHT OPERATIONS WITH KNOWN OR FORECAST VOLCANIC ASH CONTAMINATION

// TODO

GM4 ORA.GEN.200(a)(3) Management system - ED Decision 2013/008/R

SAFETY RISK ASSESSMENT – RISK REGISTER

The results of the assessment of the potential adverse consequences or outcome of each hazard may be recorded by the ATO in a risk register, an example of which is provided below.

// TODO

AMC1 ORA.GEN.200(a)(4) Management system - ED Decision 2012/007/R

TRAINING AND COMMUNICATION ON SAFETY

  1. Training
    1. All personnel should receive safety training as appropriate for their safety responsibilities.
    2. Adequate records of all safety training provided should be kept.
  2. Communication
    1. The organisation should establish communication about safety matters that:
      1. ensures that all personnel are aware of the safety management activities as appropriate for their safety responsibilities;
      2. conveys safety critical information, especially relating to assessed risks and analysed hazards;
      3. explains why particular actions are taken; and
      4. explains why safety procedures are introduced or changed.
    2. Regular meetings with personnel where information, actions and procedures are discussed may be used to communicate safety matters.

GM1 ORA.GEN.200(a)(4) Management system - ED Decision 2012/007/R

TRAINING AND COMMUNICATION ON SAFETY

The safety training programme may consist of self-instruction via a media (newsletters, flight safety magazines), class-room training, e-learning or similar training provided by training service providers.

AMC1 ORA.GEN.200(a)(5) Management system - ED Decision 2012/007/R

ORGANISATION’S MANAGEMENT SYSTEM DOCUMENTATION

  1. The organisation’s management system documentation should at least include the following information:
    1. a statement signed by the accountable manager to confirm that the organisation will continuously work in accordance with the applicable requirements and the organisation’s documentation as required by this Part;
    2. the organisation's scope of activities;
    3. the titles and names of persons referred to in ORA.GEN.210(a) and (b);
    4. an organisation chart showing the lines of responsibility between the persons referred to in ORA.GEN.210;
    5. a general description and location of the facilities referred to in ORA.GEN.215;
    6. procedures specifying how the organisation ensures compliance with the applicable requirements;
    7. the amendment procedure for the organisation’s management system documentation.
  2. The organisation’s management system documentation may be included in a separate manual or in (one of) the manual(s) as required by the applicable Subpart(s). A cross reference should be included.

GM1 ORA.GEN.200(a)(5) Management system - ED Decision 2012/007/R

ORGANISATION’S MANAGEMENT SYSTEM DOCUMENTATION

  1. It is not required to duplicate information in several manuals. The information may be contained in any of the organisation manuals (e.g. operations manual, training manual), which may also be combined.
  2. The organisation may also choose to document some of the information required to be documented in separate documents (e.g. procedures). In this case, it should ensure that manuals contain adequate references to any document kept separately. Any such documents are then to be considered an integral part of the organisation’s management system documentation.

AMC1 ORA.GEN.200(a)(5) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS – ORGANISATION’S SAFETY MANAGEMENT MANUAL

// TODO

AMC1 ORA.GEN.200(a)(6) Management system - ED Decision 2012/007/R

COMPLIANCE MONITORING - GENERAL

  1. Compliance monitoring
    The implementation and use of a compliance monitoring function should enable the organisation to monitor compliance with the relevant requirements of this Part and other applicable Parts.
    1. The organisation should specify the basic structure of the compliance monitoring function applicable to the activities conducted.
    2. The compliance monitoring function should be structured according to the size of the organisation and the complexity of the activities to be monitored.
  2. Organisations should monitor compliance with the procedures they have designed to ensure safe activities. In doing so, they should as a minimum, and where appropriate, monitor:
    1. privileges of the organisation;
    2. manuals, logs, and records;
    3. training standards;
    4. management system procedures and manuals.
  3. Organisational set up
    1. To ensure that the organisation continues to meet the requirements of this Part and other applicable Parts, the accountable manager should designate a compliance monitoring manager. The role of the compliance monitoring manager is to ensure that the activities of the organisation are monitored for compliance with the applicable regulatory requirements , and any additional requirements as established by the organisation, and that these activities are being carried out properly under the supervision of the relevant head of functional area.
    2. The compliance monitoring manager should be responsible for ensuring that the compliance monitoring programme is properly implemented, maintained and continually reviewed and improved.
    3. The compliance monitoring manager should:
      1. have direct access to the accountable manager;
      2. not be one of the other persons referred to in ORA.GEN.210(b);
      3. be able to demonstrate relevant knowledge, background and appropriate experience related to the activities of the organisation; including knowledge and experience in compliance monitoring; and
      4. have access to
    4. In the case of a non-complex organisation, this task may be exercised by the accountable manager provided he/she has demonstrated having the related competence as defined in (c)(3)(iii).
    5. In the case the same person acts as compliance monitoring manager and as safety manager, the accountable manager, with regards to his/her direct accountability for safety, should ensure that sufficient resources are allocated to both functions, taking into account the size of the organisation and the nature and complexity of its activities.
    6. The independence of the compliance monitoring function should be established by ensuring that audits and inspections are carried out by personnel not responsible for the function, procedure or products being audited.
  4. Compliance monitoring documentation
    1. Relevant documentation should include the relevant part(s) of the organisation’s management system documentation.
    2. In addition, relevant documentation should also include the following:
      1. terminology;
      2. specified activity standards;
      3. a description of the organisation;
      4. the allocation of duties and responsibilities;
      5. procedures to ensure regulatory compliance;
      6. the compliance monitoring programme, reflecting:
        1. schedule of the monitoring programme;
        2. audit procedures;
        3. reporting procedures;
        4. follow-up and corrective action procedures; and
        5. recording system.
      7. the training syllabus referred to in (e)(2);
      8. document control.
  5. Training
    1. Correct and thorough training is essential to optimise compliance in every organisation. In order to achieve significant outcomes of such training, the organisation should ensure that all personnel understand the objectives as laid down in the organisation’s management system documentation.
    2. Those responsible for managing the compliance monitoring function should receive training on this task. Such training should cover the requirements of compliance monitoring, manuals and procedures related to the task, audit techniques, reporting and recording.
    3. Time should be provided to train all personnel involved in compliance management and for briefing the remainder of the personnel.
    4. The allocation of time and resources should be governed by the volume and complexity of the activities concerned.

GM1 ORA.GEN.200(a)(6) Management system - ED Decision 2012/007/R

COMPLIANCE MONITORING - GENERAL

  1. The organisational set-up of the compliance monitoring function should reflect the size of the organisation and the nature and complexity of its activities. The compliance monitoring manager may perform all audits and inspections himself/herself or appoint one or more auditors by choosing personnel having the related competence as defined in AMC1 ORA.GEN.200(a)(6) point (c)(3)(iii), either from within or outside the organisation.
  2. Regardless of the option chosen it must be ensured that the independence of the audit function is not affected, in particular in cases where those performing the audit or inspection are also responsible for other functions within the organisation.
  3. In case external personnel are used to perform compliance audits or inspections:
    1. any such audits or inspections are performed under the responsibility of the compliance monitoring manager; and
    2. the organisation remains responsible to ensure that the external personnel has relevant knowledge, background and experience as appropriate to the activities being audited or inspected; including knowledge and experience in compliance monitoring.
  4. The organisation retains the ultimate responsibility for the effectiveness of the compliance monitoring function in particular for the effective implementation and follow-up of all corrective actions.

GM2 ORA.GEN.200(a)(6) Management system - ED Decision 2012/007/R

COMPLEX ORGANISATIONS - COMPLIANCE MONITORING PROGRAMME FOR ATOs

// TODO

GM3 ORA.GEN.200(a)(6) Management system - ED Decision 2012/007/R

AUDIT AND INSPECTION

  1. ‘Audit’ means a systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which requirements are complied with.
  2. ‘Inspection’ means an independent documented conformity evaluation by observation and judgement accompanied as appropriate by measurement, testing or gauging, in order to verify compliance with applicable requirements.