What’s the Process? Turning Policy into Practice in Aviation SMS

The word process appears throughout the Canadian Aviation Regulations (CARs), particularly in Parts 107 and 302. You’ll see it connected to everything from hazard identification and internal reporting to training, risk management, and corrective action.

But here’s the question that should stop every airport leader in their tracks:
If someone new walked into your organization tomorrow - whether into safety, operations, or finance - could they understand how things are done simply by reading your manuals or plans?

If the answer is no, you may not actually have a process at all.

Where the Regulations Draw the Line

The CARs are clear. Certificate holders must establish and maintain processes for core safety management functions. Advisory Circular 107-001 goes even further, noting that these processes must be defined, documented, and used consistently.

Yet in many manuals, “process” has become shorthand for good intentions. Statements like “The Airport will ensure that hazards are identified and managed” might satisfy a policy requirement, but they don’t tell anyone how that happens - or who’s responsible.

A regulator, auditor, or even a new Safety Manager should be able to follow your documented processes like a map: see where a task begins, understand the steps and decision points, and know where it ends and how it’s recorded. If that’s not possible, the process doesn’t exist in any usable sense.

So, What Is a Process?

A process is a defined, repeatable sequence of actions that transforms an input into an output.

It sits between your policy (what you intend to do) and your procedures (the detailed steps or tools used to do it). Think of it as the bridge between principle and practice:

Policy - States intent or commitment. e.g. “We will identify and manage safety hazards.”

Process - Describes how the intent is achieved. e.g. “All staff report hazards via Wombat; the Safety Manager categorizes, assesses, and assigns mitigations for follow-up.”

Procedure - Details specific steps or instructions. e.g. “Step 1: Log into Wombat. Step 2: Click ‘Submit Hazard Report’…”

The process connects policy to proof - showing how work actually happens within your SMS framework.

The Anatomy of a Well-Written Process

A strong process doesn’t need to be complicated. It just needs to be clear, logical, and consistent. At minimum, it should include:

  1. Purpose – Why the process exists and what it achieves.

  2. Scope – What activities, people, or situations it covers.

  3. Inputs/Triggers – What starts the process (e.g., a report, inspection, or event).

  4. Actions/Steps – The main stages of the process (not detailed procedures).

  5. Roles & Responsibilities – Who does what, and when.

  6. Outputs – What the process produces (e.g., risk rating, record, corrective action).

  7. Records/Evidence – How completion is verified and documented.

This structure ensures that even if staff turnover occurs, the process endures. It’s how you make your organization resilient and auditable.

Why This Should Matter to Executives

Processes aren’t paperwork; they’re the invisible framework that holds an operation together. When done right, they:

  • Enable continuity during staff changes or emergencies.

  • Provide auditability - a clear trail from input to output.

  • Improve accountability, since roles and expectations are explicit.

  • Support decision-making by creating consistent data for analysis.

  • Demonstrate compliance by linking regulatory requirements to daily actions.

Without defined processes, organizations drift into inconsistency. Tasks get done differently depending on who’s on shift. Reporting gaps widen. Institutional memory fades. And when the Transport Canada inspector shows up, “That’s how we’ve always done it” doesn’t hold much weight.

How to Tell You Don’t Really Have a Process

  • It lives in someone’s head, not in your documentation.

  • Different people do the same task in different ways.

  • There’s no clear trigger or defined outcome.

  • You can’t produce a record to show when or how it was last completed.

  • Your “process” is actually a single-page statement of intent.

If any of these sound familiar, don’t fret - you’ve identified an opportunity - not a failure. Clarity is the first step toward control.

Building (or Rebuilding) Processes That Work

Start simple.

  1. Pick one SMS function - for example, hazard reporting.

  2. Map the workflow visually: what starts it, what happens next, and where it ends.

  3. Identify the roles - who reports, who reviews, who acts.

  4. Document each stage in plain, active language (“The Safety Manager reviews the report within five business days”).

  5. Test it - can someone new follow it without asking for help?

  6. Store and maintain it in your SMS software or manual so it’s visible and accessible.

Then repeat the exercise across your SMS and operational areas. Over time, you’ll build a library of clearly defined, auditable processes that reflect how your organization actually operates.

Process Is the Bridge Between Policy and Proof

In the end, a process isn’t about writing more - it’s about making your organization understandable. It’s how you ensure safety management isn’t dependent on personalities, but on purpose.

If someone new can walk into your airport and understand how something is done simply by reading your manual, you’re not just compliant - you’re resilient.

And that’s the real power of process.

Need a Hand Defining or Auditing Your Processes?

If you’d like an external review of your Safety Management Manual or Safety Management Plan, or a guided training session to help your team turn policies into real, auditable processes, connect with Acclivix today.

Whether you need a one-time review, ongoing advisory support, or a customized in-house course, we can help you define, document, and strengthen the processes that drive both compliance and confidence.

👉 Let’s make your processes work for you.

Next
Next

Automating Team Building – Moving Beyond the Activities