When we hear of an accident we frequently think, “How did that happen? That is a very safe and conscientious company.” Or sometimes we say to ourselves, “I knew that would happen. That organization was an accident waiting to happen.”
Today, many accident investigations are completed with “Reason’s Model” in mind. James Reason states that failures fall into two main categories: active failures and latent failures.
Active failures are errors and violations having immediate negative results and are usually caused by an individual. Latent failures are caused by circumstances such as scheduling problems, inadequate training, or lack of resources which results in an active failure. Investigators examine the company culture, policy, and latent errors whose effects lie dormant until triggered later by a technician. We should not just point fingers when a technician makes an error; we have to investigate the latent failure.
When we consider Reason’s Model of Error Analysis, we look at everyone’s role in preventing errors. When a company has an incident, there is a chain of events established that helps to identify the contributing human factors and the causes of the incident. Typically, latent failures existed in the regulations, management, resources, policies and company culture. Then, there were active failures from direct supervision, scheduling, use of resources, time management, and communication; as well as other active failures, such as the “Dirty Dozen,” that influenced the judgment of the technician that led to an error.
Both latent and active failures interact, creating a window for an accident to occur. Latent failures set the stage for the accident, while active failures tend to be the catalyst for the accident. As the model illustrates, there are several lines of defense, and if there is a hole in that line of defense, it can create a failure. If a situation contains a sufficient number of failures allowing the holes to line up, then an accident will occur.
Latent failures are present in the system well before an accident and are most likely bred by decision-makers, regulators, and other people far removed in time and space from the event. Conflicting goals and bad management decisions unknowingly create the conditions under which the latentfailures can reveal themselves. Safety efforts should be directed at discovering and solving these latent failures rather than by localizing efforts to minimize active failures by the technician. This is why with any human factors program, management has to be involved right from the beginning.
First line of defense
The first line of defense in preventing incidents is the management of an organization, the decision-makers. Upper management and the regulatory authorities are responsible for setting goals and for managing available resources to achieve safety and cost-effective transportation. The owners are responsible to ensure the presence of qualified individuals to accomplish the task. Some regulatory authorities actually contribute to the existence of latent failures because of lack of regulations or clarity of them. Transport Canada and EASA both have regulations and subject requirement for human factors training in the maintenance department. However, the FAA has yet to regulate human factors subject matter or time requirements.
Creating defenses against the establishment of latent errors within a company should include effective policies and procedures, continuous training, and a confidential reporting program to alert managers to the presence of hazards or deficiencies. The company must have a clear Safety Management System in place which requires the CEO to provide guiding actions throughout the organization. Those in top positions must foster a climate in which there is a positive attitude towards comments and feedback from lower levels of the organization. Everyone’s role is to be well trained and educated in understanding the consequences and prevention of an unsafe act created by human error.
Line management vs. latent errors
The second line of defense is to prevent latent errors created by line management. These managers, who implement the decisions made by upper management, are responsible for procedures, scheduling, avoiding hazards, and providing training. They are responsible to ensure that the equipment is available and reliable. The line managers are also responsible for the defects in the organization’s operating system (task, material, environment, training and the personnel).
The third line of defense represents preventing errors created by high workload, undue time pressure, acceptance of hazards, and ignorance of the system. The “Dirty Dozen” defenses, 12 examples of immediate causes of human errors leading to an accident or incident, should have caught these errors but were not in place at the time. The presence of defenses or safeguards in a system usually prevent the effects of latent failures by closing the “window of opportunity” during which an active failure may be committed. These defenses include proper training, good situational awareness, and independent inspection.
Check, check, and re-check
Active failures created by the individual include:
- omission of a checklist item
- use of wrong procedures
- not following procedures
- not completing a final system check properly
- not double checking
- lack of skill and knowledge
There are defenses and countermeasures that protect us from the latent and active failures. The system can also be referred to as the organizational filters or safety nets. If the error is found or corrected because of the safety nets, then there is no accident or incident. The system worked.
Everyone plays a role in establishing the defences to latent and active errors. Management corrects or eliminates management or supervisor error (setting standards, planning, organizing, controlling and staffing). They are responsible for improving the system to ensure training, manuals, policies, procedures, and resources are available and are used. Human factors training trains personnel to use the resources and to encourage safe operations. Managers learn that a safety culture can only be fostered if line employees are provided necessary resources to do their jobs correctly. Line employees on the other hand, must be given the tools that teach them how to do their jobs without error. As an example, upper-level managers provide and control resources, such as the number of planes serviced at one time, the selection of employees to do the work, and the tools with which to perform the necessary tasks.
A safety management system requires communication of the chain of events leading to rework issues and incidents with their corrective action. A truly effective SMS program will start to eliminate latent failures. Human factors teaches employees to come up with corrective actions.