Implementing and Evaluating Risk Controls Under Title 14, Code of Federal Regulations (14 CFR) Part 5 and FAA Advisory Circular (AC) 120–92D

Risk assessment informs decisions. Risk controls implement them.

In previous posts, we described systems and identified hazards under §5.53, then assessed safety risk under §5.55(a)–(b). Next, under §5.55(c)–(d) organizations must develop safety risk controls and evaluate whether risk will be acceptable with those controls applied. This is where Safety Risk Management (SRM) moves from analysis to action.

Selecting Safety Risk Controls (§5.55(c))

Selecting risk controls means identifying actions that reduce safety risk to a level defined as acceptable by the organization’s documented risk‑acceptance criteria. AC 120–92D, Safety Management Systems for Aviation Service Providers, emphasizes that effective safety risk controls—

• Address root causes, not just outcomes,

• Are proportional to the risk level,

• Avoid introducing unintended consequences, and

• Are clearly documented and assigned.

Controls may include engineering changes, procedural adjustments, training enhancements, or operational limitations. The following examples illustrate how organizations translate risk analysis into practical controls.

FAA Industry‑like Examples

Altitude Deviations

After several recent industry events involving altitude deviations during high‑workload phases of flight, an operator identifies a similar exposure in its own data.

• Control (procedural): the operator enhances altitude‑alerting logic and reinforces callout discipline during climb and descent.

Runway Excursions

Following multiple runway excursion events across the industry during contaminated runway operations, an organization reviews its winter operations exposure.

• Control (training enhancement): the operator enhances contaminated runway performance calculation training and reinforces dispatch‑to‑flightcrew coordination during adverse weather operations.

Initial and Residual Risk (§5.55(d))

Initial risk reflects exposure before controls. Residual risk reflects exposure after controls are applied. Section §5.55(d) requires the organization to evaluate whether risk will be acceptable with the proposed controls applied.

Residual risk is evaluated using the same risk matrix applied during initial assessment: the residual risk may be formally accepted if the applied controls reduce likelihood, severity, or both, and the resulting risk level falls within the organization’s acceptable range.

Plain‑language, Real‑world Examples

How Organizations Determine Whether Residual Risk Is Acceptable

Under §5.55(b), organizations define their acceptable level of risk within their SMS. In practice, determining acceptability typically includes—

• Applying the organization’s documented risk matrix or evaluation method,

• Confirming controls reduce risk to within predefined acceptance thresholds,

• Ensuring the decision is made at the appropriate level of management authority, and

• Documenting the rationale and assumptions.

Accepting residual risk does not eliminate the hazard—it reflects a conscious and documented decision that, with controls in place, the remaining exposure falls within the organization’s acceptable bounds.

Residual risk acceptance should be deliberate, documented, and subject to ongoing monitoring under safety assurance.

✈️ Conclusion

Under §5.55, safety risk assessment and control form an integrated process so organizations can—

• Analyze risk,

• Develop appropriate controls,

• Evaluate residual exposure, and

• Determine whether the remaining risk is acceptable.

Structured decision making, documentation, and proportional action are the hallmarks of effective Safety Risk Management.