What does good SMS documentation look like? Most operators answer this by pointing to structure—for example, the right sections, retention periods, and signatures. But Advisory Circular (AC) 120–92D points to something harder to audit: whether your documentation framework actually changes how informed decisions are made; it should, and here’s what that means in practice.

Throughout this series, we have referenced documentation requirements in every SMS component—from safety policy under Title 14, Code of Federal Regulations (14 CFR) part 5, Subpart B, to safety risk management (SRM) outputs under Subpart C, to safety assurance records under Subpart D. Next, Subpart F (§§ 5.95–5.97) is where those requirements are consolidated, defining what must be documented, what records must be retained, and for how long.

This is also a timely topic because 14 CFR part 135 operators and § 91.147 Letter of Authorization (LOA) holders must submit a declaration of compliance by May 28, 2027. A well‑organized documentation and recordkeeping structure makes that declaration more manageable and prepares you for the ongoing Federal Aviation Administration (FAA) surveillance that follows.

SMS Documentation (§ 5.95)

Section 5.95 requires organizations to develop and maintain two categories of SMS documentation: the safety policy and the SMS processes and procedures.

An important point: although 14 CFR part 5 does not require a standalone SMS manual, it requires these items be documented, but how the organization chooses to do that is a design decision. Some organizations maintain a dedicated SMS manual, while others integrate their SMS documentation into existing manuals such as a Flight Operations Manual (FOM) or Repair Station Manual (RSM). Organizations not required to maintain a manual system may use a compliance statement describing how they are meeting each part 5 requirement. AC 120–92D, Section 3.7, reinforces this flexibility—the method is the organization’s choice, as long as the documentation remains current and accessible.

Regardless of format, the documented SMS should be traceable. An auditor, a process owner, or the accountable executive should be able to follow a clear path from a part 5 requirement to the organization’s documented process or procedure addressing it. A compliance statement, whether required or developed voluntarily, serves as that roadmap. AC 120-92D’s Appendix D provides sample compliance‑statement formats for organizations both with and without manual systems.

Traceability matters for audits, but there’s a less obvious reason it matters just as much: SMS documentation should mirror the decision making it is meant to support. The language used to describe safety processes and actions shapes how people actually make safety decisions. Vague, passive, or purely compliance‑oriented documentation tends to produce compliance‑oriented behavior. Conversely, precise, accountable, and action‑oriented documentation tends to produce safety‑oriented behavior. AC 120–92D reflects this directly: a properly integrated SMS fosters a “fundamental and sustainable change” in how informed decisions are made. That change must live somewhere—in how things are written.

SMS Records (§ 5.97)

Section 5.97 defines four categories of records that must be retained, each with its own retention period.

SRM outputs (§ 5.97(a)). Records of SRM processes must be retained for as long as the associated risk control remains relevant to the operation. This includes system analyses, hazard identification outputs, risk assessments, and risk control documentation. When a risk control is retired or replaced, the associated records may be archived. Although part 5 does not require retaining SRM records when no risk control is developed, AC 120–92D recommends doing so—previous analyses can prevent duplicative work and protect against inadvertently undoing existing controls.

Safety assurance outputs (§ 5.97(b)). Records from monitoring, audits, evaluations, investigations, and performance assessments conducted under §§ 5.71–5.73 must be retained for a minimum of 5 years. These records provide evidence for demonstrating the organization is actively monitoring, evaluating, and acting on safety performance data.

Training records (§5.97(c)). Records of all SMS training provided under § 5.91 must be retained for as long as the individual is employed by the organization. This includes initial training to attain SMS competencies and recurrent training to maintain them. There is no provision for purging SMS training records while the individual remains employed.

Safety communications and hazard notifications (§5.97(d)). Records of communications provided under § 5.93 and hazard notifications shared under § 5.57 must be retained for a minimum of 24 consecutive calendar months. This can include meeting rosters, agenda topics, safety bulletins, email communications, or even photographs of posted safety information.

Scalability

Part 5 defines what must be documented and retained, but not how. AC 120–92D emphasizes the method should be appropriate to the size and complexity of the organization: organizations on the lower end of the complexity spectrum may maintain records in paper binders, spreadsheets, or simple file systems, while those with greater complexity may use dedicated SMS software platforms, such as the FAA‑supported Web‑Based Application Tool (WBAT) or commercial third‑party systems. What matters is that records are organized, retrievable, and current—not that they are housed in any particular format.

Plain‑language Examples

Part 135 Operator

A part 135 operator implements enhanced winter‑operations procedures following an SRM analysis of contaminated runway risk. Under § 5.97, the operator retains the SRM worksheets documenting the system analysis, hazard identification, and risk controls (§ 5.97(a)) for as long as the winter operations procedures remain in effect. Audit records and flight‑data trends showing how approach stability is monitored each season are retained for a minimum of 5 years (§ 5.97(b)). Training records for pilots who completed the revised winter operations training are retained for as long as those pilots are employed (§ 5.97(c)). Lastly, the safety bulletin communicating the procedural changes to the pilot group is retained for 24 months (§ 5.97(d)).

14 CFR Part 21 Production Certificate Holder

A combined type and production certificate holder identifies a manufacturing process hazard during a production line change. The SRM documentation, including the system analysis, identified hazards, and revised quality‑control procedures, is retained for as long as the controls remain relevant to production (§ 5.97(a)). Internal audit findings from subsequent production‑line evaluations are retained for 5 years (§ 5.97(b)). Training records for manufacturing personnel on the revised procedures are retained for the duration of their employment (§ 5.97(c)). And the hazard notification provided to an interfacing supplier under § 5.57 is retained for 24 months (§ 5.97(d)).

✈️ Conclusion

Subpart F does not introduce new safety processes—it ensures the outputs of those already built under Subparts B–E are documented and preserved. Effective documentation makes SRM traceable, safety assurance verifiable, and continuous improvement sustainable. It also provides the foundation for demonstrating compliance, whether during routine FAA surveillance or when submitting a declaration of compliance.

The documentation does not have to be complex, but it must be complete, current, retrievable, and written in language that fosters good aviation safety management decision making.