describe the type, extent and area of its operations;

identify the serious risks for safety posed by its railway operations whether they are carried out by the organisation itself, or by contractors, partners or suppliers under its control;

identify interested parties (e.g. regulatory bodies, authorities, infrastructure managers, contractors, suppliers, partners), including those parties external to the railway system, that are relevant to the safety management system;

identify and maintain legal and other requirements related to safety from the interested parties referred to in point (c);

ensure that the requirements referred to in point (d) are taken into account in developing, implementing and maintaining the safety management system;

describe the scope of the safety management system, indicating which part of the business is included or not in its scope and taking into account the requirements referred to in point (d).

taking overall accountability and responsibility for safety;

ensuring commitment to safety by management at different levels within the organisation through their activities and in their relationships with staff and contractors;

ensuring that the safety policy and safety objectives are established, understood and are compatible with the strategic direction of the organisation;

ensuring the integration of the safety management system requirements into the organisation's business processes;

ensuring that the resources needed for the safety management system are available;

ensuring that the safety management system is effective in controlling the safety risks posed by the organisation;

encouraging staff to support compliance with the safety management system requirements;

promoting continual improvement of the safety management system;

ensuring that safety is considered when identifying and managing the organisation's business risks and explaining how conflict between safety and other business goals will be recognised and resolved;

promoting a positive safety culture.

appropriate to the organisation's type and extent of railway operations;

approved by the organisation's chief executive (or a representative(s) of the top-management);

actively implemented, communicated and made available to all staff.

include a commitment to conform with all legal and other requirements related to safety;

provide a framework for setting safety objectives and evaluating the organisation's safety performance against these objectives;

include a commitment to control safety risks which arise both from its own activities and those caused by others;

include a commitment to continual improvement of the safety management system;

be maintained in accordance with the business strategy and the evaluation of the safety performance of the organisation.

identify and analyse all operational, organisational and technical risks relevant to the type, extent and area of operations carried out by the organisation. Such risks shall include those arising from human and organisational factors such as workload, job design, fatigue or suitability of procedures, and the activities of other interested parties (see 1. Context of the organisation);

evaluate the risks referred to in point (a) by applying appropriate risk assessment methods;

develop and put in place safety measures, with identification of associated responsibilities (see 2.3. Organisational roles, responsibilities, accountabilities and authorities);

develop a system to monitor the effectiveness of safety measures (see 6.1. Monitoring);

recognise the need to collaborate with other interested parties (such as railway undertakings, infrastructure managers, manufacturer, maintenance supplier, entity in charge of maintenance, railway vehicle keeper, service provider and procurement entity), where appropriate, on shared risks and the putting in place of adequate safety measures;

communicate risks to staff and involved external parties (see 4.4. Information and communication).

be consistent with the safety policy and the organisation's strategic objectives (where applicable);

be linked to the priority risks that influence the safety performance of the organisation;

be measurable;

take into account applicable legal and other requirements;

be reviewed as regards their achievements and revised as appropriate;

be communicated.

identification of the competencies (including knowledge, skills, non-technical behaviours and attitudes) required for safety-related tasks;

selection principles (basic educational level, psychological and physical fitness required);

initial training, experience and qualification;

ongoing training and periodic update of existing competencies;

periodic assessment of competence and checks of psychological and physical fitness to ensure that qualifications and skills are maintained over time;

specific training in relevant parts of the safety management system in order to deliver their safety-related tasks.

the training programme is delivered according to the identified competency requirements and individual needs of the staff;

where applicable, the training ensures that staff can operate under all operating conditions (normal, degraded and emergency);

the duration of the training and the frequency of the refresher training are appropriate for the training objectives;

records are kept for all staff (see 4.5.3. Control of documented information);

the training programme is regularly reviewed and audited (see 6.2. Internal auditing) and changes made when necessary (see 5.4. Management of change).

relevant, complete and understandable for the intended users;

valid;

accurate;

consistent;

controlled (see 4.5.3. Control of documented information);

communicated before it takes effect;

received and understood.

the identification and description of the processes and activities related to safety of rail operations, including safety-related tasks and associated responsibilities (see 2.3. Organisational roles, responsibilities, accountabilities and authorities);

the interaction of these processes;

the procedures or other documents describing how these processes are implemented;

the identification of contractors, partners and suppliers with a description of the type and extent of services delivered;

the identification of contractual arrangements and other business agreements, concluded between the organisation and other parties identified under (d), necessary to control the safety risks of the organisation and those related to the use of contractors;

reference to documented information required by this Regulation.

a synthesis of the decisions on the level of significance of the safety-related changes, including an overview of significant changes, in accordance with Article 18(1) of Regulation (EU) No 402/2013;

the organisation's safety objectives for the following year(s) and how serious risks for safety influence the setting of these safety objectives;

the results of internal accident/incident investigation (see 7.1. Learning from accidents and incidents) and other monitoring activities (see 6.1. Monitoring, 6.2. Internal auditing and 6.3. Management review), in accordance with Article 5(1) of Regulation (EU) No 1078/2012 ( 2 );

details of progress on addressing outstanding recommendations from the national investigation bodies (see 7.1. Learning from accidents and incidents);

the organisation's safety indicators set out to evaluate the organisation's safety performance (see 6.1. Monitoring);

where applicable, the conclusions of the annual report of the safety advisor, as referred to in RID ( 3 ), on the activities of the organisation relating to the transport of dangerous goods ( 4 ).

include the development of a strategy and the use of expertise and recognised methods from the field of human and organisational factors;

address risks associated with the design and use of equipment, tasks, working conditions and organisational arrangements, taking into account human capabilities as well as limitations, and the influences on human performance.

risk acceptance criteria and safety measures are applied (see 3.1.1. Risk assessment);

plan(s) to achieve the safety objectives are delivered (see 3.2. Safety objectives and planning);

information is collected to measure the correct application and effectiveness of the operational arrangements (see 6.1. Monitoring).

planning of existing or new train routes and new train services, including the introduction of new types of vehicles, the need to lease vehicles and/or to hire staff from external parties and the exchange of information on the maintenance for operational purposes with entities in charge of maintenance;

development and implementation of train timetables;

preparation of trains or vehicles before movement, including pre-departure checks and train composition;

running trains or movement of vehicles in the different operating conditions (normal, degraded and emergency);

adaptation of the operation to requests for removal from operation and notification of return to operation issued by entities in charge of maintenance;

authorisations for movements of vehicles;

usability of interfaces in train driving cabs and train control centres and with equipment used by maintenance staff.

compliance with their training and work instructions, and corrective actions are taken where required;

specific training in case of anticipated changes affecting the running of operations or their task assignment;

adoption of adequate measures following accidents and incidents.

ensure that the assets are used for the purpose intended while maintaining their safe operational state, in accordance with Article 14(2) of Directive (EU) 2016/798 where relevant, and their expected level of performance;

manage the assets in normal and degraded operations;

detect as soon as reasonably practicable instances of non-compliance with operating requirements before or during the operation of the asset, including the application of restrictions of use as appropriate to ensure a safe operational state of the asset (see 6.1. Monitoring).

the identification of the need for maintenance to keep the asset in a safe operational state, based on the planned and real use of the asset and its design characteristics;

the management of the removal of the asset from operation for maintenance, when defects have been identified or when asset condition degrades outside the limits of a safe operational state as referred to in point (a);

the management of the return to operation of the asset with eventual restrictions of use after maintenance has been delivered to ensure it is in a safe operational state;

the management of monitoring and measurement equipment to ensure that it is fit for its intended purpose.

the exchange of relevant information within the organisation or with external entities responsible for maintenance (see 5.3. Contractors, partners and suppliers), in particular on safety-related malfunctions, accidents, incidents as well as on eventual restrictions of use of the asset;

the traceability of all necessary information including the information related to point (a) (see 4.4. Information and communication and 4.5.3. Control of documented information);

the establishment and maintenance of records including the management of changes affecting the safety of assets (see 5.4. Management of change).

the legal and other requirements related to safety (see 1. Context of the organisation);

the level of competence required to deliver the tasks set out in the contract (see 4.2. Competence);

the responsibilities for the tasks to be performed;

the expected safety performance to be maintained during the contract;

the obligations relating to the exchange of safety-related information (see 4.4. Information and communication);

the traceability of safety-related documents (see 4.5. Documented information).

the safety performance of all activities and operations of contractors, partners and suppliers to ensure that they comply with the requirements set out in the contract;

the awareness of contractors, partners and suppliers of safety risks they entail to the organisation's operations.

the emergency services can be promptly contacted;

the emergency services are provided with all relevant information both in advance, to prepare their emergency response, and at the time of an emergency;

first aid is provided internally.

alert all staff with responsibility for emergency management;

communicate information to all parties (e.g. infrastructure manager, contractors, authorities, emergency services), including emergency instructions for passengers;

take any decisions required in accordance with the type of emergency.

to check the correct application and the effectiveness of all the processes and procedures in the safety management system, including the operational, organisational and technical safety measures;

to check the correct application of the safety management system as a whole, and if it achieves the expected outcomes;

to investigate whether the safety management system conforms to the requirements in this Regulation;

to identify, implement and evaluate the effectiveness of the corrective measures (see 7.2. Continual improvement), as appropriate, if any relevant instance of non-compliance to points (a), (b) and (c) is detected.

A schedule of planned internal audits which can be revised depending on the results of previous audits and monitoring of performance;

The identification and selection of competent auditors (see 4.2. Competence);

The analysis and evaluation of the results of the audits;

The identification of the need for corrective or improvement measures;

The verification of the completion and effectiveness of these measures;

The documentation pertaining to the execution and results of audits;

The communication of the results of audits to the top management.

details of progress on addressing outstanding actions from previous management reviews;

changing internal and external circumstances (see 1. Context of the organisation);

the organisation's safety performance related to:

recommendations for improvement.

reported, logged, investigated and analysed to determine their causes;

reported to national bodies as appropriate.

recommendations from the national safety authority, the national investigating body and industry/internal investigations are evaluated and implemented if appropriate or mandated;

relevant reports/information from other interested parties such as railway undertakings, infrastructure managers, entities in charge of maintenance and railway vehicle keepers are considered and taken into account.

monitoring (see 6.1. Monitoring);

internal auditing (see 6.2. Internal auditing);

management review (see 6.3. Management review);

learning from accidents and incidents (see 7.1. Learning from accidents and incidents).

describe the character and extent of its operations;

identify the serious risks for safety posed by its railway operations whether they are carried out by the organisation itself, or by contractors, partners or suppliers under its control;

identify interested parties (e.g. regulatory bodies, authorities, railway undertakings, infrastructure managers, contractors, suppliers, partners), including those parties external to the railway system, that are relevant to the safety management system;

identify and maintain legal and other requirements related to safety from the interested parties referred to in point (c);

ensure that the requirements referred to in point (d) are taken into account in developing, implementing and maintaining the safety management system;

describe the scope of the safety management system, indicating which part of the business is included or not in its scope and taking into account the requirements referred to in point (d).

‘character’ in relation to railway operations carried out by infrastructure managers means the characterisation of operation by its scope, including infrastructure design and construction, infrastructure maintenance, traffic planning, traffic management and control, and by the use of the railway infrastructure, including conventional and/or high speed lines, transport of passengers and/or goods;

‘extent’ in relation to railway operations carried out by infrastructure managers means the extent characterised by the length of railway track and the estimated size of the infrastructure manager in terms of number of employees working in the railway sector.

taking overall accountability and responsibility for safety;

ensuring commitment to safety by management at different levels within the organisation through their activities and in their relationships with staff and contractors;

ensuring that the safety policy and safety objectives are established, understood and are compatible with the strategic direction of the organisation;

ensuring the integration of the safety management system requirements into the organisation's business processes;

ensuring that the resources needed for the safety management system are available;

ensuring that the safety management system is effective in controlling the safety risks posed by the organisation;

encouraging staff to support compliance with the safety management system requirements;

promoting continual improvement of the safety management system;

ensuring that safety is considered when identifying and managing the organisation's business risks and explaining how conflict between safety and other business goals will be recognised and resolved;

promoting a positive safety culture.

appropriate to the organisation's character and extent of railway operations;

approved by the organisation's chief executive (or a representative(s) of the top-management);

actively implemented, communicated and made available to all staff.

include a commitment to conform with all legal and other requirements related to safety;

provide a framework for setting safety objectives and evaluating the organisation's safety performance against these objectives;

include a commitment to control safety risks which arise both from its own activities and those caused by others;

include a commitment to continual improvement of the safety management system;

be maintained in accordance with the business strategy and the evaluation of the safety performance of the organisation.

identify and analyse all operational, organisational and technical risks relevant to the character and extent of operations carried out by the organisation. Such risks shall include those arising from human and organisational factors such as workload, job design, fatigue or suitability of procedures, and the activities of other interested parties (see 1. Context of the organisation);

evaluate the risks referred to in point (a) by applying appropriate risk assessment methods;

develop and put in place safety measures, with identification of associated responsibilities (see 2.3. Organisational roles, responsibilities, accountabilities and authorities);

develop a system to monitor the effectiveness of safety measures (see 6.1. Monitoring);

recognise the need to collaborate with other interested parties (such as railway undertakings, infrastructure managers, manufacturer, maintenance supplier, entity in charge of maintenance, railway vehicle keeper, service provider and procurement entity), where appropriate, on shared risks and the putting in place of adequate safety measures;

communicate risks to staff and involved external parties (see 4.4. Information and communication).

be consistent with the safety policy and the organisation's strategic objectives (where applicable);

be linked to the priority risks that influence the safety performance of the organisation;

be measurable;

take into account applicable legal and other requirements;

be reviewed as regards their achievements and revised as appropriate;

be communicated.

identification of the competencies (including knowledge, skills, non-technical behaviours and attitudes) required for safety-related tasks;

selection principles (basic educational level, psychological and physical fitness required);

initial training, experience and qualification;

ongoing training and periodic update of existing competencies;

periodic assessment of competence and checks of psychological and physical fitness to ensure that qualifications and skills are maintained over time;

specific training in relevant parts of the safety management system in order to deliver their safety-related tasks.

the training programme is delivered according to the identified competency requirements and individual needs of the staff;

where applicable, the training ensures that staff can operate under all operating conditions (normal, degraded and emergency);

the duration of the training and the frequency of the refresher training are appropriate for the training objectives;

records are kept for all staff (see 4.5.3. Control of documented information);

the training programme is regularly reviewed and audited (see 6.2. Internal auditing) and changes made when necessary (see 5.4. Management of change).

relevant, complete and understandable for the intended users;

valid;

accurate;

consistent;

controlled (see 4.5.3. Control of documented information);

communicated before it takes effect;

received and understood.

the identification and description of the processes and activities related to safety of rail operations, including safety-related tasks and associated responsibilities (see 2.3. Organisational roles, responsibilities, accountabilities and authorities);

the interaction of these processes;

the procedures or other documents describing how these processes are implemented;

the identification of contractors, partners and suppliers with a description of the type and extent of services delivered;

the identification of contractual arrangements and other business agreements, concluded between the organisation and other parties identified under (d), necessary to control the safety risks of the organisation and those related to the use of contractors;

reference to documented information required by this Regulation.

a synthesis of the decisions on the level of significance of the safety-related changes, including an overview of significant changes, in accordance with Article 18(1) of Regulation (EU) No 402/2013;

the organisation's safety objectives for the following year(s) and how serious risks for safety influence the setting of these safety objectives;

the results of internal accident/incident investigation (see 7.1. Learning from accidents and incidents) and other monitoring activities (see 6.1. Monitoring, 6.2. Internal auditing and 6.3. Management review), in accordance with Article 5(1) of Regulation (EU) No 1078/2012;

details of progress on addressing outstanding recommendations from the national investigation bodies (see 7.1. Learning from accidents and incidents);

the organisation's safety indicators set out to evaluate the organisation's safety performance (see 6.1. Monitoring);

where applicable, the conclusions of the annual report of the safety advisor, as referred to in RID ( 6 ), on the activities of the organisation relating to the transport of dangerous goods ( 7 ).

include the development of a strategy and the use of expertise and recognised methods from the field of human and organisational factors;

address risks associated with the design and use of equipment, tasks, working conditions and organisational arrangements, taking into account human capabilities as well as limitations, and the influences on human performance.

risk acceptance criteria and safety measures are applied (see 3.1.1. Risk assessment);

plan(s) to achieve the safety objectives are delivered (see 3.2. Safety objectives and planning);

information is collected to measure the correct application and effectiveness of the operational arrangements (see 6.1. Monitoring).

identification of the safe boundaries of transport for traffic planning and control based on the design characteristics of the infrastructure;

traffic planning, including timetable and train path allocation;

real-time traffic management in normal mode and in degraded modes with the application of traffic restrictions of use and the management of traffic disruptions;

setting of conditions for running exceptional consignments.

compliance with their training and work instructions, and corrective actions are taken where required;

specific training in case of anticipated changes affecting the running of operations or their task assignment;

adoption of adequate measures following accidents and incidents.

ensure that the assets are used for the purpose intended while maintaining their safe operational state and their expected level of performance;

manage the assets in normal and degraded operations;

detect as soon as reasonably practicable instances of non-compliance with operating requirements before or during the operation of the asset, including the application of restrictions of use as appropriate to ensure a safe operational state of the asset (see 6.1. Monitoring).

the identification of the need for maintenance to keep the infrastructure in a safe operational state, based on the planned and real use of the infrastructure and its design characteristics;

the management of the removal of the asset from operation for maintenance, when defects have been identified or when asset condition degrades outside the limits of a safe operational state as referred to in point (a);

the management of the return to operation of the asset with eventual restrictions of use after maintenance has been delivered to ensure it is in a safe operational state;

the management of monitoring and measurement equipment to ensure that it is fit for its intended purpose.

the exchange of relevant information within the organisation or with external entities responsible for maintenance (see 5.3. Contractors, partners and suppliers), in particular on safety-related malfunctions, accidents, incidents as well as on eventual restrictions of use of the asset;

the traceability of all necessary information including the information related to point (a) (see 4.4. Information and communication and 4.5.3. Control of documented information);

the establishment and maintenance of records including the management of changes affecting the safety of assets (see 5.4. Management of change).

the legal and other requirements related to safety (see 1. Context of the organisation);

the level of competence required to deliver the tasks set out in the contract (see 4.2. Competence);

the responsibilities for the tasks to be performed;

the expected safety performance to be maintained during the contract;

the obligations relating to the exchange of safety-related information (see 4.4. Information and communication);

the traceability of safety-related documents (see 4.5. Documented information).

the safety performance of all activities and operations of contractors, partners and suppliers to ensure that they comply with the requirements set out in the contract;

the awareness of contractors, partners and suppliers of safety risks they entail to the organisation's operations.

the emergency services can be promptly contacted;

the emergency services are provided with all relevant information both in advance, to prepare their emergency response, and at the time of an emergency;

first aid is provided internally.

alert all staff with responsibility for emergency management;

communicate information to all parties (e.g. railway undertakings, contractors, authorities, emergency services), including emergency instructions for passengers;

take any decisions required in accordance with the type of emergency.

to check the correct application and the effectiveness of all the processes and procedures in the safety management system, including the operational, organisational and technical safety measures;

to check the correct application of the safety management system as a whole, and if it achieves the expected outcomes;

to investigate whether the safety management system conforms to the requirements in this Regulation;

to identify, implement and evaluate the effectiveness of the corrective measures (see 7.2. Continual improvement), as appropriate, if any relevant instance of non-compliance to points (a), (b) and (c) is detected.

A schedule of planned internal audits which can be revised depending on the results of previous audits and monitoring of performance;

The identification and selection of competent auditors (see 4.2. Competence);

The analysis and evaluation of the results of the audits;

The identification of the need for corrective or improvement measures;

The verification of the completion and effectiveness of these measures;

The documentation pertaining to the execution and results of audits;

The communication of the results of audits to the top management.

details of progress on addressing outstanding actions from previous management reviews;

changing internal and external circumstances (see 1. Context of the organisation);

the organisation's safety performance related to:

recommendations for improvement.

reported, logged, investigated and analysed to determine their causes;

reported to national bodies as appropriate.

recommendations from the national safety authority, the national investigating body and industry/internal investigations are evaluated and implemented if appropriate or mandated;

relevant reports/information from other interested parties such as railway undertakings, infrastructure managers, entities in charge of maintenance and railway vehicle keepers are considered and taken into account.

monitoring (see 6.1. Monitoring);

internal auditing (see 6.2. Internal auditing);

management review (see 6.3. Management review);

learning from accidents and incidents (see 7.1. Learning from accidents and incidents).