DPO.OR.B.001 Management system
Regulation (EU) 2023/1769
(a) An organisation involved in the design or production of ATM/ANS equipment shall implement and maintain a management system that includes the following:
(1) clearly defined lines of responsibility and accountability throughout its organisation, including direct accountability of the accountable manager;
(2) a description of the overall philosophy and principles of the organisation, collectively constituting a policy, signed by the accountable manager;
(3) the means to verify the performance of the organisation in the light of the performance indicators and performance targets of the management system;
(4) a process to identify changes within the organisation and the context in which it operates, which may affect established processes, procedures and products and, where necessary, change the management system to accommodate those changes;
(5) a process to identify the scope of changes to the ATM/ANS equipment and the associated risk;
(6) a process to review the management system, identify the causes of substandard performance of the management system, determine the implications of such substandard performance, and eliminate or mitigate such causes;
(7) a process to ensure that the personnel of the organisation are trained and competent to perform their duties in a safe, efficient, continuous and sustainable manner; in this context, the organisation shall establish policies for the recruitment and training of its personnel;
(8) a formal means for communication which ensures that all personnel of the organisation are fully aware of the management system that allows critical information to be communicated and that makes it possible to explain why particular actions are taken and why procedures are introduced or changed;
(9) as regards design activities, procedures for:
(i) the design of ATM/ANS equipment, and for changes to its design;
(ii) the assurance that the design of ATM/ANS equipment, or the changes to its design, comply with the applicable specifications, including independent checking function of the demonstration of compliance on the basis of which the organisation submits compliance statements and associated documentation to the Agency;
(iii) the verification of the acceptability of the elements of the ATM/ANS equipment designed, or the tasks performed, by the contracted organisations referred to in point DPO.OR.B.015;
(iv) the assurance that staff involved in the design of ATM/ANS equipment are of sufficient numbers and are trained and competent, and have been authorised to discharge their allocated responsibilities;
(v) close and efficient coordination between departments and within departments;
(10) as regards production activities, procedures for:
(i) the issue and approval of documents, or changes to them;
(ii) assessment audits and the control of contracted organisations referred to in point DPO.OR.B.015;
(iii) verifying that incoming materials and equipment, including the supply of new items or items used by ATM/ANS equipment buyers, are as specified in the applicable design data;
(iv) verifying that ATM/ANS equipment conforms to the applicable design data;
(v) identification and traceability;
(vi) organisation processes;
(vii) inspection and testing;
(viii) calibration of tools and test equipment;
(ix) the control of non-conforming items;
(x) the coordination with the applicant for, or holder of, the design approval;
(xi) the completion and retention of records of work carried out;
(xii) the issue of release documents;
(xiii) the handling, storage and packing of ATM/ANS equipment.
(b) An organisation involved in the design or production of ATM/ANS equipment shall document all key management system processes, including a process for making personnel aware of their responsibilities, and the procedure for amending those processes.
(c) An organisation involved in the design or production of ATM/ANS equipment shall establish a function within its management system to monitor its compliance with the applicable requirements and the adequacy of the established procedures. Compliance monitoring shall include a feedback system of findings to the accountable manager to ensure the effective implementation of corrective actions, as necessary.
(d) The management system shall be proportionate to the size of the organisation involved in the design or production of ATM/ANS equipment and the complexity of its activities, taking into account the hazards and associated risks inherent in those activities.
(e) In addition to the management system referred to in point (a), the organisation involved in the design or production of ATM/ANS equipment shall establish, implement and maintain an information security management system in accordance with Implementing Regulation (EU) 2023/203 in order to ensure the proper management of information security risks which may have an impact on aviation safety.
GM1 DPO.OR.B.001 Management system
ED Decision 2024/002/R
QUALITY MANAGEMENT ELEMENTS OF THE MANAGEMENT SYSTEM — ISO 9001 CERTIFICATE
An ISO 9001 certificate, relevant to the scope of the approval being requested, issued by an appropriately accredited organisation, covers some quality management elements of the management system, but it does not address other system engineering and safety processes required by this Regulation. EASA may accept ISO 9001 certificates as evidence during compliance investigations for those elements covered. Other elements required by this Regulation in reference to the management system that are not covered by the ISO 9001 certificate issued by an appropriately accredited organisation will be subject to oversight by EASA.
GM1 DPO.OR.B.001(a) Management system
ED Decision 2024/002/R
The management system should include:
(a) an organisational structure to:
(1) control the design, including demonstration of compliance with the applicable detailed specifications;
(2) independently check demonstrations of compliance;
(3) liaise with EASA;
(4) continuously evaluate the organisation;
(5) manage contracted activities;
(b) procedures and responsibilities associated with the functions listed above, taking due account of the requirements applicable to design and approval of changes to ATM/ANS equipment design.
AMC1 DPO.OR.B.001(c) Management system
ED Decision 2024/002/R
COMPLIANCE MONITORING
(a) The monitoring of compliance of the management system with the applicable requirements and the adequacy of the established procedures should be performed by systematic means. These systematic means of compliance monitoring may include structured experience exchanges, regular design meetings, brainstorming or lessons-learned sessions, project reviews at appropriate phases of the development, or other similar means.
(b) Audits should be one element of compliance monitoring. When implemented, audits should be conducted as combined process/product (project) audits that focus on the implemented key processes or methods practised. In addition, audits should also allow the design or production organisation to find ways to become more efficient by continuous improvement.
DPO.OR.B.005 Change management
Regulation (EU) 2023/1769
(a) Following the issue of an organisation’s approval, any change to the management system that is significant shall be approved by the Agency before being implemented unless such a change is notified and managed in accordance with a procedure approved by the Agency. The organisation shall submit to the Agency an application for approval demonstrating continuous compliance with the applicable requirements.
(b) Each change to ATM/ANS equipment shall be notified to and approved by the Agency before being implemented unless such a change is managed in accordance with a change management procedure approved by the Agency. This change management procedure shall define the classification of the changes to the ATM/ANS equipment and describe how such changes will be notified and managed.
AMC1 DPO.OR.B.005(b) Change management
ED Decision 2024/002/R
PROCEDURE TO MANAGE CHANGES TO ATM/ANS EQUIPMENT
(a) A procedure should be established for the classification and approval of design changes to the ATM/ANS equipment. The procedure should define criteria for classifying a change as minor or major, taking into account points ATM/ANS.EQMT.CERT.020 and ATM/ANS.EQMT.DEC.020 of Delegated Regulation (EU) 2023/1768, and the following key aspects:
(b) The change is classified as major when:
(1) the change includes one of the following evolutions:
(i) new concept of operation of the equipment;
(ii) new technologies or techniques used in the ATM/ANS equipment development (e.g. used in design or verification);
(iii) changes to the ATM/ANS equipment that could significantly impact its functions and its reverification;
(iv) changes to the software that significantly impact a software function and induce subsequent reverification and reinvestigation;
(v) changes to the hardware that significantly impact a hardware function and induce subsequent reverification and reinvestigation; or
(vi modified ATM/ANS equipment architecture
(2) the change introduces the need to add requirements to or remove requirements from:
(i) the previously approved certification basis (for ATM/ANS equipment subject to certification); or
(ii) the detailed specifications referred to in the declaration (for ATM/ANS equipment subject to declaration of design compliance) ; for instance, addition or removal of a function addressed in the detailed specifications;
(3) the change introduces a new limitation to or a new deviation from:
(i) the previously approved certification basis (for ATM/ANS equipment subject to certification); or
(ii) the detailed specifications referred to in the declaration (for ATM/ANS equipment subject to declaration of design compliance); and
(4) the change introduces a new or modified means of compliance used by the DPO, not previously investigated by EASA, to demonstrate compliance with the certification basis (for ATM/ANS equipment subject to certification) or with detailed specifications referred to in the declaration (for ATM/ANS equipment subject to declaration of design compliance).
(c) The procedure for change management should be defined in coordination with the procedure for configuration of the ATM/ANS equipment, i.e. the part numbering system of DPO equipment should incorporate how minor changes will be reflected in the configuration of the equipment, and more particularly in the part number structure. In the case of a major change, a new model designation / part number may need to be defined.
(d) Minor changes should be processed in accordance with the privileges of the approved DPO. For minor changes, the approved DPO should:
(1) record the change description and the justification for the change classification;
(2) update all related technical documents including the user manual;
(3) record continuous compliance with the ATM/ANS equipment certificate or ATM/ANS equipment declaration of design compliance;
(4) notify EASA of the minor changes. When the change is managed in accordance with the change management procedure approved by EASA, the notification can be sent after the change is introduced.
(e) Major changes should be notified to EASA prior to their introduction by submission of one of the following:
(1) an application for the issue of a new certificate, in accordance with point ATM/ANS.EQMT.CERT.020 of Implementing Regulation (EU) 2023/1768, for ATM/ANS equipment subject to Article 4 of that Regulation; or
(2) a new declaration of design compliance, in accordance with point ATM/ANS.EQMT.DEC.020(b) of Implementing Regulation (EU) 2023/1768, for ATM/ANS equipment subject to Article 5 of that Regulation.
GM1 DPO.OR.B.005(b) Change management
ED Decision 2024/002/R
GENERAL
When performing changes to ATM/ANS equipment, a change impact analysis is performed to assess and document the impact of the change on the requirements, design, verification and its associated life cycle data, used for demonstration of compliance.
The communication regarding major changes to ATM/ANS equipment will indicate:
(a) the description of the change;
(b) the impact on the equipment and its associated life cycle data for demonstration of compliance;
(c) the impact on the demonstration of compliance with the EASA applicable detailed specifications and certification basis, identifying in particular:
(1) the compliance demonstration with any new detailed specifications, not subject to the initial certificate or declaration;
(2) any new limitations;
(3) any new deviations;
(4) changes in the means of compliance with the applicable detailed specifications; and
(d) the proposed EASA level of involvement, in the case of ATM/ANS equipment subject to certification.
GM2 DPO.OR.B.005(b) Change management
ED Decision 2024/002/R
REACTION BY THE DPO TO AN UNPLANNED (MAJOR) CHANGE
The procedure may also include the process for the reaction by the DPO to an unplanned (major) change that may arise with the need for urgent action that would normally require prior approval by the Agency.
GM3 DPO.OR.B.005(b) Change Management
ED Decision 2024/002/R
CASES IN WHICH THE DPO REACTS TO AN UNPLANNED (MAJOR) CHANGE
The cases in which the DPO reacts to an unplanned (major) change usually are when the DPO responds immediately to a safety, security or interoperability problem or when an emergency situation arises in which the DPO has to take immediate action (e.g. security patches) to ensure the safety, security or interoperability of its equipment in operation.
DPO.OR.B.010 Facility requirements
Regulation (EU) 2023/1769
An organisation involved in the design or production of ATM/ANS equipment shall ensure that its facilities and equipment, including testing facilities and equipment, are adequate and suitable to perform and manage all its tasks and activities in accordance with the applicable requirements.
DPO.OR.B.015 Contracted activities
Regulation (EU) 2023/1769
(a) Contracted activities include all those activities that are within the scope of the organisation’s activities, in accordance with the terms of the certificate, which are performed by other organisations either themselves certified to carry out such activities or, if not certified, working under such an organisation’s supervision. An organisation involved in the design or production of ATM/ANS equipment shall ensure that when it contracts any part of its activities to, or when it purchases any part of its activities from, external organisations, the contracted or purchased activity, as applicable, conforms with the applicable requirements.
(b) When an organisation involved in the design or production of ATM/ANS equipment contracts any part of its activities to an organisation that is not itself certified in accordance with this Regulation to carry out such activities, it shall ensure that the contracted organisation works under its supervision. An organisation involved in the design or production of ATM/ANS equipment shall ensure that the Agency is given access to the contracted organisation to determine its continued compliance with the applicable requirements of this Regulation.
AMC1 DPO.OR.B.015 Contracted activities
ED Decision 2024/002/R
DPO RESPONSIBILITY WHEN CONTRACTING ACTIVITIES
(a) A DPO, responsible for ensuring that the design of the ATM/ANS equipment complies with the applicable certification basis requirements or detailed specifications used for the declaration of design compliance, as applicable, should ensure that components designed, or tasks performed, by external parties are acceptable. To discharge this responsibility, the DPO should implement documented methods that ensure the compliance of the finished (ready to be delivered) ATM/ANS equipment, and that make use of these components or task results, prior to issuing the final EASA release form.
(b) As the responsibility for verification of compliance remains with the DPO, no specific qualification measures are required other than to pragmatically verify the capabilities of the external party, and to ensure that the required level of detail is met to enable the task results to be adequately verified.
(c) If a DPO subcontracts the compliance monitoring function to an external party that conducts the task, but does not hold its own DPO approval, then the same requirements for the qualification, nomination and documentation apply to the person who is nominated and indicated in the DPO handbook of the contracting DPO.
(d) Alternatively, if an organisation with a DPO approval obtains design substantiation data from a subcontractor that also holds a DPO approval, and the work that is conducted is within the approved scope of this subcontractor DPO, the subcontractor’s design data becomes acceptable when the contracting DPO has verified that the results adequately meet the needs of the ATM/ANS equipment under development. Additional formal compliance verification by the contracting DPO is not required if the person responsible for compliance verification of the contracted DPO signs and approves the document under its DPO approval.
AMC2 DPO.OR.B.015 Contracted activities
ED Decision 2024/002/R
RESPONSIBILITY WHEN CONTRACTING ACTIVITIES
(a) A contract should exist between the DPO and the contracted organisation clearly defining the contracted activities and the applicable requirements.
(b) The contracted activities, performed by an organisation that is not itself approved in accordance with this Regulation to carry out such activity, should be included in the DPO’s oversight process.
(c) A DPO should ensure that the contracted organisation has the necessary authorisation, declaration or approval when required, and commands the resources and competence to undertake the task.
GM1 DPO.OR.B.015 Contracted activities
ED Decision 2024/002/R
RESPONSIBILITY WHEN CONTRACTING ACTIVITIES
Regardless of the approval status of the contracted organisation, the DPO is responsible for ensuring that all contracted activities are subject to compliance monitoring.
DPO.OR.B.020 Personnel requirements
Regulation (EU) 2023/1769
(a) An organisation involved in the design or production of ATM/ANS equipment shall appoint an accountable manager who has the authority to ensure that all activities may be financed and carried out in accordance with the applicable requirements of this Regulation. The accountable manager shall be responsible for establishing and maintaining an effective management system.
(b) The authority, duties, and responsibilities of the nominated post-holders, in particular management personnel in charge of safety, quality, security, finance and human-resources, shall also be defined.
Regulation (EU) 2023/1769
(a) An organisation involved in the design or production of ATM/ANS equipment shall establish a record-keeping system that allows for the adequate storage of records and the reliable traceability of all its activities, covering in particular all the elements indicated in point DPO.OR.B.001.
(b) The format and the retention period of the records referred to in point (a) shall be specified in the organisation’s management system procedures.
(c) Records shall be stored in a manner that ensures their protection against damage, alteration, and theft.
(d) An organisation involved in the design or production of ATM/ANS equipment shall maintain a register of the ATM/ANS equipment deployed.