| NODIS Library | Program Management(8000s) | Search |

NASA Ball NASA
Policy
Directive
NPD 8700.1E
Effective Date: October 28, 2008
Expiration Date: October 28, 2018
COMPLIANCE IS MANDATORY
Printable Format (PDF)

(NASA Only)

Subject: NASA Policy for Safety and Mission Success (Revalidated 12/6/2013)

Responsible Office: Office of Safety and Mission Assurance


CHANGE HISTORY

Chg#
Date
Description/Comments
1
12/06/2013
Update to comply with 1400 Compliance,with administrative changes, update applicable documents, delete Attachment A-Typical SMA Program Elements and remove requirements numbers.

1. POLICY


It is NASA policy to--

a. Protect the public, NASA workforce, high-value equipment and property, and the environment from potential harm as a result of NASA activities and operations by factoring safety as an integral feature of programs, projects, technologies, operations, and facilities.

b. Establish and maintain independent lines of communications for unrestricted flow of information and adjudication of dissenting opinions concerning any matters affecting the ability to meet the safety and mission success requirements and criteria.

c. Hold NASA leaders, managers, supervisors, and employees accountable for safety and mission success within their assigned areas of responsibility.

d. Define and document both safety and mission success requirements and criteria in NASA programs and projects as a foundation for the design and development of safe and reliable program hardware and software.

e. Require all acquisition instruments as specified by the NASA Federal Acquisition Regulation Supplement to appropriately address SMA processes so that the responses to these instruments describe the approach to be used to implement SMA and to manage the associated safety and mission success risk factors.

f. Verify and validate life-cycle implementation of the SMA processes and any related safety and mission success requirements through ongoing surveillance of program, project, and contractor processes.

g. Certify the safety and operational readiness of hazardous or mission critical hardware and software (including flight systems, support equipment, facilities/operations, ground-based systems) through a process of formal review of the compilation of validation and verification information.

h. Address safety and mission success concerns, requirements noncompliance, risks and risk acceptance, and appropriate lessons learned at all major management reviews, other major milestone review activities, and operational readiness reviews.

i. Use qualitative and quantitative risk assessment techniques to develop information for making informed decisions regarding safety and mission success within a structured and formal decision process.

j. Process all technical decisions that result in residual safety and/or mission success risk by obtaining:

(1) The approval/concurrence of the cognizant Technical Authority (Engineering, SMA, or Health/Medical) with the acceptance of risk.

NOTE: The approval or concurrence is based on the technical merit of the case and independent assessment of the risk. If the technical decision relates to requirements owned by the Technical Authority, then the Technical Authority approves the decision. If the technical decision does not relate to requirements owned by the Technical Authority, then the Technical Authority concurs with the decision. Refer to NPR 7120.5, and to NASA-STD 8709.20, Management of Safety and Mission Assurance Technical Authority Requirements, for definitions of approval and concurrence.

(2) Formal approval by the cognizant SMA authority that the risk is acceptable.

NOTE: The cognizant SMA authority should not be confused with Technical Authority. SMA authority is the authority assigned by NPD 1000.3, The NASA Organization, to the Chief, Safety and Mission Assurance to determine if the risk of a hazard exceeds the limits where it can be accepted. This authority is not limited solely to hazards related to SMA requirements but to any hazard. Application of this authority is intended to be applied at a level consistent with the application of Technical Authority (that is to the cognizant SMA authority).

(3) Formal consent to take any human safety risk by the actual risk taker and an appropriate member of his/her supervisory chain.

NOTE: There are two elements to the consent to take risk. The first element is that the risk takers themselves volunteer to take the risk. The second element is that the appropriate member of the supervisory chain also consents to the risk-taking. The first element focuses on the willingness of the risk taker to volunteer while the second element provides for a check and balance on the risk taker to alleviate situations where a risk taker might be reluctant to decline taking inappropriate risk.

(4) Formal acceptance of the risk by the applicable program, project, or operations and facilities manager.

NOTE: Residual risk is the remaining risk that exists after all mitigation actions have been implemented or exhausted in accordance with the risk management process.

k. Report and track to resolution all corrective actions resulting from investigations of mishaps, incidents, nonconformances, anomalies, and safety and mission assurance audits; distribute and use lessons learned to improve activities and operations.

l. Encourage, support and monitor programs, activities and events that strengthen and sustain a healthy safety culture at NASA.

2. APPLICABILITY

a. This directive is applicable to NASA Headquarters and NASA Centers, including Component Facilities and Technical and Service Support Centers. This directive applies to the Jet Propulsion Laboratory and other contractors only to the extent specified or referenced in the appropriate contracts.

b. In this directive, all mandatory actions (i.e., requirements) are denoted by statements containing the term "shall." The terms: "may" or "can" denote discretionary privilege or permission, "should" denotes a good practice and is recommended, but not required, "will" denotes expected outcome, and "are/is" denotes descriptive material.

c. In this directive, all document citations are assumed to be the latest version unless otherwise noted.

3. AUTHORITY

a. The National Aeronautics and Space Act, as amended 51 U.S.C. ยง 20113(a).

b. 29 CFR 1910, Occupational Safety and Health Standards.

c. 29 CFR 1960, Basic Program Elements for Federal Employee Occupational Safety and Health Programs and Related Matters.

d. 48 CFR 18, NASA FAR Supplement

e. NPD 1000.0, NASA Governance and Strategic Management Handbook..

4. APPLICABLE DOCUMENTS AND FORMS

None.

5. RESPONSIBILITY

a. The Administrator is the ultimate acceptance/disposition official for residual safety and mission success risks and the official Agency spokesperson to consent to any exposure to residual human safety or property risk on behalf of the general public. In this capacity, the Administrator shall--

(1) Decide cases of formal dissent to accept residual safety and mission success risks that are elevated to the Administrator (Requirement).

(2) Consent to the residual human safety or property risk on behalf of the general public in cases where the consent to take the residual human safety or property risk is not the responsibility of the Center Director (when the risk is located at or near a NASA Center or Component Facility) or the Range Commander (when the risk is associated with range operations) (Requirement).

(3) Request external approval/concurrence for risks that are not within the authority of NASA to grant (Requirement).

b. The Mission Directorate Associate Administrators are responsible for the safety and mission success of their programs, projects, elements, and activities.

(1) To accomplish this, each Mission Directorate Associate Administrator shall--

(a) Establish safety and mission success requirements based on the Agency-level requirements for all programs and assure these requirements are properly flowed down into projects, elements, and activities (Requirement).

(b) Ensure that all programs, projects, elements, and activities control the recurrence of problems through a closed-loop corrective and preventive action system (Requirement).

(c) Establish policies and procedures for formal reviews for the certification of programs, projects, elements, and activities as detailed in paragraph 1.g (Requirement).

(d) Establish and apply a process for technical decisions dealing with residual safety and mission success risk that is consistent with the policy statements contained within paragraph 1.j above (Requirement).

(e) Accept residual safety and mission success risks to programs, projects, elements, and activities under their purview (Requirement).

(2) Mission Directorate Associate Administrators are authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

c. Responsibilities for the Chief, Safety and Mission Assurance are assigned in NPD 1000.3.

(1) In addition to those responsibilities, the Chief, Safety and Mission Assurance shall--

(a) Provide SMA and Risk Management (RM) expectations and evaluations at Program Management Council activities and other major program milestone reviews (Requirement).

(b) Establish review processes to support the certification of hardware and software safety and operational readiness (including flight systems, support equipment, facilities/operations, ground-based systems) (Requirement).

(c) Participate in selected certification and readiness reviews established by the Mission Directorate Associate Administrators (Requirement).

(d) Formulate and direct safety, reliability, maintainability, and quality education, training, and career development programs to enable SMA staff, program/project management, senior Agency management, and the NASA workforce to obtain the understanding of safety, reliability, maintainability, and quality principles, tools, methods, and standards necessary to successfully perform their functions (Requirement).

(e) Review emergency planning as part of the Office of Safety and Mission Assurance review processes to ensure compliance with the Occupational Safety and Health Administration requirements in 29 CFR 1960, 29 CFR 1910, and the Worker Safety and Health Support Annex of the National Response Plan (Requirement).

(f) Evaluate and independently assess residual risk and determine whether the risk may be accepted (Requirement).

(2) The Chief, Safety and Mission Assurance is authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

d. The Chief Health and Medical Officer is authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

e. The Center Directors are responsible for the safety and mission success of their activities and operations.

(1) To accomplish this, in addition to the responsibilities established in NPD 1000.3, each Center Director shall--

(a) Establish safety and mission success requirements for Center operations and activities (Requirement).

(b) Delegate this authority based on an assessment of the frequency of occurrence and the severity of the risk (Requirement).

(c) Designate a functional manager for SMA to serve as the leader and focal point for the Center's SMA activities (Requirement).

(d) Staff Center SMA organizations with sufficient qualified safety, reliability, maintainability, quality, and RM professionals (Requirement).

(e) Apply a process for technical decisions dealing with residual safety and mission success risk to Center activities and operations that is consistent with paragraph 1.j, including:

(i) Serving as the risk acceptance/disposition official for residual safety and mission success risk to Center operations and activities (Requirement).

(ii) Consenting to take the residual risk on behalf of people exposed (civil service employees, contractor employees, and visitors) on-site at the Center and its component facilities (Requirement).

NOTE: For spaceflight and aircraft flight crews, the Center Director for the Center where the flight crews are employed is responsible for the flight crew and consents to take the residual risk on behalf of the flight crews, regardless of the location of the risk. During flight operations, the consent to take risk may transfer to the vehicle commander or other designated individual.

(f) Maintain the safe and successful functioning of the Center facilities and operations (Requirement).

(g) Use lessons learned to improve operations and activities (Requirement).

(h) Control recurrence of undesired events through a closed-loop corrective action system (Requirement).

(2) Center Directors are authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

f. Program, project, and element managers are responsible for the safety and mission success of their programs, projects, and elements. Program, project, and element managers shall--

(1) Establish safety and mission success requirements within their programs, projects, and elements in conjunction with the designated Technical Authority (Requirement).

(2) Work with the host Center SMA organization to coordinate/execute SMA efforts within the program/project/element (Requirement).

(3) Accept any residual safety and mission success risk for activities within their decision authority for their program/project/element (Requirement).

g. In cases where there is residual risk to safety and mission success, the cognizant Technical Authorities (Engineering, SMA, Health/Medical) shall evaluate and formally approve or concur with the program manager to accept the risk. (Refer to paragraph 1.j.(1).) (Requirement).

h. The Center SMA functional manager supports the Center Director in implementing their responsibilities.

(1) The Center SMA functional managers shall--

(a) Provide local SMA leadership and policy implementation direction for Center-hosted programs, projects, and operations (Requirement).

(b) Serve as the Center focal point for the alternative, independent SMA line of communication (Requirement).

(c) Assure that effective and efficient SMA processes are in place to enhance the potential for success of NASA programs, projects, elements, and activities hosted by the Center (Requirement).

(d) Conduct surveillance and independent assessments to enhance (a) the success of programs, projects, elements, and activities; and (b) the effectiveness of SMA activities (Requirement). This includes overseeing any SMA activities managed by other organizations, such as aviation safety, lifting safety, pressure-systems safety, firefighting, and emergency response.

(e) Review, in coordination with their Center's program, project, and element personnel, SMA and RM plans for the programs, projects, and elements at the Center (Requirement).

(f) Perform hazard analyses and SMA assessments in support of program, project, and element needs (Requirement).

(g) Provide SMA expectations and evaluations to local Center Program Management Council activities (Requirement).

(h) Evaluate and independently assess safety and mission success residual risk and determine that the risk may be accepted (Requirement).

(2) Center SMA functional managers are authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

i. The Associate Administrator for Institutions and Management is responsible for the operational safety program at Headquarters.

(1) The Associate Administrator for Institutions and Management shall--

(a) Maintain the safe and successful functioning of Headquarters facilities and operations (Requirement).

(b) Use lessons learned to improve operations and activities (Requirement).

(c) Control recurrence of undesired events through a closed-loop corrective action system (Requirement).

(d) Implement Agency safety policies, plans, techniques, procedures, and standards and ensure that safety requirements are established for Headquarters operations (Requirement).

(e) Apply a process for technical decisions dealing with residual safety and mission success risk to Headquarters activities and operations that is consistent with paragraph 1.j, including:

(i) Serving as the risk acceptance official for residual safety and mission success risk to Headquarters operations and activities (Requirement).

(ii) Consenting to take the residual risk on behalf of people exposed (civil service employees, contractor employees, and visitors) onsite at Headquarters (Requirement).

(f) Designate a safety manager to serve as the leader and focal point for the Headquarters safety activities (Requirement).

(2) The Associate Administrator for Institutions and Management is authorized to direct the suspension of any activity that presents either a present hazard (imminent danger) or future hazard to people, property, or mission operations due to unsafe acts or conditions that might be identified by either inspection or analysis.

j. Supervisors are responsible for the safety of their assigned personnel. Supervisors are authorized within the context of their official duties to direct the suspension of any activity that presents a present hazard (imminent danger) to their employees.

k. Employees are authorized to cease working any process or operation they believe to be unsafe and request analysis by a qualified individual.

6. DELEGATION OF AUTHORITY

None.

7. MEASUREMENT/VERIFICATION

Compliance with the requiements conained within this NPD is continuously monitored by the Centers and by the SMA Technical Authority. Compliance may also be verified as part of selected life cycle reviews, and by assessments, reviews, and audits of the requirements and processes defined within this NPD.

8. CANCELLATION

NPD 8700.1C, NASA Policy for Safety and Mission Success, dated October 13, 2002.


REVALIDATED WITH CHANGE 1, ORIGINAL SIGNED BY:

/s/ Michael D. Griffin
Administrator



ATTACHMENT A: REFERENCES

A.1. NPD 1000.3, The NASA Organization.

A.2. NPR 7120.5, NASA Space Flight Program and Project Management Requirements.

A.3. NASA-STD 8709.20, Management of Safety and Mission Assurance Technical Authority Requirements.

A.4. Worker Safety and Health Support Annex of the National Response Plan.

A.5. Safety and Mission Assurance Requirements Tree, http://www.hq.nasa.gov/office/codeq/doctree/qdoc.htm.

(URL for Graphic)

None.

DISTRIBUTION:
NODIS


This Document Is Uncontrolled When Printed.
Check the NASA Online Directives Information System (NODIS) Library
to Verify that this is the correct version before use: http://nodis3.gsfc.nasa.gov