Organizational Factors
After the Columbia accident, the Columbia Accident Investigation Board (CAIB) found that organizational factors at NASA were partly responsible.
Safety Culture
Nancy Leveson paper on Columbia Space Shuttle loss
CAIB Report extract from Chapter 7:
UNDERSTANDING CAUSES
In the Boardʼs view, NASAʼs organizational culture and structure had as much to do with this accident as the External Tank foam. Organizational culture refers to the values, norms, beliefs, and practices that govern how an institution functions. At the most basic level, organizational culture defines the assumptions that employees make as they carry out their work. It is a powerful force that can persist through reorganizations and the reassignment of key personnel. Given that todayʼs risks in human space flight are as high and the safety margins as razor thin as they have ever been, there is little room for overconfidence. Yet the attitudes and decision-making of Shuttle Program managers and engineers during the events leading up to this accident were clearly overconfident and often bureaucratic in nature. They deferred to layered and cumbersome regulations rather than the fundamentals of safety. The Shuttle Programʼs safety culture is straining to hold together the vestiges of a once robust systems safety program. As the Board investigated the Columbia accident, it expected to find a vigorous safety organization, process, and culture at NASA, bearing little resemblance to what the Rogers Commission identified as the ineffective “silent safety” system in which budget cuts resulted in a lack of resources, personnel, independence, and authority. NASAʼs initial briefings to the Board on its safety programs espoused a risk-averse philosophy that empowered any employee to stop an operation at the mere glimmer of a problem. Unfortunately, NASAʼs views of its safety culture in those briefings did not reflect reality. Shuttle Program safety personnel failed to adequately assess anomalies and frequently accepted critical risks without qualitative or quantitative support, even when the tools to provide more comprehensive assessments were available. Shuttle Independent Assessment Team – 1999 Just three years later, after a number of close calls, NASA chartered the Shuttle Independent Assessment Team to examine Shuttle sub-systems and maintenance practices (see Chapter 5). The Shuttle Independent Assessment Team Report sounded a stern warning about the quality of NASAʼs Safety and Mission Assurance efforts and noted that the Space Shuttle Program had undergone a massive change in structure and was transitioning to “a slimmed down, contractor-run operation.” The team produced several pointed conclusions: the Shuttle Program was inappropriately using previous success as a justification for accepting increased risk; the Shuttle Programʼs ability to manage risk was being eroded “by the desire to reduce costs;” the size and complexity of the Shuttle Program and NASA/contractor relationships demanded better communication practices; NASAʼs safety and mission assurance organization was not sufficiently independent; and “the workforce has received a conflicting message due to the emphasis on achieving cost and staff reductions, and the pressures placed on increasing scheduled flights as a result of the Space Station” [emphasis added].8 The Shuttle Independent Assessment Team found failures of communication to flow up from the “shop floor” and down from supervisors to workers, deficiencies in problem and waiver-tracking systems, potential conflicts of interest between Program and contractor goals, and a general failure to communicate requirements and changes across organizations. In general, the Programʼs organizational culture was deemed “too insular.” |
Elements of Safety Culture
The term safety culture was picked up by industrial – or workplace – safety groups as well as system safety groups. Extending the system safety approach to the organizational level, James Reason (Reason, 1997) identifies five key components of a safety culture:
1. Informed Culture – the people operating and managing the system have to have up-to-date knowledge of the state of the system. This includes the technical, human and environmental elements of the system.
2. Reporting Culture – people operating the system have to have a mechanism to report problems with the system. This is an important source of information to support the informed decision-making. The challenge is how to build a system where people feel that they will be able to report negative information about their own performance without fear of excessive consequences.
3. Just Culture – the culture has to continue to emphasize accountability. Even if immunity is given for some minor, self-reported errors, there still needs to be a strong culture of responsibility
4. Flexible Culture – the cultures of High Reliability Organizations (HRO’s) are able to respond to emergency situations by changing from a centralized, bureaucratic organization to a decentralized structure. The normal centralized organization allows the common culture to be maintained and transmitted to individuals, while the decentralized structure allows small groups to make key decisions quickly to respond to a developing situation.
5. Learning Culture – an organization needs to be able to improve its own methodology as it gains experience.
In Chapter 9, Reason develops guidance on “engineering” each of these elements, based on research and the experience of HRO’s. For example, the success of the Aviation Safety Reporting System, developed and operated by NASA for the FAA, shows how a reporting culture can be developed and maintained. (see Reason, J. (1997). Managing the risks of organizational accidents. (1st ed.). Hampshire, England: Ashgate Publishing Limited.)
The workplace spirituality movement has developed and found that when employees and management share common values, production and quality are increased.
1. Informed Culture – the people operating and managing the system have to have up-to-date knowledge of the state of the system. This includes the technical, human and environmental elements of the system.
2. Reporting Culture – people operating the system have to have a mechanism to report problems with the system. This is an important source of information to support the informed decision-making. The challenge is how to build a system where people feel that they will be able to report negative information about their own performance without fear of excessive consequences.
3. Just Culture – the culture has to continue to emphasize accountability. Even if immunity is given for some minor, self-reported errors, there still needs to be a strong culture of responsibility
4. Flexible Culture – the cultures of High Reliability Organizations (HRO’s) are able to respond to emergency situations by changing from a centralized, bureaucratic organization to a decentralized structure. The normal centralized organization allows the common culture to be maintained and transmitted to individuals, while the decentralized structure allows small groups to make key decisions quickly to respond to a developing situation.
5. Learning Culture – an organization needs to be able to improve its own methodology as it gains experience.
In Chapter 9, Reason develops guidance on “engineering” each of these elements, based on research and the experience of HRO’s. For example, the success of the Aviation Safety Reporting System, developed and operated by NASA for the FAA, shows how a reporting culture can be developed and maintained. (see Reason, J. (1997). Managing the risks of organizational accidents. (1st ed.). Hampshire, England: Ashgate Publishing Limited.)
The workplace spirituality movement has developed and found that when employees and management share common values, production and quality are increased.