There’s been a lot written about ICAO Annex 19 Edition 3 and what it means for aviation organisations ahead of the November 2026 deadline. Most of it focuses on the regulatory picture, who’s in scope, what changed, and how EASA is implementing it.
That context matters. But if you’re a Safety Manager trying to work out whether your operation is actually ready, the regulatory framing only gets you so far.
The more important question is this: when November 2026 arrives, and your SMS comes under scrutiny from an inspector, IOSA auditor, or customer airline conducting a supplier review, what will your system struggle to demonstrate?
This article is about that question. Not just the regulation, but the operational reality underneath it.
What Is ICAO Annex 19 Edition 3 and Why Does It Matter?
ICAO Annex 19 is the international standard for aviation safety management. It’s the source document behind the SMS obligations that operators, MROs, and CAMOs face under EASA, the FAA, and equivalent authorities worldwide. You can read the official standard here ICAO safety management
The third edition, known as Amendment 2, was adopted in June 2025 and is to become applicable on 26 November 2026. It’s the most significant update since the Annex was first published in 2013.
What makes it significant isn’t who it applies to. It’s what it now asks of organisations that already have an SMS. Previous editions established that you needed one. Edition 3 asks whether yours is actually working. That’s a different question, and for a significant number of companies, the honest answer is that their current setup isn’t ready for it.
The Standard Has Moved, and Most Organisations Haven't
EASA’s own inspectors are already operating on a performance-based basis. Their Management System Assessment Tool evaluates SMS on a four-stage maturity scale: present, suitable, operating, and effective. Most organisations with a passive, documentation-based SMS will find themselves assessed as present or suitable. That’s no longer enough.
NBAA confirmed as recently as March 2026 that for US Part-145 repair stations with EASA approval, the focus has moved entirely to demonstrated effectiveness. Regulators are no longer looking at plans. They’re evaluating performance. Failure to demonstrate a fully developed SMS now risks findings or revocation of approval.
Not because the team isn’t trying. But because the tools aren’t built to produce what’s now required.
The Six Operational Gaps November 2026 Will Expose
These are the specific areas where organisations running spreadsheet-based or fragmented safety systems will feel the pressure most acutely. None of them is an exotic requirement. They’re what a genuinely working SMS should already be doing.
1. Showing how safety trends are changing over time
Of everything on this list, this is the one that’s hardest to fix quickly. You can’t go back and create six months of trend data when an inspector is already at the door.
An operational SMS isn’t just a record of what went wrong. It shows you where things are heading. Are hazard rates increasing or decreasing? Are the same issues appearing more frequently than three months ago? Are certain actions being raised repeatedly without being fully resolved? These are time-based questions that need consistent data collection, categorisation, and connection over a meaningful period.
When an inspector asks what your safety trends look like over the last quarter, the answer can’t be “let me pull that together.” It has to exist already, something your Safety Manager looks at every week, not something built the week before a review.
Most organisations simply don’t have this. The data exists, buried across reports, risk registers, and CAPA logs, but it’s never connected in a way that automatically surfaces trends. Identifying a pattern means manually cross-referencing multiple documents, which in practise means it rarely happens until something forces the conversation.
2. Preparing for Safety Review Boards without weeks of manual work
Ask any Safety Manager how long it takes to prepare for an SRB, and the answer is rarely encouraging. ICAO estimates that inefficient SMS programmes cost operators up to $500,000 annually in administrative overhead, and a significant portion of that cost sits in exactly this kind of manual assembly work.
No amount of organisation fixes a system that wasn’t built to make this easy.
SRB preparation involves pulling together open hazards, outstanding actions, risk register status, recent findings, trend data, and performance indicators, and presenting them in a way that allows management to make informed decisions. If all of that lives in separate places, someone has to assemble it manually every single time.
Edition 3 expects you to demonstrate that the SRB is driving decisions, that management is reviewing meaningful safety performance data and acting on it. A deck assembled from four spreadsheets the night before doesn’t support that argument.
3. Giving management live visibility instead of static snapshots
This one affects a different audience: the Accountable Manager, the Head of Safety, the people who carry regulatory accountability for SMS effectiveness.
What most of them currently receive is a periodic report. Monthly, quarterly, whenever the Safety Manager has time to compile it. It shows what happened. It doesn’t show what’s happening now, doesn’t flag overdue actions, and doesn’t surface the hazard that’s been raised three times this quarter in different forms.
Edition 3 asks whether management is getting meaningful safety data and demonstrably acting on it. A static PDF once a month isn’t meaningful safety data. Genuine visibility means a live dashboard view of open risks, active actions, trend direction, and overdue items, available at any point without the Safety Manager having to build it.
The EASA Safety Review 2025 identifies 211 safety issues across European aviation and flags that modern operations require integrated approaches capable of handling diverse data sources across operational domains.
4. Connecting reports directly to risks, actions, and evidence
Here’s a scenario that plays out regularly. A report comes in, gets logged, the hazard is assessed, a corrective action gets assigned and completed, but it’s somewhere else in a separate document.
If an auditor wants to trace that journey from report to evidence of effectiveness, can you show that chain clearly and quickly? And if a manager wants to understand why a risk is rated as it is, can they follow the evidence trail themselves without a walkthrough from the Safety Manager?
In a connected system both are straightforward. In a fragmented one they’re seriously difficult. The report in one place, the risk register in another, the CAPA in a third, the evidence of closure in an email thread that may or may not be findable. Aviation SMS data commonly resides in exactly these kinds of silos, where maintenance, ops, and quality systems rarely communicate seamlessly. If you want to understand the full cost of that fragmentation, we’ve covered it in detail here. Edition 3 oversight is specifically designed to test this. If your answer involves sending someone to look through old files, that gap will be visible.
5. Seeing where risk is actually concentrated in your operation
Trend analysis tells you whether things are improving over time. But a working SMS also needs to answer a different question: where in your operation is safety activity concentrated right now?
Which routes, aircraft types, or maintenance tasks are generating the most reports? Which areas look good on paper but have a cluster of low-severity reports that together indicate a pattern worth investigating before it becomes a finding?
Over 70% of aviation incidents involve human factors, and most of those patterns are visible in safety data before they become incidents, if the data is connected well enough to surface them. The difference between a Safety Manager who responds to individual reports and one who can see where real risk is concentrated isn’t a difference in effort. It’s a difference in infrastructure.
For a lean safety team already stretched for time, that analysis simply doesn’t happen regularly enough in a spreadsheet-based system. By the time the pattern is obvious, it’s often already a finding.
6. If every inspection feels like a scramble, something is wrong with the infrastructure
The cumulative effect of the above is that most organisations treat audit readiness as an event, something you prepare for when an inspection is scheduled, rather than a condition that exists continuously.
The problem with that approach under Edition 3 is twofold. First, inspectors can and do give short notice. Second, the performance-based model means they’re not just looking at your documentation. They’re looking at whether your SMS is generating the right outputs consistently over time. You can’t manufacture six months of genuine safety performance data in the two weeks before an inspection.
If your SMS infrastructure is doing its job, audit readiness is simply a byproduct of running your normal safety operations. The data is already there, already connected, already traceable. Pulling together an evidence pack is a matter of hours, not weeks.
If it isn’t, every inspection becomes a project.
Two Organisations, Same Deadline, Very Different Outcomes.
The organisation that isn’t ready has a Safety Manager spending a significant part of their week on work that the system should be doing for them. Transferring data between tools. Chasing outstanding actions. Compiling reports. Trying to spot patterns in a spreadsheet that was never designed for it. Technically compliant, operationally blind.
The ready one looks different. When the Safety Manager opens REDiFly SMS on a Monday morning, the picture is already there. Open risks are flagged automatically. Overdue actions surfaced without anyone chasing. Trends visible at a glance. Hotspots obvious without manual analysis. Management with their own live dashboard view rather than a report produced last Thursday. An SRB pack that takes an hour, not a week.
Get the infrastructure right, and this is what your operation looks like. From November 2026, the organisations that haven’t will find that gap very difficult to hide.
Why the Tools Are the Problem, Not the Team
None of the six capabilities above is far-fetched. They’re basic requirements for a safety system that’s genuinely working. The reason most organisations don’t have them isn’t due to a lack of intention or effort. It’s that the tools they’re using weren’t built to deliver them.
Spreadsheets record data. They don’t surface trends. Email tracks correspondence. It doesn’t create traceability. Standalone audit tools document findings. They don’t connect those findings to a live risk register.
What Edition 3 requires is a connected infrastructure. Reports feed into a live risk register. Actions are tracked and escalated automatically. Audit findings linking to hazards and forward to CAPAs. A live dashboard giving management real visibility without anyone compiling it.
REDiFly SMS was built specifically for this. A system designed around the outputs that safety teams and management actually need, not around ticking compliance boxes.
A Practical Self-Assessment
If you’re unsure where your operation stands, these questions are worth asking honestly:
Could your Safety Manager walk into an unscheduled SRB tomorrow and present a coherent picture of current safety performance without any preparation?
If an inspector asked you to show how your top three hazard categories have trended over the last six months, how long would that take to produce?
Can you trace a single occurrence report from submission through to risk assessment, CAPA, and evidence of effectiveness in under five minutes?
Does your management team have live visibility of open actions and overdue items right now, without asking the Safety Manager to produce a report?
When you look across your safety data, can you see which areas of your operation are generating the most activity, or does that require manual analysis?
If a manager wanted to understand why a specific risk is rated the way it is, could they follow the evidence trail themselves?
If most of those answers are uncomfortable, the issue isn’t how hard your team is working. It’s what they’re working with. REDiFly SMS is built to change that. And November 2026 is the point at which that question stops being something you can defer.
REDiFly SMS gives Safety Managers the live operational visibility that Edition 3 now demands and gives management the connected safety intelligence to prove the system is working.
Click the link below to schedule a call and we’ll show you what that looks like in practice.