Update: Please note, the NASA Interim Directive is no longer in effect; please see NPR 8000.4B.
NASA Interim Directives
In accordance with NPR 1400.1G, NASA Directives and Charters Procedural Requirements, NIDs are for immediate and short-term use to fulfill urgent requirements. They expire when replaced by a permanent NPR or 12 months after the effective date of the NID, whichever happens first. NASA Interim Directives can be revised only once to remain effective for another 12 months; otherwise, a revised NPR will follow the NID.
Effective Oct. 24, 2016, NID 8000-108, Agency Risk Management Procedural Requirements, replaced NPR 8000.4A, same title, for at least a 12-month period with implementation to begin immediately.
The NID is in direct response to an Aerospace Safety Advisory Panel (ASAP) recommendation on managing risk with clear accountability. While it is in effect, the Office of Safety and Mission Assurance will revise NPR 8000.4. The baseline or starting point for the revision will be the NID. Its new requirements for risk acceptance (RA) will be incorporated into the revised NPR so efforts made now to implement them will be applicable to the revised NPR when published, most likely in late 2017.
ASAP Recommendation 2014-AR-05: Process for Managing Risk With Clear Accountability states NASA should consistently provide formal versus ad hoc processes for managing risk with clear accountability. The rationale is that reliance on the quality and integrity of personnel to “do the right thing” makes RA personality dependent rather than part of a formal process.
The new requirements aim to formalize accountability for RA decisions, improve the technical rigor of the cases relied upon when making those decisions, and clarify the roles of both the Technical Authorities (TAs) and the risk-takers in RA decisions.
Accountability is about the decision-makers owning the uncertainty associated with the decision and justifying and documenting, on balance of potentially competing factors, why they chose the selected decision alternative. It is also about establishing, upfront, a responsibility for developing and documenting the rationale that underpins a decision. In the case of an RA decision, NASA managers, who are the deciders, are accountable for their decision (including those of their subordinates) and to the next higher level in the organizational hierarchy.
Figure 2 from NID 8000-108
Figure 2 from the NID notionally illustrates the NASA organizational hierarchy where acquirers flow down requirements to providers via Performance Requirements. In the upward direction, Performance Measures evaluate the satisfaction of those requirements, and, ultimately, NASA’s strategic goals. The figure also addresses the roles of acquirers and providers in RA decision-making.
TAs are expected to independently evaluate and provide their signature, indicating concurrence or non-concurrence in 1) the technical merits of the case for an RA decision, 2) the manager’s authority to make the decision and 3) the acceptability of the decision. The risk-taker (or official spokesperson and supervisory chain) must provide a signature when there is risk to humans, documenting consent to assume the risk.
While the ASAP recommendation drove publication of the NID, its new procedures are consistent with 1) similar policy already in NPD 1000.0, NASA Governance and Strategic Management Handbook, 2) NASA’s traditional expectations of its decision-makers and 3) the continuing evolution of risk management at NASA.
Traditionally, RA decisions at NASA relate to individual risks, but the scope of the ASAP recommendation is much broader. It, and the NID itself, consider decisions such as rebaselining performance requirements, granting waivers, or reducing the scope of tests to be RA decisions.
Both call for improving the technical rigor of the cases relied upon for RA decision-making, developing and documenting the rationales that underpin decisions, promoting an understanding of the aggregate risk being accepted (e.g., tracking (bookkeeping) the number of accepted yellow risks), and basing key RA decisions on an Analysis of Alternatives (AoA) (e.g., using the Risk-Informed Decision Making (RIDM) process).
Implementation of the requirements of the NID includes at least the following elements:
- Establishment of procedures for identifying decisions that have safety or mission success RA implications, some of which may not be obvious
- Development and documentation of the rationale (e.g., evidence of doing AoA or RIDM) for those decisions
- Documentation of TAs’ independent evaluations of the rationale
- Signatures from program and project managers (RA) and TAs (concurrence), and, if applicable, risk-takers (consent) on a program or project-specific form
- Periodic reports of RA decisions to the next higher level of the organizational hierarchy and the cumulative effects of RA decisions over the life cycle
- Risk-management plan updates
Contact Homayoon Dezfuli, System Safety Technical Fellow, for more information.