In today’s dynamic environment, airlines need an IATA Operational Safety Audit (IOSA) that focuses on safety risks, specific to the auditee, rather than applying a "one-size-fits-all" approach. Risk-based IOSA delivers an audit scope that will be tailored for each airline. Furthermore, the new approach introduces a maturity assessment of the airline's safety-critical systems and programs.

Focusing on pertinent safety risks, while maintaining a baseline of safety,  Risk-baed IOSA increases the effectiveness of the audit and contributes to the overall industry goal of reducing the accident rate.

Risk-based IOSA Workshops: join one of the next workshops organized around the world.
> IOSA workshops 2023 - additional dates & locations (pdf)

Become an Auditor: be part of the future of the new Risk-based Audit model
> Find out what it takes to become an auditor (pdf)

Tailored Audit Scope 

Audit scoping is based on a combination of industry standards and operator-specific elements such as operational profile, safety events, and the operator's IOSA audit history.  

The below example illustrates how different factors will be considered in the audit scoping and how this practice differs from today's process.

Example of audit scoping under a risk-based approach to IOSA

Audit Scoping today Future
  • Worldwide runway excursion  rate has been increasing
  • All ISARPs are audited regardless of their universal criticality
  • ISARPs are prioritized in regular intervals. In this example ISARPs related to runway excursions are identified as high priority and audited in-depth
  • An operator has been demonstrating conformity with a non-critical ISARP for several consecutive audits.
  • All ISARPs are audited regardless of their criticality for the operator. 
  • The scope is tailored to the Operator's operating profile and audit history.
  • ISARPs with low criticality may be audited at lower frequency to allow focus on high-criticality ISARP

Maturity Assessment

The maturity assessment introduces a more structured and comprehensive way of providing the airline with an evaluation of its relevant safety systems and programs. This further assists in determining the next steps in improving its operational safety.

In addition to the introduction of the maturity assessment, Risk-based IOSA continues to require a baseline of conformity with  IOSA Standards and Recommended Practices. The example below shows the difference between the conventional conformity assessment and the maturity assessment that has been introduced.

Example of maturity assessment under a risk-based approach to IOSA

Maturity assessment today Future

FLT 2.2.14

"The Operator shall ensure flight crew members compete Operator familiarization training prior..."

Assessment Method (on each ISARP)


Nonconformity  no tick.jpg  

Assessment Method (on selected ISARPs and Programs)



The transition to full implementation of Risk-based IOSA in 2025 is well underway. During 2023 over 25 Operators will be audited under this modality and the number will increase substantially in 2024.

Throughout this time, workshops and trainings are being conducted for Airlines, Auditors, and Regulators.

Added Value

Over the last 19 years, IOSA has become the industry benchmark in safety auditing. With this new risk-based approach, the program will provide industry-wide stakeholders with additional value.

  • Tailored and reduced Audit scope focusing efforts where needed the most.
  • Improved audit methods through maturity evaluation.
  • Improved management and standardization of auditors.
  • Safety insights are captured to deliver safety improvements and reduction of local accident rates.
  • New insights through improved audit report.
  • Long-term sustainability of IOSA program through direct management of insourced products.

Need more information?

If you have any questions, do not hesitate to contact us at