This page is for anyone who needs to understand Part 5’s requirements in plain language — safety
managers preparing for compliance, accountable executives assessing organizational readiness, or
consultants advising Part 135 operators. For implementation timelines, see SMS Compliance
Timeline. For the international framework, see ICAO Annex
19.
Who Must Comply
The revised Part 5 applies across multiple certificate types, each with its own timeline:| Operator Type | Deadline |
|---|---|
| Part 121 (Airlines) | Already required; must update to revised Part 5 by May 28, 2025 |
| Part 135 (Charter/Commuter) | Must implement SMS by May 28, 2027 |
| Part 91.147 (Air Tours) | Must implement SMS by May 28, 2027 |
| Part 21 (Manufacturers) | Implementation plan due Nov 28, 2024; full compliance May 28, 2027 |
The regulation applies regardless of operator size. A single-pilot operation with one aircraft and
a large charter operator with fifty aircraft both must comply — but the FAA designed Part 5 to be
scalable. Advisory Circular 120-92D provides guidance on scaling SMS to smaller operations.
Structure of Part 5
Part 5 is organized into six subparts, each addressing a component of the SMS framework. Together, they map directly to the four pillars of SMS plus the supporting requirements for documentation.Subpart A — General (Sections 5.1 through 5.19)
Subpart A defines who must comply and establishes the core mandate: certificate holders must develop, implement, maintain, and continuously improve their SMS. This is not a one-time effort — the “continuously improve” language means the SMS must evolve as the operation changes and new information becomes available. Subpart A also establishes key definitions that appear throughout the regulation. A hazard is a condition that could foreseeably cause or contribute to an aircraft accident. Risk is the composite of predicted severity and likelihood of a hazard’s potential effect. Safety assurance refers to processes within the SMS that function systematically to ensure the performance and effectiveness of safety risk controls. And a safety risk control is a means to reduce or eliminate the effects of hazards. These definitions are precise and intentional. A “hazard” is specifically tied to aircraft accidents, not to every conceivable workplace issue. “Risk” explicitly combines two dimensions — severity and likelihood — not just one or the other.Subpart B — Safety Policy (Sections 5.21 through 5.27)
Subpart B requires the organizational commitment and structure that underpins the entire SMS. Section 5.21 — Safety Policy requires a written policy that includes safety objectives, a code of ethics, and a non-punitive reporting policy. The policy must be signed by the accountable executive and communicated to all employees. Section 5.23 — Safety Accountability and Authority establishes the accountable executive role. This person must have final authority over operations, final responsibility for the SMS, and control over the financial and human resources needed for safety. This responsibility cannot be delegated. Section 5.25 — Designation of Safety Personnel requires appointing key safety management personnel with defined duties. Section 5.27 — Emergency Response Planning requires coordinated emergency response procedures — not creating new ones from scratch, but ensuring that emergency plans are documented, current, and coordinated with relevant parties.Subpart C — Safety Risk Management (Sections 5.51 through 5.57)
Subpart C establishes when and how SRM must be applied. Section 5.51 — Applicability defines the triggers for SRM: new systems, changes to existing systems, newly identified hazards, ineffective controls, and external changes. Section 5.53 — System Analysis and Hazard Identification requires analyzing systems to understand their function, environment, procedures, personnel, equipment, and interfaces — then identifying hazards within those systems. Section 5.55 — Safety Risk Assessment and Control requires a process for analyzing risk, defined acceptable risk levels, and development of controls when risk exceeds those levels. Section 5.57 — Notification of Hazards requires notifying organizations you interface with when you identify hazards that affect them.Subpart D — Safety Assurance (Sections 5.71 through 5.75)
Subpart D requires continuous monitoring to verify that controls are working. Section 5.71 — Safety Performance Monitoring and Measurement requires monitoring across seven areas: operational processes, organizational characteristics, external events, internal safety reporting, regulatory compliance, environmental factors, and employee safety concerns. Section 5.73 — Safety Performance Assessment requires evaluating whether controls achieve their intended outcomes. When they do not, corrective action is required. Section 5.75 — Continuous Improvement requires that findings from monitoring and assessment drive improvement. Your SMS must evolve based on evidence.Subpart E — Safety Promotion (Sections 5.91 through 5.93)
Section 5.91 — Competencies and Training requires all personnel to understand their role within the SMS. Training must be ongoing, not a one-time event. Section 5.93 — Safety Communication requires methods for disseminating safety information — lessons learned, procedural changes, safety performance data, and feedback to reporters.Subpart F — Documentation and Recordkeeping (Sections 5.95 through 5.97)
Section 5.95 — SMS Documentation requires documenting SMS policies, processes, and procedures. The SMS must be described in a way that is understandable and accessible. Section 5.97 — SMS Records establishes retention requirements:| Record Type | Retention Period |
|---|---|
| SRM outputs (risk assessments, controls) | As long as the control remains relevant |
| Safety Assurance findings | 5 years |
| Training records | 24 months after employee departure |
| All SMS records | Available to the Administrator upon request |
The Declaration of Compliance
The Declaration of Compliance (DOC) is the formal submission that affirms your organization has developed and implemented an SMS meeting Part 5 requirements. It is submitted to your local FAA Certificate Management Office (CMO).What the DOC Must Include
The DOC identifies the organization by its legal name, physical address, certificate type, and certificate number. It contains an affirmation that the SMS meets Part 5 requirements, the accountable executive’s signature, the date of declaration, and SMS point of contact details.What It Means
The DOC is a legal affirmation. The accountable executive who signs it is attesting that the SMS is not merely documented but is actually implemented and operational. Submitting a DOC for a paper-only SMS — one that has policies and procedures written but not in active use — creates significant regulatory and legal exposure.After Submission
The FAA updates its internal records and validates your SMS through routine surveillance. Inspectors will look for evidence that your processes are functioning — a flow of safety reports, active risk management, timely corrective actions, regular safety committee meetings, and performance monitoring. They are evaluating whether your SMS is alive, not whether your documentation is perfect.Single-Pilot Exemptions
Section 5.9(e) defines a single-pilot organization as one where a single pilot is the sole individual performing all functions related to safe aircraft operation. These operators are exempt from requirements that presuppose multiple people:Exempted sections for single-pilot operators
Exempted sections for single-pilot operators
- Section 5.21(a)(4) — Employee reporting mechanisms - Section 5.21(a)(5) — Coordination across organization - Section 5.21(c) — Communication to all employees - Section 5.23(a)(2) — Safety management personnel designation - Section 5.23(a)(3) — Management representative - Section 5.25(b)(3) — SMS implementation team - Section 5.25(c) — Designation of required personnel - Section 5.27(a) — Emergency response coordination - Section 5.27(b) — Emergency response planning - Section 5.71(a)(7) — Employee safety concern processes - Section 5.93 — Safety communication - Section 5.97(d) — Communication records
What Still Applies
Even with these exemptions, single-pilot operators must still develop and implement an SMS, submit a Declaration of Compliance by May 28, 2027, perform Safety Risk Management, conduct self-audits as part of Safety Assurance, and maintain documentation and records.The Critical Distinction
Single-pilot with employees is not the same as single-pilot sole individual. If you have any employees — mechanics, dispatchers, administrative staff, or anyone else — all Part 5 requirements apply in full. The exemptions only apply when the pilot is truly the sole individual involved in the operation.Consequences of Non-Compliance
The FAA has not indicated any plans for deadline extensions. Operators who fail to comply by May 28, 2027, face a range of consequences that escalate in severity. Initial compliance findings during FAA inspections can lead to enforcement actions including civil penalties. In the most serious cases, certificate revocation and loss of operational authority are possible. Beyond regulatory consequences, non-compliance increasingly triggers increased scrutiny from insurers and customers, who view SMS as a baseline indicator of operational maturity.Related
SMS Compliance Timeline
Key dates and implementation phases for Part 135.
What Is a Safety Management System?
The conceptual foundation behind Part 5.
ICAO Annex 19 and International Standards
The international framework that Part 5 implements.
The Four Pillars of SMS
Deep dive into the four pillars that Part 5 mandates.