CAA Drone Audit - Should you be worried

Oh Crap! The CAA want to Audit my Operation!

I have been a certified and approved CAA drone Pilot now for four years and to date have never been subjected to an audit by the CAA, which I have thought was somewhat odd to be honest.

Even being a couple of miles away from Gatwick CAA HQ, I had been expecting a visit at some point, but not yet, not even after the Gatwick Drone debacle being on my doorstep!

Out of the Blue

So it took me by surprise when out of the blue I got an email from the CAA UAS sector stating that they plan to come and audit my operation, or as they called it – Notification of CAA UAS Oversight Audit.

As I’m sure everyone does initially upon receipt of such an announcement, I thought crap, what is this about? Am I up to date on everything? What if someone had reported me for something I didn’t do? Blah blah blah… After a few moments of unintelligent deliberation while making a coffee to calm my nerves, it became clear that, obviously, I had nothing to fear and everything to gain. Yes, I’m up to date on everything, I’m a professional! No, no one has reported me for anything, because as I said, I’m a professional! I complete my own manual, so obviously I know it inside and out – after all it’s the protocols by which I run the Drone side of my business and therefore critical.

I was/am still in the process of completing my OSC submission, so actually this was an excellent opportunity to get the CAA into my office, lock the door and grill them on everything I wanted to know right? Free consultancy – cool!

CAA Drone Audit eMail

Next came a quick exchange of emails to agree a date and time that would suit, well ‘me’, which gave me around three weeks’ notice all in all. The agenda I was given was this:

  1. Meet and greet
  2. Review of the Operations Manual and the procedures outlined within
  3. A walk-through pilot competency and training. (including flight logs)
  4. A demonstration of records management (including insurance)
  5. A look at the platforms used and maintenance involved
  6. Audit post analysis and wrap up

It seemed reasonable enough. I checked with the chap to see what sort of facilities he would need and roughly how long the audit would take, as I wasn’t sure if this was an all-day thing or just a few hours. He confirmed “The process will take 60-90 minutes. No real facility is needed other than somewhere that we can sit with a table to look at your documents and your UAS, as such we are happy to complete these at both business and home addresses.

Again, all reasonable enough. It was booked into my calendar and after a quick confirmation that they had the latest and up to date Ops Manual that I was working to, that was that.

Day of the Audit

So audit day arrived, and I was very much looking forward to it. Car pulled up outside bang on 12 O’clock as planned and two chaps got out – was surprised as I thought it was just the guy I had spoken to on email. No problem obviously, but had setup in my drone room, so was going to be a bit of a squeeze!

They were very courteous and polite as you would expect and after a couple of pleasantries exchanged, we got down to business.

The lead guy opened up with some official statements as to their role in completing compliance audits and that such audits are either scheduled due to intelligence received (i.e. I had been reported or complaints have been made) or part of a completely random selection process from a computer algorithm. I was relieved to hear that my audit was the latter, completely randomly selected!

They then asked a series of questions, the main one was ‘Did I create my own manual, and do I maintain it myself?’ I got the impression that this would take the audit down either road A or road B depending upon my answer. I confirmed that I do everything myself.

They then checked over my document control processes and looked at the amendment record at the front on the manual. I was complemented on use of colour and to the thoroughness of my log! Nice to get the feed-back, naturally.

They then asked about my training programmes, which was a short section, as I was the only person in my organisation and so they skipped over that part.

Next was questions about what I would do if I needed to report an ‘incident’. As I never have had to so far (touch wood), I could only tell them that I would refer to the sections in the manual covering such an event along with the data I would record on site, before using the ECCAIRS process to log it. They accepted this and said what they wanted to hear was me talk about ECCAIRS.

Up next was, “How do I get my information and notices from the CAA”, I joked, “Like everyone else, I ask people on Facebook, right?”… They seemed to have a sense of humour which is important for any meeting I’m ever at! I gave them the answer they were looking for, which was I subscribe to the CAA Skywise App (which is free btw, and if you don’t subscribe to it, why the hell not?)

There were a few more follow up questions of no real significance before we moved onto looking at the details about my operational processes and procedures.

First up we talked about the fact that I was completely digital and kept all my documentation, reporting, logs and flight data in the cloud. I was printing stuff out up until end of 2017, then just stopped as I couldn’t see any point in doing that any more. They were more than happy with this, once I took them through the applications and processes I use which for information are:

  • Microsoft OneNote
  • Google Cloud Drive
  • /
  • Lightblue – Client CRM

The only thing I print out are the physical checklists (per project/mission) and a copy of my emergency procedures, which are used at the TOAL locations.

They were happy and appeared impressed (yay!), so big tick in the box for me as I wasn’t sure if this would be ok. I had a strong argument lined up about what the actual point of documentation is, having it available everywhere across multiple platforms and devices, and hell yes, even the cost to the planet and the cutting down of trees!! But wind was firmly taken from my sails, and we moved on.

I then took them through my process for taking on a job and planning it through to execution using the last job that I did. Again all ok. This then confirmed they were happy with my digital approach.

We then went through my emergency procedures, which was quite straightforward. Their clipboard received another tick.

Next was an interesting problem, as their audit process clearly wanted to see my NQE “recommendation”, however, I don’t have such documents. What I have from my NQE (Heliguy) was pass certificates as this was all you were given back in 2016 – its wasn’t a “recommendation” as such. I have certification in Ground School, sub 7kg and sub 20kg. We all agreed that things must have changed at some point, and that it wasn’t an issue.

They checked my insurance certification and that it was in date and in the name of the company pertaining to the PFCO granted.

Next up was checklists (I have 6) and that I file these following all my flights, along with onsite procedures – they had my manual open so I needed to be inline with what I say I do. Checklists are the only actual hardcopy documents that I keep for each project/flight/mission.

All going well, and I think we were only about 25-30 minutes into the audit at this point.

Maintenance records were the next subject and I took them through the scheduled ‘Inspection Processes’ and ‘Maintenance Processes’ that I track and log in the application All good and as I complete processes well inside the manufacturer’s recommendations, nothing to report there. I had my M600 currently on the bench where we were talking so I took them through what I was doing with it – took up some time as one of them hadn’t seen a M600 in the flesh until then, so we got into ‘gear talk’ mode for a bit, before being brough back into line by the lead guy! There was an interesting talk on where I would source spare parts, and they were keen to learn if I used the manufacturer’s genuine parts or third party, props in particular.

With the Inspire 1 Pro on my asset register, they told me that parts ‘may’ become a problem in the future, and I should think about stock piling some bits if I wanted to continue with the platform into the future. They then checked my Op ID was attached to the drones.

And that was about it for the audit! I was told that everything looked good and there were no advisories, and that a write up to that effect would be sent to me in a couple of weeks.

I think the timeline at this point was about 40-45 minutes.

The rest of the 15 minutes they were there (they left exactly on the hour at 1pm), I asked questions about my OSC submission which was pending. I had questions about how the CAA see the OSC permission developing in the future and how it compares to the GVC permission. Also, why I would want to keep the PfCO and the OSC and not just use the OSC moving forward to save a few quid on the PfCO renewal. My OSC is written to accommodate standard permissions as well as the enhanced permissions I was after.

They made some great points about the requirement for the OSC in general and that it is tightly connected with the SUA platforms used. I talked through my strategy to achieve 5m separations and all seemed well received (at least they didn’t laugh), and although they were at pains to confirm that they cannot give consultancy advice, I kind of got a little in conversation.

That was it…. Very useful and painless process. Very professional and comforting to know that our industry has this process built in. For me it is not only an opportunity to have got some dedicated time with the CAA and to gain some valuable feed-back about the processes I use, but also to give me a ‘marketing USP’ that my company is safe and professional, and as ‘audited by the CAA’… if you get where I’m coming from 😊