Are the four pillars the same as the four components?

Yes. ICAO defines the SMS framework as four components — safety policy and objectives, safety risk management, safety assurance, and safety promotion — which are commonly referred to as the four pillars.

Which pillar does management of change belong to?

Management of change sits within safety assurance — it ensures changes are assessed and controlled — though it draws on risk management to evaluate the safety impact of each change.

The Four Pillars of an Aviation SMS

Pillar 1 — Safety Policy and Objectives

The first pillar sets the foundation: a documented safety policy signed by the accountable manager, clear safety accountabilities and responsibilities, and measurable safety objectives. It establishes that safety is owned at the top and resourced properly.

It also covers the appointment of key safety personnel, coordination of emergency response, and the documentation that holds the SMS together.

Pillar 2 — Safety Risk Management

This is the engine of the SMS: identifying hazards and then assessing, mitigating, and accepting the associated risk. Hazards come from reporting, audits, day-to-day operations, and proactive analysis.

Risk is typically scored on a matrix combining likelihood and severity, mitigations are applied, and residual risk is formally accepted at the right level of management. A good system keeps a live risk register linked back to the events that raised each risk.

Pillar 3 — Safety Assurance

Safety assurance asks: is the SMS actually working? It covers performance monitoring and measurement (safety performance indicators and targets), internal audits and compliance monitoring, and the management of change — making sure new aircraft, routes, procedures, or organisational changes are risk-assessed before they happen.

Continuous improvement closes the loop: findings and trends feed back into the system so it gets better over time.

Pillar 4 — Safety Promotion

The fourth pillar is about people: training and competence so everyone can play their part, and communication that keeps safety visible and builds a just culture where people feel safe to report.

Without safety promotion, the other three pillars stall — because an SMS only works if people actually report and engage with it.

How the pillars connect

The pillars aren't separate silos. A hazard report (promotion and reporting culture) feeds risk management, which links to assurance through audits and change management, all underpinned by policy and accountability. Software that keeps these connected — rather than in four separate spreadsheets — is what turns the framework into a working system.