Egis' Aviation Principal Stanley Lau presented at CANSO Airspace Asia Pacific 2025 in Hong Kong, sharing insights on integrated risk management (IRM) for air navigation service providers (ANSPs). In this Q&A article, drawn from his presentation, he explores the evolving risk landscape in aviation, detailing practical strategies for ANSPs to navigate interdependent risks while adhering to regulations.
What are the key risks facing ANSPs today, and why is a siloed approach no longer sufficient?
Modern aviation relies on complex, interconnected digital systems, both airborne and ground-based. Risks extend across multiple domains—safety, cybersecurity, operational, technological, environmental, regulatory, programme, and emerging risks. Using the 'jigsaw puzzle' metaphor, different risks may appear as isolated pieces, yet they are interdependent. Failing to address these interconnections collectively can diminish the effectiveness of risk treatments or, at worst, exacerbate threats across various domains. For example, noise abatement procedures must balance effectiveness with operational resilience while prioritising safety.
ICAO's 4th edition of the Safety Management Manual (Doc 9859, 2018) explicitly promotes Integrated Risk Management (IRM), defining it as "the assessment and integration of functional system needs and interdependence." Traditional siloed assessments—conducting safety, environmental, or cybersecurity reviews separately—are inefficient and reactive, neglecting how one risk can trigger another. As aviation becomes increasingly digitised and stakeholders' operational performances intertwine, a siloed approach to risk management is no longer viable.
Can you provide examples of how risks interact and impact ANSPs' performance?
Consider noise abatement flight procedures in Hong Kong, which prioritise routing approaching aircraft over the sea at night to minimise residential impact. These procedures require specific aircraft equipage and crew capabilities. If resources are lacking, alternative procedures must be implemented, highlighting the complexity of embedding resilience in all operational contexts when designing procedures that prioritise safety and address environmental goals.
Another relevant example is the 2024 Finnair incident, where GPS interference—presumed to be a cyberattack—led to flight cancellations to Tartu, Estonia. The disruption began at 5,000 feet and affected over 1,600 flights across Europe. Traditional safety mitigations, such as using ground-based navaids or alternate airports, were inadequate against wide-area cyber threats. This incident demonstrates how cybersecurity risks can escalate into broader safety and operational challenges, necessitating cross-domain reviews of existing controls and mitigations.
How does Egis support ANSPs in implementing IRM to manage risk holistically?
Egis emphasises integrated and streamlined processes centred around three pillars: governance, risk classification and prioritisation methodology, and intelligent responses with continuous improvement.
Governance promotes clear responsibility structures and utilises the RACI framework (Responsible, Accountable, Consulted, Informed) to dismantle organisational silos. At the strategic level, senior management gains real-time visibility of imminent risks and coordinates resources; at the tactical level, risk owners collaborate on interdependencies; and at the operational level, front-line staff escalate risks based on operational intelligence data.
For risk classification and prioritisation methodologies, Egis advocates for unified processes, as endorsed by ICAO, CANSO, and EASA in the EU. This includes using ICAO's 5x5 matrix and the ‘ALARP’ (As Low As Reasonably Practicable) concept within safety management systems to assess all risks. This approach integrates ‘Integrated Risk Parameters’—such as velocity, interconnectedness, and controllability—allowing for dynamic prioritisation in line with organisational risk appetites.
By leveraging operational intelligence data from both internal sources (incident logs, cybersecurity monitoring, equipment status) and external feeds (regulatory updates, peer benchmarks, risk bulletins), ANSPs can generate intelligent responses and continuous, data-driven improvements. Egis recommends deploying real-time dashboards to visualise multi-domain risk data and provide actionable insights for various staff levels, aligning with ICAO's safety data collection and analysis and CANSO's data-driven safety vision through IRM.
With new regulations emerging, how can ANSPs make use of the concepts in IRM?
Cybersecurity is projected to be the top aviation risk in 2025, according to Allianz statistics. In Hong Kong, the Protection of Critical Infrastructures (Computer Systems) Bill, effective 1 January 2026, mandates risk assessments for critical systems, including aviation. Egis recommends an integrated approach to managing these new requirements, aligned with ICAO's IRM principles that emphasise the interrelated nature of risks.
Although both Hong Kong’s bill and EU Part-IS focus on information security management, they reflect the top aviation risks currently identified. IRM offers ANSPs an opportunity to integrate safety, operational, and environmental considerations into their assessments, moving beyond just cybersecurity. This holistic approach is essential for addressing the complexities of modern aviation.
What should ANSP leaders prioritise moving forward?
ANSP leaders should adopt a lifecycle approach to IRM, embedding safety-by-design and security-by-design principles from initiation through retirement phases. They should facilitate multi-domain trade-off analyses on risk assessments conducted by their subject experts and risk managers. This proactive approach to risk interdependencies will ensure organisations adopt integrated processes and demonstrate to regulators their commitment to improving the effectiveness of controls and mitigations.
Timely risk identification, documentation, monitoring, and visualisation through real-time dashboards will support prompt responses. As risks evolve—such as zero-day cyber events and increasing stakeholder demands—maintaining real-time visibility and fine-tuning strategies will bolster organisational resilience.
Addressing risks holistically is vital for ensuring a sustainable future in aviation.
----------
About the author: Stanley Lau is Aviation Principal Consultant at Egis, bringing over two decades of experience in aviation safety, planning, and engineering. Since 2003, he has been a chartered professional engineer with Hong Kong's Civil Aviation Department, serving as the Safety Manager for an ANSP and regulator for the CAA. Stanley has led strategic procurements and transitions of air traffic management systems, navaids, and flight check activities for the air traffic control centre in 2016 and the new runway of the Three-Runway System in 2022 in Hong Kong. His consulting expertise has supported CAAs, ANSPs, airports, and airlines across Europe (UK, Switzerland), the Pacific Islands (Samoa), Asia (Hong Kong, Singapore, Vietnam, and Taiwan), the Middle East, and beyond, in making critical safety, operational, and asset investment decisions.
