Stanley Lau is the Aviation Principal Consultant at Egis with over two decades of experience in aviation safety, planning and engineering. A chartered professional engineer with Hong Kong's Civil Aviation Department since 2003 where he contributed as the Safety Manager for an ANSP, ANS Regulator for the CAA and led various strategic procurements and transitions of air traffic management systems, navaids and flight check activities for the air traffic control centre in 2016 and new runway of Three-Runway System in 2022 for Hong Kong. His expertise in aviation consulting assisted CAAs, ANSPs, airports and airlines across Europe (UK, Switzerland), the Pacific Islands (Samoa), Asia (Hong Kong, Singapore, Vietnam and Taiwan), the Middle East and beyond, to make crucial safety, operations and asset investment decisions.
Stanley recently presented at CANSO Airspace Asia Pacific 2025 in Hong Kong, sharing insights on integrated risk management (IRM) for air navigation service providers (ANSPs). In this article, drawn from his presentation, he explores the evolving risk landscape in aviation and with Egis' holistic approach to IRM, how to devise practical strategies for ANSPs to navigate interdependent risks while complying with global and local regulations.
What are the key risks facing ANSPs today, and why is a siloed approach no longer sufficient?
Modern aviation relies on complex, interconnected functional digital systems, both airborne and ground-based. Risks span multiple domains—including safety, cybersecurity, operational, technological, environmental, regulatory, programme, and emerging risks. In the 'jigsaw puzzle' metaphor, where different risks as puzzle pieces could seem to be isolated as silo, but independences (with other risks) exist and sometimes without addressing them collectively, can reduce the effectiveness of risk treatments or at worst, as illustrated in animated ‘risk funnel’ metaphor, amplify threats across different domains. For instance, in environmental performance KPIs, the effectiveness of noise abatement procedures, need to balance with operational resilience and to keep safety paramount.
ICAO's 4th edition of the Safety Management Manual (Doc 9859, 2018) explicitly advocates for Integrated Risk Management (IRM), defining it as 'the assessment and integration of functional system needs and interdependence'. Traditional siloed assessments—e.g. conducting safety, environmental or cybersecurity reviews separately—are inefficient and reactive, failing to address how one risk can trigger others or their interdependences reduce the effectiveness of risk mitigations. Due to conventional silos built among subject experts or adoption of divergent industry guidance and methodologies over years, some organisations still operate the siloed approach in risk management. As aviation becomes increasingly digitised and operational performance of stakeholders are connected and interdependent, this siloed approach is untenable.
Can you provide examples of how risks interact and impacting on ANSPs performance?
Using the noise abatement flight procedures in Hong Kong (or in any other ANSPs) as an example, which prioritise routing of approaching aircraft over the sea (or less populated areas) at night to minimise impact to residential areas under flight path. However, these procedures may require specific aircraft equipage and crew capabilities. If these resources are unavailable, alternative procedures must be implemented, underscoring the need for resilient designs that prioritise safety which may impact environmental goals.
Another example is the 2024 Finnair incident, where GPS interference—likely a cyberattack—forced flight cancellations to Tartu, Estonia. The interference began at 5,000 feet, preventing landings and disrupting over 1,600 flights across Europe. Traditional safety mitigations, such as using ground-based navaids or alternate airports, were insufficient at the time against wide-area cyber threats, escalating discussions and ongoing coordination at the EU and NATO levels. This illustrates how cybersecurity risks can cascade into wider safety and operational disruptions, necessitating cross-domain reviews on existing controls and mitigations.
How does Egis support ANSPs in implementing IRM to manage risk holistically?
Egis emphasises integrated and unified processes anchored in three pillars: governance, classification and prioritisation methodology, and intelligent responses with continuous improvement.
Governance advocates clear responsibility structures, using RACI framework (Responsible, Accountable, Consulted, Informed) as an example to break down organisational silos with additional risk players. At strategic level, senior management gains real-time visibility to imminent risks and coordinate resources across domains in the organisation; at tactical level, risk owners collaborate and anticipate interdependence; and at operational level, front-line staff identify and escalate risks, act on operational intelligence data, monitor impacts and provide feedback.
For methodologies in risk classification and prioritisation, Egis recommends unified processes (see also ‘risk funnel’ metaphor) as advocated by ICAO, CANSO and EASA in EU, such as using ICAO's 5x5 matrix and as-low as reasonably practicable (ALARP) in the well-established safety management system for all risks, augmented by ‘Integrated Risk Parameters’ to modulate risk level, such as velocity (speed of risk spread), interconnectedness (cascade effects), and controllability (mitigation efficacy), that can reflect the importance and demonstrate proactive address to interdependence across domains. This approach ensures dynamic, multi-domain prioritisation and allow fine-tuning according to the risk appetite of individual organisations.
By leverage on operational intelligence data gathered from internal sources (e.g., incident logs, cybersecurity monitoring) and external feeds (e.g., regulatory updates, peer benchmarks), ANSP can provide intelligent responses and progressive data-driven improvement to imminent risks. Egis recommends ANSPs to deploy real-time dashboards to visualise single source of truth of multi-domain risk data and provide actionable insights for different levels of staff, aligning with ICAO's safety data collection and analysis and CANSO's data-driven safety vision through IRM.
With new regulations emerging, how can ANSPs prepare using the concepts in IRM?
Cybersecurity is considered as the top aviation risk in 2025, according to Allianz statistics. In the Asia-Pacific, Hong Kong's Protection of Critical Infrastructures (Computer Systems) Bill, will be effective on 1 January 2026, mandates risk assessments for critical systems (including aviation), akin to the EU's Part-IS Regulation 2023/203. Egis’ recommendations of integrated and unified approach to manage risks addressed by these new regulations are applicable to ANSPs, that can be applied in alignment to ICAO's requirements on IRM which emphasise that risks are interrelated and should not be assessed in isolation.
While both the Hong Kong’s bill and EU Part-IS focus on information security management, on par with the top aviation risk being identified. IRM provides the opportunity for ANSPs to integrate safety, operational, environmental (and many other) considerations into their risk assessments based on the well-established safety management system framework. It's important to recognise that embracing operational intelligence in effective IRM encompasses data-driven approach to all risks, allowing ANSPs to progressively manage the full spectrum of risks—beyond just cybersecurity, more effectively. This holistic approach is crucial for addressing the dynamic and complexities of modern aviation.
What should ANSP leaders prioritise moving forward?
ANSP leaders should adopt a lifecycle approach to IRM in their evolving organisational changes, whilst embedding safety-by-design and security-by-design requirements in managing risks in the changes from initiation, design, implementation, operations, and retirement phases. ANSPs could progressively facilitate multi-domain ‘trade-off analysis’ on risk assessments conducted by their subject experts through their risk managers. This proactive gesture on addressing risk interdependencies is essential, on one hand to drive the change for the organisation to progressively adopt the integrated and unified processes, on the other hand also provides proof for their regulators in adopting IRM as one of the strategies to improve effectiveness of controls and mitigations on existing and emerging risks. Identifying, documenting, monitoring, and visualising risks via (real-time) dashboards will facilitate timely responses. As risks will evolve — such as zero-day cyber events or increasing demands and expectations from the stakeholders — real-time visibility and continuous fine-tuning will ensure business resilience of the organisation.
Addressing risks holistically is crucial for a sustainable aviation future.
