The French National Safety Authority (NSA) has developed a risk-based tool to prioritise and optimise its supervision strategy. This is part of a larger project to drive an internal digital transformation, placing a priority on relying more on data for decision-making and safety supervision. The external environment is changing. For 25 years, European Union policy has been focusing on establishing a single European railway area as its main goal. In the 2000s, rail markets for freight and international passenger travel opened to competition. Domestic passenger rail has gradually followed suit since December 2019. Consequently, the number of train operating companies and railway infrastructure managers might double by 2026 in France. Supervision the safety of the country’s rail system is one of the activities of the French NSA, which is done through various checks such as audits and inspections. In this context of increasing number of railway operators, a decision-making tool has been developed to prioritise which companies and which categories of safety events should be audited and inspected. For example, train operating companies are grouped into priority classes according to different risk levels. This classification is based on: The amount of traffic of each company.
Companies safety performance measured using an annual internal evaluation of each company. Years of experience and results of previous controls are considered. Data are useful to understand, quantify and classify. This allows to remove subjective elements from decision and as a result, to commit to a risk-based strategy. Now the French NSA uses this tool to prioritise audits and inspections and to adapt their duration and frequency. For instance, if a company gets the highest priority, then the French NSA will frequently audit all its safety management system. On the contrary, if a company gets a lower priority, the audits will be less frequent, shorter and they will focus just on parts of this company’s safety management system. This paper describes the methodology which has been developed by the French NSA in its supervision strategy. Half based on company’s safety performance, half on undesired events with the aim of one side, a company’s cartography and, on the other side, two undesired events matrix.