What is a risk assessment?

The definition of a risk assessment is a systematic process of identifying hazards and evaluating any associated risks within a workplace, then implementing reasonable control measures to remove or reduce them.

When completing a risk assessment, it is important to clearly define some keywords:

• An accident is ‘an unplanned event that results in loss’
• A hazard is ‘something that has the potential to cause harm’
• A risk is ‘the likelihood and the severity of a negative occurrence (injury, ill-health, damage, loss) resulting from a hazard.’

  What is a risk assessment?

  The definition of a risk assessment is a systematic process of identifying hazards and evaluating any associated risks within a workplace, then implementing reasonable control measures to remove or reduce them.

  When completing a risk assessment, it is important to clearly define some keywords:

  • An accident is ‘an unplanned event that results in loss’
  • A hazard is ‘something that has the potential to cause harm’
  • A risk is ‘the likelihood and the severity of a negative occurrence (injury, ill-health, damage, loss) resulting from a hazard.’

  Why are risk assessments important?

  As previously stated, carrying out suitable and sufficient risk assessments is the primary management tool in effective risk management. It is a legal requirement for any employer and must be documented wherever five or more people are employed.

  Risk assessment is a straightforward and structured method of ensuring the risks to the health, safety and wellbeing of employees (and others) are suitably eliminated, reduced or controlled

  The main purpose of risk assessments are:

  • To identify health and safety hazards and evaluate the risks presented within the workplace
  • To evaluate the effectiveness and suitability of existing control measures
  • To ensure additional controls (including procedural) are implemented wherever the remaining risk is considered to be anything other than low.
  • To prioritise further resources if needed to ensure the above.

  It can be a costly lesson for a business if they fail to have necessary controls in place. They could face not only financial loss (through fines, civil actions, etc) but also loss in respect of production time, damage to equipment, time to train replacement employees and negative publicity amongst others.

  There are a number of reasons why risk assessments are important in the workplace, not to mention the fact that they are a legal requirement. Outlined some of the main reasons below.

  1. Risk assessments are crucial to preventing accidents in the workplace:not only can risk assessments reduce the likelihood of accidents, they also help raise awareness of hazards and minimise risk.
  2. They reduce injuries and save lives:risk assessments don’t just identify hazards that create short-term risks. Without an effective risk assessment, long-term risks such as exposure to asbestos wouldn’t be identified or mitigated, potentially leading to fatal health problems.
  3. They help generate awareness about hazards in the workplace:organisations and employers being aware of hazards means injury is less likely to occur. Not only does this keep everyone safe and well but it will additionally save the company money. Injured employees may require sick pay, time off and compensation and Health and Safety Executive (HSE) could issue fines if they find you in breach of the law.
  4. They help managers make decisions about risk, including identifying who is most at risk and making appropriate adjustments:having an effective and formal risk assessment in place will demonstrate that you have taken appropriate measures to ensure the health and safety of your employees.

  Who is responsible for carrying out risk assessments?

  It is the responsibility of the employer (or self-employed person) to carry out the risk assessment at work or to appoint someone with the relevant knowledge, experience and skills to do so.

  The Management of Health and Safety at Work Regulations 1999 states that an employer must take reasonable steps ‘for the effective planning, organisation, control, monitoring and review of the preventive and protective measures.’ So even if the task of risk management is delegated, it is ultimately the responsibility of the management within any business to ensure it is effectively completed.

  Once hazards have been identified, the associated risks evaluated and steps taken to minimise the potential effects, the next step for an employer is to clearly and effectively communicate the risk assessment process and content to relevant parties.

  The process of communication is more effectively achieved if the relevant persons are involved with the risk assessment process at every stage. The person carrying out an activity or task is often best placed to provide details on the associated hazards and risks and should participate fully in the completion of the risk assessment.

  How to do a risk assessment?

  The HSE has recommended a five-step process for completing a risk assessment. This provides a useful checklist to follow to ensure that the assessment is suitably comprehensive. It involves:

  1. Identifying potential hazards
  2. Identifying who might be harmed by those hazards
  3. Evaluating risk (severity and likelihood) and establishing suitable precautions
  4. Implementing controls and recording your findings
  5. Reviewing your assessment and re-assessing if necessary.

  Step 1. Identify potential hazards

  It is important to firstly identify any potential hazards within a workplace that may cause harm to anyone that comes into contact with them. They may not always be obvious so some simple steps you can take to identify hazards are:

  • Observation: Walking around your workplace and looking at what activities, tasks, processes or substances used could harm your employees (or others)
  • Looking back over past accidents and ill-health records as they may identify less obvious hazards
  • Checking manufacturers’ data sheets, instructions, information and guidance
  • Consulting with employees (and others) who are carrying out the activities, tasks or processes.

  It may be useful to group hazards into five categories, namely physical, chemical, biological, ergonomic and psychological. 

  Step 2. Identify who might be harmed by those hazards

  Next, identify who might be harmed by those potential hazards. It should also be noted how they could be affected, be it through direct contact or indirect contact. It is not necessary to list people by name, rather by identifying groups including:

  • Employees
  • Contractors

  Some hazards may present a higher risk to certain groups including children, young people, new or expectant mothers, new employees, home workers, and lone workers.

  Step 3. Evaluate risk severity and establish precautions

  After identifying any hazards and who might be affected, it is important to evaluate the severity the risk may present (should it occur) and establish suitable and effective controls to reduce this level of risk as far as is ‘reasonably practicable’.  This means that everything possible is done to ensure health and safety considering all relevant factors including:

  • Likelihood that harm may occur
  • Severity of harm that may occur
  • Knowledge about eliminating, reducing or controlling hazards and risks
  • Availability of control measures designed to eliminate, reduce or suitably control or the risk
  • Costs associated with available control measures designed to eliminate, reduce or suitably control or the risk

  Assessing the severity of a risk requires an evaluation of the likelihood of an occurrence and how substantial the consequences that it may cause. Some factors affecting this evaluation include the duration and frequency of exposure, number of persons affected, competence of those exposed, the type of equipment and its condition, and availability of first-aid provision and/or emergency support.

  Step 4. Implement changes and record your findings

  If a workplace has five or more individuals, significate findings of the risk assessments are required to be kept either electronically or in writing. Recording your findings on a risk assessment form is an easy way to keep track of the risks and control measures put in place to reduce the identified risk. The form includes:

  • What hazards were found
  • Person(s) or groups affected
  • The controls put in place to manage risks and who is monitoring them
  • Who carried out the assessment
  • On what date the assessment was done.

  It is sensible to ensure the risk assessment is proportionate to the activity or task being carried out and this can often be a straightforward process for generic tasks.

  Step 5. Review your assessment and reassess if necessary

  Employers should periodically review the assessment and if necessary, re-assess any controls in place.

  A good guide as to when you may need to review your processes are:

  • After any significant change within the workplace or process in question
  • After an accident or ill-health incident has occurred
  • After near-misses have been reported.

  What documentation do you need?

  It is a misconception that risk assessments inherently involve a vast amount of paperwork. It can be as straight forward as completing a basic risk assessment form for many generic tasks or activities.

  However, employers should make sure they record significant findings including:

  • Any hazards identified
  • What controls are in currently in place, and information on any further control measures that may be required
  • Any individuals that have been identified as being especially at risk.

  There is no set amount of time that you are required to retain the risk assessment, but it is best practice to keep it as long as is considered relevant to a particular task or activity.

  Ref. British Safety Council