Management of risk assessments

Published: 26 Jul 2018

Employers have a duty under the Management of Health and Safety at Work Regulations 1999 to carry out risk assessments to identify what hazards exist in a workplace, and how likely these hazards are to cause harm. They must then decide what prevention or control measures are needed.

As part of managing the health and safety of your business you must control the risks in your workplace. To do this you need to think about what might cause harm to people and decide whether you are taking reasonable steps to prevent that harm. This is known as risk assessment and it is something you are required by law to carry out. If you have fewer than five employees you don't have to write anything down.

A risk assessment is not about creating huge amounts of paperwork , but rather about identifying sensible measures to control the risks in your workplace. You are probably already taking steps to protect your employees, but your risk assessment will help you decide whether you  have covered all you need to.

Step 1: Identify the hazards. In order to identify hazards you need to understand the difference between a 'hazard' and 'risk'.

When you work in a place everyday it is easy to overlook some hazards, so here are some tips to help you identify the ones that matter:

Check manufacturers' instructions or data sheets for chemicals and equipment as they can be very helpful in spelling out the hazards and putting them in their true perspective

Look back at your accident and ill-health records - these often help to identify the less obvious hazards

Take account of non-routine operations (eg maintenance, cleaning operations or changes in production cycles)

Remember to think about long-term hazards to health (eg high levels of noise or exposure to harmful substances)

Visit the HSE website. HSE publishes practical guidance on hazards and how to control them

There are some hazards with a recognised risk of harm, for example working at height, working with chemicals, machinery, and asbestos. Depending on the type of work you do, there may be other hazards that are relevant to your business.

Step 2: Decide who might be harmed and how

Think how employees (or others who may be present such as contractors or visitors) might be harmed. Ask your employees what they think the hazards are, as they may notice things that are not obvious to you and may have some good ideas on how to control the risks.

For each hazard you need to be clear about who might be harmed; it will help you identify the best way of controlling the risk. That doesn't mean listing everyone by name, but rather identifying groups of people (eg 'people working in the storeroom' or 'passers-by').

Step 3: Evaluate the risks and decide on control measures.

If your risk assessment identifies a number of hazards, you need to put them in order of importance and address the most serious risks first.

Identify long-term solutions for the risks with the biggest consequences, as well as those risks most likely to cause accidents or ill health. You should also establish whether there are improvements that can be implemented quickly, even temporarily, until more reliable controls can be put in place.

Step 4: Record your findings

Make a record of your significant findings - the hazards, how people might be harmed by them and what you have in place to control the risks. Any record produced should be simple and focused on controls.

Step 5: Review your assessment and update as and when necessary

Few workplaces stay the same. Sooner or later, you will bring in new equipment, substances and procedures that could lead to new hazards. So it makes sense to review what you are doing on an ongoing basis, look at your risk assessment again and ask yourself:

Have there been any significant changes?

Are there improvements you still need to make?

Have your workers spotted a problem?

Have you learnt anything from accidents or near misses?

Make sure your risk assessment stays up to date.

When reviewing generic assessments ensure that all documented future control measures (which form part of the current controls) are pushed into the current controls sections of the risk assessment

If you require any further support regarding the implementation and management of risk assessments, please do not hesitate to contact CSC.