OHS Key Element – Risk Assessment and Control

Risk assessment and control is at the core of effective OH&S management. The identification of hazards and risk assessment are regulatory require¬ments throughout the world. Risk assessment is fundamental to the successful application of any health and safety manage¬ment system. In most instances the process is based on simple principles which can be summarized as follows:

• Classify work activities.
• Identify hazards.
• Identify existing risk controls.
• Determine risk.
• Determine acceptability.
• Prepare risk control action plan to improve risk control as necessary.
• Review adequacy of action plan – confirm risk acceptability/tolerability.
• Ensure risk assessment and controls are effective and up to date

Risk assessment is the fundamental element required for the successful imple¬mentation of an OH&S management system. It embodies the key principle of proactive management: identifying the hazard and controlling the risk before harm occurs and/or damage is sustained to plant, equipment or other operational conditions. The process of identifying hazards, assessing risks and implementing and reviewing risk controls should be the basis of the whole OH&S management system. It is impracticable to make the workplace free of risk but the aim should be to identify and manage all foreseeable risks.

The main purpose of risk assessment is to decide whether existing or planned controls are adequate. This is a proactive process, i.e. controlling risks before harm (or damage) can occur. It is not a one-off exercise, as the measures taken will need to be reviewed from time to time depending on the gravity of the risk and extent of any changes to circumstances. Whenever there is to be any organizational or operational changes a risk assessment should be carried out before the changes are implemented. To ensure that the risk assessment proc¬ess works, it is essential to involve the workforce and gain commitment to this proactive approach. Risk management should be equally about identifying positive opportunities as it is about avoiding damage or injury. Risk assessment looks at the risks to which each person is exposed, whether employee, contractor, visitor or anyone else who might suffer harm, and arrives at a judgment as to whether each risk is:

• Acceptable – very low risk where no action is necessary; or
• Low, medium risk – risks in this category should be reduced so that they are acceptable or tolerable, where this is practicable;
• Unacceptable – something needs to be done right away to reduce it (in extreme cases this may involve stopping an activity until new methods or controls can be introduced).

The overall purpose of risk assessment and control is to understand the hazards that might arise in the course of the organization’s activi¬ties and ensure that any risks to people arising from the hazards are acceptable or tolerable. This is achieved by:

• Identifying hazards and making an estimate of the associated risk
• Levels, on the basis of existing or proposed risk controls;
• Determining whether these risks are tolerable;
• Determining whether further analysis is required to establish
• Whether the risks are, or are not, tolerable, for example noise levels might need to be measured to determine the more exact risk of hearing damage;
• Devising improved risk controls where these are found to be necessary.

Risk assessment can also be used to make a systematic comparison of different risk control/reduction options. It aids the organization to prioritize any resulting actions to reduce risk. In order to do this it is necessary to systematically identify the hazards that are created, assess the risks and establish what controls (if any) need to be implemented to reduce the risk of harm to an acceptable level. The process needs to be systematic and consistently applied, considering all the areas, activities and processes under¬taken, in order to avoid missing potential sources of harm.

1. Classify Workers Safety: List the work activities (including those covering premises, plant, people and procedures) and gather information about them, from start to finish, to include the people they cover, and how they work. The process of classify¬ing work activities should include staff consultation where necessary, as it is often the case that a work activity is carried out differently in practice than it is in theory. It is important that the process includes not only employees but also contractors, visitors and anyone else who might be harmed by the activities of the organization.

2. Identify hazards: Identify all significant hazards relating to each work activity, e.g. tripping, slipping, exposure to noise, inhalation of toxic fumes, etc. Consider who might be harmed and how in relation to the hazard controls that are in place.

3. Identify existing risk controls: Identify the risk controls that exist (or are proposed for planned activities), in order to reduce the risk associated with each hazard. These should be based on the principles of prevention through elimination, substitution, reduction, engineering and, as a final resort, the use of personal protective equipment (PPE).

4. Determine the risk: Make a subjective estimate of risk associated with each hazard, assum¬ing that planned or existing controls are in place. The assessment should consider the effectiveness of the controls and the consequences of their failure. The style of the assessment should be chosen to best suit the organization and the hazard being assessed.

5. Determine acceptability: Decide if the risk is acceptable/tolerable, i.e. that it has been reduced to the lowest level that is reasonably practicable. Judge whether planned or existing OH&S precautions and control measures are sufficient to keep the hazard under control.

6. Prepare a risk control action plan: Deal with any issues that were found by the risk assessment to require attention. Organizations should ensure that new and existing controls remain in place, are effective, are communicated and, where necessary, are recorded. It should be recognized that in some cases, further control meas¬ures may not be required.

7. Review the adequacy of the action plan: Reassess risks on the basis of the revised controls and check whether risks will be acceptable. This should be done on completion of the plan and periodically during the implementation process until completion. A final review on full implementation should be carried out to ensure suitability and good fit.

8. Maintenance: This review should be documented and repeated periodically to ensure that the controls remain effective. The frequency of the review will be dependent on the risk – the higher the risk, the more frequent the review process. Update and review risk assessments as necessary in order to maintain their validity.