Safetip #104: Review Risk Assessments Periodically
What is a Risk Assessment?
In the context of occupational safety and health, a risk assessment is a process that aims to protect workers by preventing injuries and illnesses. A risk assessment includes many specific steps, but they can all be grouped in the following three general steps:
1) Hazard Identification (i.e. what would cause risks of injuries or illnesses)
2) Risk Analysis and Evaluation (i.e. what are the likelihood and severity of harmful events, and the priority of risks)
3) Risk Control (i.e. how to mitigate risks by either eliminating hazards or putting controls in place)
Hazard Assessment or Risk Assessment?
Many people still confuse the terms “hazard” and “risk”. There are even some government and regulatory agencies that also confuse both terms. A hazard and a risk are two different things (see this blog post).
Here is an example: An engineer needs to work on a part of an industrial machine that is high above ground level. The engineer might fall and suffer an injury. In this case, the work at height (even as small as 2-3 meters) is the workplace hazard that the worker is exposed to. The fall that might happen and cause an injury is the risk. To prevent injuries, the hazard can be removed (e.g. work performed on the machine by a robotic equipment operated at ground level, or machine part brought at ground level where work is performed on it and then put back in place), or the risk can be mitigated through fall protection (e.g. use of a safety harness or elevated work platform).
“Hazard Assessment” and “Risk Assessment” are used interchangeably by many, but a hazard and a risk are different things. A more correct way is to see a hazard assessment as being part of a risk assessment. If you’re walking around a workplace and methodically looking for anything that workers are exposed to, and that can cause harm, then you’re performing a hazard assessment. If you’re assessing the likelihood and severity of harmful events, and determining measures to eliminate hazards or mitigate risks (for example through NIOSH’s hierarchy of controls), then you have moved passed a hazard assessment and you’re in the latter steps of a risk assessment.
Review Risk Assessments
Since people, processes and equipment change, workplace hazards and risks can also change. Therefore, risk assessments should be reviewed periodically. A review should happen if any major workplace change has occurred. Through a change management process, you can define rules where certain types of changes would automatically trigger a review of a risk assessment. You can also review systematically all risk assessments once a year. The following questions should be addressed during the review of a risk assessment:
- Are there new hazards?
- Are there changes to the level of exposure of workers to known hazards?
- Are new hazards introducing new risks, and if yes, what are the likelihood and severity of harmful events?
- Are changes to known hazards modifying the likelihood and severity of harmful events?
- What are the priorities of new risks?
- Are there changes to the priorities of known risks?
- What control methods should be put in place for new risks?
- Are existing control methods for known risks still effective?
Finally, remember to document changes to risk assessments and initiate action plans to make the applicable changes to controls.
Best-in-Class companies implement an integrated risk management framework to assess risks, define controls, manage audits, identify issues, and implement remediation plans. Download Aberdeen’s “Operational Risk Management: Building a Framework to Identify, Assess and Remediate” report to learn more.