In Australia, businesses are required by the state health & safety legislation to undertake adequate safety risk assessment in their workplace and all safety-related risks to be controlled and managed. Duty-holders have obligations under the Occupational Health and Safety Act 2004 (OHS Act) to ensure the health and safety of people ‘so far as reasonably practicable’.

Business shall carry risk assessment to maintain a safe and healthy workplace and also be in compliance with the applicable regulatory requirement. Effective occupational health & safety in a workplace is all about identified hazards and eliminating or controlling their risks. Risk Management processes in which potential risks are identified, evaluated and necessary control measures are taken to either eliminate/reduce the impact of the risk identified.

A business that has an existing OHSAS 18001 or AS NZS 4801 Occupational health & safety system is also required to carry safety risk assessment as part of the management system. The upcoming ISO 45001:2018 (Occupational Health & Safety Standard) also requires the organisation to undertake hazard identification and risk assessment.

A simple safety risk assessment can be using the following five steps.

Step #1: Hazard Identification

Hazard is anything that has the potential to cause harm

Employers need to identify all hazards that pose a health & safety risk to their workers. Hazard identification is the first step to risk assessment. Business to ensure workers are consulted and their participation are there while conducting hazard identification. Hazard identification is usually carried by looking at the business activities (both routine & non-routine), legal requirements, risks in the workplace. Business managers should identify and categorise the hazards of the following types

♣    Physical: e.g. lifting, awkward postures, slips and trips, noise, dust, machinery, computer equipment, etc.

♣    Mental: e.g. excess workload, long hours, working with high-need clients, bullying, etc. These are also called ‘psychosocial’ hazards, affecting mental health and occurring within working relationships.

♣    Chemical: e.g. asbestos, cleaning fluids, aerosols, etc.

♣    Biological: including tuberculosis, hepatitis and other infectious diseases faced by healthcare workers, home care staff and other healthcare professionals.

Step #2: Hazard Impact – When Who & How

After identifying the hazards in the workplace, the next step is to understand and determine who will get affected by this hazard and how. This step is vital as it enables the organisation to assess the risk and take appropriate control measure. You should consider not only full-time staff but also part-time employees, contract staff, visitors, clients/ customer and other members of the public that may enter the workplace. It is recommended that you review all work-related activities at different locations, different work shifts and situation in the workplace where staff are employed.

For example:

♣    The employee who handles machinery and tools face the significant hazard of injury.

♣    A customer relationship personnel or receptionist faces risks related to intruder, violence and workstation station hazards

♣    A driver faces risks related to vehicle accident and involve road safety risks.

Step #3: Risk Assessment and mitigation

Identifying all potential hazards and its mechanism will enable your business to assess/evaluate the risk value for the hazard. Risk is nothing but the probability that a hazard will cause harm. To evaluate the risk level, you should calculate the frequency and severity of the hazard. This information will help you determine whether or not you should reduce the level of risk or not. As mentioned above, it the duty of the employer to reduce the risk to ‘an acceptable/ reasonable level’. It is worthy to mention that certain risks will always be in the workplace unless you chose to eliminate the hazard.

It is essential to assess the effectiveness of existing controls (if any) before determining the control measure. The regulations and ISO standard recommend you to follow the hierarchy of risk control measures (Elimination, Substitution, Engineering Controls, Administrative Controls and Personal Protective Equipment). Employers must decide for each remaining hazard whether the risk remains high, medium or low.

Step #4: Implement the control and record the findings

The control measures that determine to reduce the risk should be implemented, and the residual risk values post-implementation should be assessed. It is important to record all these information (hazards, risks scores, control measures, residual risk scores) in a document. Usually business has a risk register in place to record all this information with regards to risk management. The record will also serve as evidence that risk assessment was carried and it can be used a basis for developing work instruction and safe method work statements. The risk assessment is a working document and is constantly reviewed and updated to reflect adequacy and currency.

Step #5: Review the risk assessment

Risk management is an iterative process, and risk assessments should be regularly reviewed to ensure that establish control measures are effectively implemented and maintained. Any changes to the business activity, legal requirement, product or services should trigger another hazard identification and risk assessment.