This toolkit provides step-by-step guidance for planning, carrying out and implementing a risk assessment. It explains the key issues and provides links to useful information and templates on the website.

What is a risk assessment?

A risk assessment is a careful examination of what, at work, could cause harm to people. It weighs up whether reasonable precautions have been taken or whether more can be done to prevent harm, and if the resulting level of risk is acceptable.

Why do you need to assess risks?

There is a requirement placed on the employer, duty holder or responsible person in UK health and safety legislation, in particular Regulation 3 of the Management of Health and Safety at Work Regulations 1999, to make a suitable and sufficient assessment of the risks people are exposed to at work and to take “reasonably practicable” steps to control those risks.

This extends from employees to the health and safety of visitors and members of the public who may be affected by the organisation’s work activities.

What do you need to do as an employer?

Risk assessment should be a part of day-to-day business management rather than simply a form-filling exercise.

For general advice and information, see the topic Risk Assessment: Principles and Techniques. There are also a range of Risk Assessment Templates and Risk Assessment Completed Examples throughout the product for you to download and edit. You can access them via the home page.

Plan the risk assessment

  1. Decide who is going to be responsible for risk assessment. This may be an in-house health and safety advisor, contracted consultant, or nominated members of staff.

  2. Responsibilities should be detailed in the general Health and Safety Policy or in a specific Risk Assessment Policy.

  3. Make sure those responsible for undertaking risk assessments are competent (see the Competent Persons topic). They will need to understand the organisation’s work activities as well as the risk assessment process. Try your general Risk Assessment Training Presentation. See also the Q&A Competency in risk assessment.

  4. Decide the scope of the risk assessment before it begins, ie which premises, activities or people will be included. A simple task analysis that breaks down work activities into stages may be helpful. The process will need to take account of the views of employees and any safety representatives as well as management.

  5. Choose the most appropriate risk assessment methodology to capture the relevant information. There are various risk assessment templates available throughout relevant topics, eg the General Risk Assessment form.

  6. Ensure your risk assessment will be suitable and sufficient. (Unfortunately, what makes a risk assessment suitable and sufficient is not defined in legislation or official guidance.) See Q&A “Suitable and sufficient” risk assessment.

Undertake the risk assessment

  1. Identify the potential hazards in the workplace, both immediate and long term, such as exposure to hazardous substances. Consider both routine and non-routine operations and activities.

    Ways to identify relevant hazards include:

    • checking official and trade association guidance relevant to your work activities

    • reviewing your organisation’s accident and near-miss reports

    • talking to employees and managers about their experiences

    • referring to information from suppliers and manufacturers, eg material safety data sheets or operation and maintenance manuals.

    (See the Resources page in your Risk Assessment: Principles and Techniques topic for a variety of Hazards associated with… templates.)

  2. Identify the individuals who may be exposed to harm, including employees, contractors, visitors and members of the public. Some may be at increased risk due to their age or because of health problems or disability. Language skills, pregnancy and homeworking may also be factors.

  3. Evaluate the risks, ie how likely is it that harm will occur? Are the precautions currently in place sufficient? Then rank the risks: which need to be dealt with first? This could be as simple as giving the risks a low, medium or high score. For information on this, see Evaluate the Risks.

  4. Decide what — if any — further actions need to be taken to eliminate or reduce unacceptable risks to as low as reasonably practicable. Follow the general principles of prevention in the Management of Health and Safety at Work Regulations 1999, as described in Control Measures.

    Note:

    While employers need to do everything “reasonably practicable” to protect people from harm, they do not need to implement control measures if they would be grossly disproportionate (in terms of money, time or trouble) to the level of risk. See Q&A Practicable risk control measures.

  5. You must record the findings of the risk assessment if you have five employees or more — but it is worth doing so in any case. This record should include the hazards, the people at harm and the measures you are taking to control the risks.

Implement the risk assessment

  1. Once you’ve identified the risk controls required, decide how to implement them. Set out the relevant procedures and actions, appoint people to carry them out and establish a method for tracking progress. See Control Measures.

  2. Communicate the findings of the risk assessment to those who need to know. See also Q&A Communicating the findings of a risk assessment.

Monitor and review your risk control measures

  1. Risk control measures must be monitored to ensure they are managing the risks effectively. Decide by whom, how and when this monitoring will take place and how and to whom it will be reported. See Process of Review.

  2. Your risk assessment must be reviewed when there is reason to believe it is no longer valid, an incident has occurred or there have been significant changes in work activities, equipment, processes, etc.

  3. If you produce a number of risk assessments, there should be a process in place to ensure these are appropriately recorded, stored, made available to relevant persons and subject to review on a regular basis.

Useful Q&As

Useful features

These are just some of the many feature articles on your product.

Last reviewed 17 November 2020