Author Bio ▼

Safety and Health Practitioner (SHP) is first for independent health and safety news.

April 24, 2014

Get the SHP newsletter

Daily health and safety news, job alerts and resources

Five common risk assessment mistakes (and how to avoid them)

Phil Chambers CMIOSH, Strategic Safety Systems

As risk assessment has been the central concept of our approach to health and safety for several decades, it makes sense to make sure that they are done right. Considering that risk assessment has been around for so long, it is alarming how even large operations and specialist consultancies can make mistakes about the constructive approach to it. Here are some of the more common mistakes that I have come across regularly, with some steps to take to avoid them.

Mistake 1: Done only for legal reasons

Of course, for all but the smallest of operations, there is a legal requirement. But the prime reason for carrying out risk assessments is that they are a key tool in how you manage safety; without assessments, you cannot adequately manage the risks.

Mistake 2: Done from the desktop

I’ve seen advertisements for software that say risk assessments can be done from the desktop.  No, you have to view the operations and discuss what actually happens (not just what should happen) with the people involved.  Be warned: some things that turn up will alarm you.

Mistake 3: Covering only control measures in place

Of course, you need to know these, but far more important is what controls should be in place, but aren’t.

What you should get out of your risk assessments should include:

·       What actions do we need to take to get in control?

·       What actions do we need to take to stay in control?

The first one is obvious, but people often miss the second.  For example, if a hazard is avoided by having guards interlocked to the control system so that the equipment is prevented for running when a guard is open, then you need to periodically check that these interlocks still work.  This is even more important when you have trips or alarms which only come into effect when a fault occurs, for example when there is excessive temperature or an item (like a finger) is drawn into an in-running nip.

Mistake 4: No management plan

What tends to happen is that you just have individual risk assessments, with no view of the big picture.  What you really need as an output of your risk assessments is a list of actions, in descending order of risk so that you can tackle the big issues first.  The software I use has this as an integral output, but you can always cut and paste actions manually.  So, your management plan should be to address the highest scores first and work on moving the risks towards the green and white end of the spectrum shown below.

Mistake 5: No ranking

Because you need an overview of all your risks, you need to rank them so that the serious risks are at the top of your list.  I use a non-linear scoring system because it emphasises the more serious outcomes and I’m also a fan of colour-coding. Both of these are shown in the chart below:


Things to remember when carrying out a risk assessment:

There is no set way to carry out a risk assessment.  Whichever method you use, include the following:

  • Identify the operations and who might be at risk, how often and for how long.
  • Include all who might be “within range” of the hazard
  • For each aspect of the operation (eg physical contact, noise, chemicals, etc.,) identify the control measures in place and the risk score that remains with the controls in place.
  • Identify any steps required to verify that the control measures continue to work.
  • Where the risk is high, identify actions that can be taken to reduce the risk.
  • Where a risk cannot be eliminated, identify how the risk can be reduced to a reasonably practical level. For example, with forklift trucks, you cannot eliminate the risk but you can reduce it by vehicle-pedestrian segregation, using only trained and competent drivers, etc.
  • Transpose actions into a prioritised list and update the risk scores as you implement the actions.
  • Periodically (every year or so) review assessments to verify that nothing has changed.

If you follow these steps and avoid those common mistakes, it will lead to an improvement in the assurance of safety at your site.



Free Download: Skin care best practice eBook

According to HSE, skin disorders affect 40% of workers at some point in their career. Occupational skin disorders (OSDs) are amongst the most significant health and safety issues facing industry leaders across the world. This whitepaper from Deb puts occupational skin disorders in the spotlight to offer guidance on how employers can take control through a preventative skin care programme.

Discover how you can take control here.

Skin care best practice

Related Topics

Leave a Reply

newest oldest most voted
Notify of
Steve Skarratt

I would agree with the comments but regarding the scoring system – isn’t anything that produces an answer of zero redundant?

How can it be a significant finding?

Just shaking the tree…

freddie gower

I have trawled through a mulitude of risk assessment formats and the more complicated the less effective. I like the colour coding and rating system, however this system was disliked by the HSE (strange). The risk assessment will always have a residual of risk remaining and I agree the assessment must be carried out “on the job” otherwise potentially serious hazards will be missed.

Mark Farrell

Personally, never been a fan of Risk Assessments, Phil is right that many companies use them to validate existing controls, rather than evaluating the whole picture.

I know of a large company that continues to have accidents and very rarely identifies faults with the risk assessment or risk reduction strategy.

I also think a robust tool that continually evaluates incidents, ill health and other information such as hazards , behaviours and management attitude serves a better purpose.

john divall

The colour coding is to my mind an invaluable tool to simplify a risk assesment strategy. A risk assesment should be simplistic for the benefit of all users. Again all governing bodies should recognise the same structure for all risk assesments so as not to complicate this vital tool in business and Industry

Martin Welburn
I agree with the comments. Regarding the scoring system and anything that produces an answer of zero being redundant – you would normally assess processes with significant risks but you need to identify what are or are not significant risks. Using a scoring/rating system allows you to identify what is or is not significant. In a previous role I used to conduct surveys of processes in order to identify significant risks and rate the risks. After this I would conduct the risk assessments. Using one system that allows you to rate the whole process saves time. I now use a… Read more »

You mention a software package! I woudl like to understand more of the package as a tool that can be used on a daily basis by our teams? The package also has to be educational not just input and output based?

Richard Stokes
You left out one other very common mistake – communication. I audit lots of companies every year and even where good risk assessments have been produced the control measures identified remain on the risk assessments and these are then used to communicate to the affected individuals. 99% of the affected individuals do not need to see the list of hazards and risk ranking – all they need to see is the control measures that they should be implementing. If the control measures have already been implemented i.e. guarding to machinery then this does not need to be communicated. They only… Read more »
Christine Ilesley
I’m in favour of colour coding but I really hate risk ranking matrices – people argue endlessly about the rating without actually putting in place controls and there is an awful lot of pseudo science assumed. Basically it’s opinion – hopefully based on experience, knowledge and competence but often its guess work. Also there is the temptation to seriously under or over estimate potential harmful consequences. If I see another risk assessment for an office that states the severity of harm for picking up a file from the floor is death I’ll spit and as for slips trips and falls… Read more »
Mark Simmonite

Very well said Christine. I wish that so called Health and Safety Consultants would recognise the difference between significant and trivial risk.