Risk assessment
Risk assessment: Where people miss the mark
For the last 40 years, the approach to health and safety has been based on the concept of assessing risks. For very good reasons, the methodology is not prescriptive, but this has meant that quite often there are gaps in what people do.
The biggest mistake I often see is that people don’t understand the real reason for carrying out risk assessments. In my opinion, the prime purpose is to identify gaps in control measures and the outcome of such identification is the compilation of an action plan to address these gaps. The item that is quite often missing is this action plan.
People will also often record a control measure that nominally addresses the risk, but then fail to realise that such a control measure may need other actions to keep it working.
For example, guards interlocked to the control system may be provided so that the machine is forced into a safer mode when the guard is open. It may be prevented from running, be only able to be jogged or whatever.
However, if there is no inbuilt crosschecking of the interlock, unless it is periodically checked, you have no assurance that it will force the safe mode when required, and therefore the risk creeps upwards. Your action plan needs the scheduled check of interlocks.
Then there are other actions which may be necessary because a high-level action is not practical. For example, it is impossible to guard a forklift truck, but you can have systems of work that exclude people from the area in which they operate, restrict the driving to trained drivers, etc.
Therefore, I’d expect the risk assessment to include:
- Risks and the controls already in place;
- Any actions to keep these controls in place;
- Actions required to establish new controls; and
- Actions to minimise a residual risk.
Rather than leaving these in individual risk assessments, I always transpose these into an action plan, so you can have a single document to which you refer.
Which brings me onto the scoring of risks. There are many ways you can score risks, but whichever method you use you need to transfer the scoring to the action plan so that the actions are arranged in descending order of risk.
Don’t confuse being busy with being effective; you need to tackle the big issues first rather than those which are easy to do. Again, this is something I quite often see missing.
The penultimate activity I see missing is that of verifying that any control measure that you’ve put in place actually works and does not introduce other risks. For example, near where I live a chicane has been introduced to reduce speeds, but the chicane has been positioned on the approach to a roundabout.
So, vehicles are forced onto the right hand side of the road so that they meet traffic exiting the roundabout. So the likelihood of a crash has increased, but it would be at a slower speed. In my opinion, the new control measure has still increased the risk.
Most people are aware of the continuous improvement Plan-Do-Check-Act cycle. This verification is the ‘check’ part of the cycle following the ‘plan’ and ‘do’ parts of risk assessment and the introduction of control measures. And if it doesn’t work, then that’s where the ‘act’ part comes in.
Finally, you need to update risk assessments with your new control measures and their impact. Risk assessment isn’t something that is done once and then forgotten, it is part of your on-going safety management programme.
Risk assessment: Where people miss the mark
For the last 40 years, the approach to health and safety has been based on the concept of assessing risks.
Safety & Health Practitioner
SHP - Health and Safety News, Legislation, PPE, CPD and Resources Related Topics
It’s time to rethink mental health
Personal safety devices made mandatory as part of council’s PPE
Risks of not completing a Legionella risk assessment on time
Interesting enough perspective on risk assessment but does not address or cover human error which is in the title of blog?
Point taken. We’ve altered the headline.
Simply stating stsndard risk assessment practice
Very nice article, I have learnt new things that I did not know regarding risk assessment action plans and monitoring
Thanks Phil, an interesting article, highlighting some of the things that I have also found “missing” in the risk assessment process of various organisations!
A good article that I would have liked to have seen go further. The issues missing from most risk assessments is the knowledge of the principles of prevention and an understanding of Reg 4. Assessors add controls to the risk assessment and then believes the controls actually lower the ‘Consequence Level’, not taking into account machanical or human failings. Therefore, you touch a 415V cable, it is death, add controls, and it lowers the consequence level, so all you need is a plaster on your finger. Clearly, this is only possible if the hazard is eliminated or subsituted for something… Read more »
In the article Philip mentions scoring of risk however scoring is left out of the HSE examples. I would be interested to see copies of templates used as the above article suggests a different approach to HSE.
An excellent & professionally rewarding article
Fortunately I work in an office (low risk environment). hence we push to make risk assessment as simple as possible, otherwise they would be filed with every other piece of paper and duly forgotten
So its back to the standard “5 Steps” for me.