This often used phrase appears in many areas of our daily life and it is generally used to indicate that there is a threat of sorts to something that we are about to do. We use and hear it in our home, social, pleasure and business lives. We then have to decide whether or not to proceed and, if the answer is no, our conclusion has been that it is not safe or practicable to do so.
Described above is the most basic of risk assessments. Risk Assessment is a process that allows us to identify the hazards that threaten our immediate environment and to control them in some way. A hazard is the potential that something has to cause harm. They are present through the extreme situations of fire and flood and through the presence of electricity. They are also present when we operate machinery, drive a car, cross the road and even when we play sports. Hazards also threaten our business lives when we start up a new business or when we want to invest money in a new technology.
How do we get from hazard to risk? Risk is a measure of the likelihood that the hazard will cause harm. By quantifying the risk in some way we can then decide whether or not to continue. If we cannot continue we should then try to introduce some control measures, to reduce the risk to a level that makes further progress possible.
For the remainder of this article let us concentrate on Workplace Risk Assessments. Regulation 3(1) of the Management of Health and Safety at Work Regulations 1999 (MHSWR) requires that,
Every employer shall make a suitable and sufficient assessment of:
-
the risks to the health and safety of his employees to which they are exposed whilst they are at work; and
-
the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking
It should be noted that the above applies regardless of the size of the organisation or its business.
Do we have to risk assess everything we do? The answer to this question is no we don't, insignificant risks can generally be ignored. The Approved Code of Practice and Guidance (ACOP) to the MHSWR states that the level of detail in the risk assessment should be proportionate to the risk.
Does every risk assessment have to be in writing? Again the answer is no, some risk assessments can be done in our head. If you have five employees or more, the law requires that only "significant" findings be documented. Not any one can conduct risk assessments. They should be conducted by someone who is familiar with the task or activity and who also knows how to conduct risk assessments. In other words, they must be competent.
Is risk assessment a once and for all event? No it is not. Regulation 3(3) requires that we review our risk assessment if we have reason to believe that it is no longer valid, or that there has been a "significant" change in the matters to which it relates. It is also considered good practice to review a risk assessment at least annually.
In summary, employers have a responsibility (duty of care) under law to provide a safe working environment for all who come within the scope of their business by conducting suitable and sufficient risk assessments. Failure to do so could result in prosecution, hefty fines and possibly even prison.
It's not worth the Risk.
Jack Dunn MSc, FIQA
Director, QMI Scotland Ltd.
Also see our News section for further news items.
