QMI image

Forthcoming Courses

ISO 9001:2000 QMS Auditor/Lead Auditor Training (IRCA) Course No. 2245
8 December 2008 - (5 days) - Aberdeen
ISO 9001:2000 Awareness Foundation Training (IRCA)
14 January 2009 - (1 Day) - Aberdeen
Internal QMS Auditor (IRCA)
15 January 2009 - (2 Days) - Aberdeen
ISO 9001:2000 Awareness Foundation Training (IRCA)
19 January 2009 - (1 Day) - Edinburgh
Internal QMS Auditor (IRCA)
20 January 2009 - (2 Days) - Edinburgh

Full Course Schedule

Managing Risk - QMI Scotland Limited

 

Managing Risk is a process that ensures that whatever we do, whether it be in a work, social, domestic or leisure environment, is done in as safe a way as possible. Risk Assessment is a part of the process that allows us to identify the hazards that threaten our immediate environment and to control them in some way. A hazard is the potential that something has to cause harm.

 How do we get from hazard to risk? Risk is a measure of the likelihood that the hazard will cause harm. By quantifying the risk in some way we can then decide whether or not to continue. If we cannot continue we should then try to introduce some control measures, to reduce the risk to a level that makes further progress possible. In extreme situations, if we cannot introduce adequate controls, our decision might be not to proceed.

 The need to identify and mange risk come from Regulation 3(1) of the Management of Health and Safety at Work Regulations 1999 (MHSWR) which requires that " Every employer shall make a suitable and sufficient assessment of :

  1. the risks to the health and safety of his employees to which they are exposed whilst they are at work; and
  2. the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking"

It should be noted that the above applies regardless of the size of the organisation or its business.

A requirement to manage risk also is contained in BS OHSAS 18001:2007 Occupational health & safety management systems - Requirements. This new standard now completes a trilogy, the other two being EN ISO 9001:2000 Quality management systems ? Requirements and EN ISO 14001: 2004 Environmental management systems ? Requirements. Some organisations are using all three to develop an Integrated Management system (IMS) and having it approved by an independent Third Party. 

Does every risk assessment have to be in writing? The answer is no, some risk assessments can be done in our head. If you have five employees or more, the law requires that only "significant findings be documented. However, not just anyone can conduct risk assessments. They should be conducted by someone who is familiar with the task or activity and who also knows how to conduct risk assessments. In other words, they must be competent.

Is risk assessment a once and for all event? No it is not. Regulation 3(3) requires that we review our risk assessment if we have reason to believe that it is no longer valid, or that there has been a "significant" change in the matters to which it relates. It is also considered good practice to review a risk assessment at least annually.

In summary, the management of risk consists of the following basic steps: identify hazards; quantify the risks; identify and implement suitable controls; regularly review and update if necessary.

Employers have a responsibility (duty of care) under law to provide a safe working environment for all who come within the scope of their business by conducting suitable and sufficient risk assessments. Failure to do so could result in prosecution, hefty fines and possibly even prison.

The management of risk is therefore an important part of any management system and is not something that we can avoid or pass on to others.

Also see our News section for further news items.

Accreditations
Copyright © 1998-2008 QMI Scotland Limited. All Rights Reserved.
Accessibility | About this Site | Site Map. Web Site Last Updated 21 November 2008.