There are five steps in a compliant risk assessment:
- Identify the hazards;
- Decide who may be harmed and how;
- Assess the risks and control them;
- Record the findings; and
- Complete reviews of the risk assessment.
Regular competent reviews
Risk assessments need to be completed for every task an employee completes at work and should be reviewed at regular renewal periods or each time something in the process changes.
In the UK, companies with less than five employees are not legally required to record their findings. However, they must still assess all possible risks.
The risk assessment would typically be completed by the “competent person” – either a trained health and safety professional or someone working within the organisation deemed competent to assess and manage the risks involved in completing a specific task. This person could be a supervisor or someone qualified to complete the task at hand, and they must complete the five steps as below:
Step 1 – Identify the hazards
The competent person must look at the process – each product, tool and machine used, and the environment being worked in – then identify anything which may cause harm to people or property. They should also consider changeable factors, such as weather, training, supervision, lighting, temperature etc.
Step 2 – Decide who may be harmed and how
The competent person must analyse each of the identified hazards and decide who they may apply to, considering members of the workforce, people carrying out the task, bystanders, and even specific groups of people such as pregnant mothers. This should create a clear picture of who may be harmed and how.
Step 3 – Assess the risks and control them
Once the risks are known they must be scored by how likely to occur they are, and potentially how severe. A simple 5×5 risk matrix is used to assist with this process. For risks that pose a significant threat a control must be arranged, for example, if the risk is an icy path the control would be to use grit. Some risks may have such a small likelihood that the control is simply ensuring those affected are aware of the risks, allowing them to operate mindfully, whilst other risks require more formal controls to be arranged.
Step 4 – Recording findings
Once the competent person has completed steps 1-3, they should record their findings into a task-specific risk assessment and store this document for reference. The risk assessment should be seen by every member of staff who might be involved with any part of the task, and their understanding and acknowledgement of this document should be recorded and kept up to date.
Step 5 – Completing reviews
Every risk assessment should have a sensible review period. While many companies review risk assessments annually, some risk assessments or tasks are so specific that they require a new risk assessment to be produced each time the task is undertaken. The task will also need to be reviewed every time something changes, e.g. training, tools/equipment, PPE, process or the environment the task is carried out in.
Why are risk assessments so important?
Risk assessments ensure that someone has taken the time to assess a task for hazards, has checked for safer or better methods to carry out the task and has implemented controls to reduce any residual risk.
In short, risk assessments protect the health, safety and wellbeing of those at work – including any bystanders – by ensuring works are properly planned and conducted safely and efficiently.
Risk assessments are a legal requirement for all work-related tasks in the UK and failure to complete thorough risk assessments not only poses an increased risk of accidents and incidents, it also leaves companies open to large fines and prosecution. Companies with robust health and safety systems in place are statistically much less likely to have lost-time incidents that could significantly impact profit margins and company reputation.
CRAMS for RAMS
Completing risk assessments can be tedious and involve a lot of repetition – which is why CRAMS helps you build risk libraries. These libraries contain bespoke hazard details, along with the associated risks and their controls, enabling assessors to risk assess by simply using drop-down boxes and adding specific detail where it’s required.
Our CRAMS (Comprehensive Risk Assessed Method Statements) documents include the task-specific Method Statement, which combined with the risk assessment creates a thorough and compliant safe system of work. This CRAMS document is then circulated to all the staff who need to see it and their acknowledgement is tracked, with notifications issued when the document is next reviewed or edited.
Sounds good? Why not try CRAMS for yourself.