What Is Risk Assessment?
Risk assessment is a function within occupational safety and health (OSH) risk management that focuses on identifying potential hazards. The goal is to identify hazards, then analyze and evaluate the risks they create.
What Is Risk Management?
Risk management in OSH is a formal process for identifying hazards, evaluating and analyzing risks associated with those hazards, then taking action to eliminate the hazards or control the risks that can’t be eliminated to minimize injury and illness potential. Risk management is a critical step in any organization’s efforts to proactively mitigate risk before an injury or catastrophe occurs.
Why Is Risk Important in Safety?
Risk is the main cause of uncertainty in any organization. As a safety professional, you can help your organization identify and manage risks before an incident happens.
While your organization must comply with regulations and reduce its injury rate, those metrics force a rear-view mirror perspective. Applying risk management principles can help you proactively reduce risk, advance safety and drive a return on investment from safety programs.
Core Risk-Related Competencies
Many core competencies of risk are defined and described in standards such as ANSI/ASSP Z10 and ANSI/ASSP/ISO 45001, which address OSH safety management systems. Additional details are outlined in ANSI/ASSP ISO 31000, Risk Management, and ANSI/ASSP Z590.3, Prevention Through Design.
To effectively manage risk as an OSH professional, you should have a keen understanding of the following processes:
Principles of Risk Management
The goal of risk management is to create and protect value through the following steps:
- Integrate risk assessment into all areas of your organization.
- Structure risk management to generate consistent results.
- Customize the risk management program to specific internal and external objectives.
- Include knowledge, views and perceptions from all stakeholder levels.
- Anticipate and respond to changes and risks in a timely manner.
- Identify data, historical and current, and define expectations to aid decision-making.
- Acknowledge the influence of human performance and culture on risk management.
- Continually improve risk management by evaluating previous successes and determining next steps.
Data gathering is the foundation for risk management and allows safety professionals and others to develop an understanding of what hazards and risks exist within a facility and how they affect worker safety.
During this phase, teams:
- Conduct data and work analyses of recordkeeping documents, examining the work being performed, how it is being done, and the hazards and risks associated with it.
- Conduct a proactive risk analysis of the probability of hazards harming a worker, and how severe that harm could be. This will help decision-makers analyze and prioritize the issues identified.
Setting the Scope of a Risk Assessment Plan
Setting the scope includes determining the purpose, context and limitations for the risk assessment plan and mitigation of risks.
During this phase, teams:
- Establish a clear understanding of organizational objectives to determine risk criteria, risk scoring, stakeholder roles and responsibilities.
- Use risk assessment tools such as a risk assessment matrix, failure mode and effect analysis, and risk heat map.
Conducting a Risk Assessment
Conducting a risk assessment includes understanding the basics of common risk assessment techniques, including reducing operational risks, improving safety performance and achieving objectives.
Safety professionals conducting a risk assessment must first understand how to:
- Identify risks
- Conduct a quantitative risk analysis
- Conduct a qualitative risk analysis
- Conduct a risk evaluation
- Communicate risks
- Evaluate/analyze risk assessments
- Establish acceptable risk
- Prioritize risks
- Establish risk control metrics and dashboards
Treating Your Organizational Risks
Risk treatment is an iterative process in which safety professionals and other stakeholders formulate options to reduce risks, assess the effectiveness of possible controls and plan for implementation.
During this phase, teams:
- Determine the best treatment plan against organizational objectives, costs, the effort involved and available resources.
- Develop a solid understanding of the hierarchy of controls decision-making process to reduce risks to acceptable levels.
- Establish processes for monitoring the effectiveness of risk control measures.
- Establish requirements and process for selecting and managing contractors to mitigate risk.
By protecting workers and helping to achieve business objectives as an OSH professional, you can position yourself as a high-profile leader who makes a real difference.
Go Beyond Compliance
Stay at the forefront of continuously evolving risk assessment tools and methods with voluntary OSH consensus standards. Safety standards go beyond regulations and reflect recognized best practices in the United States and internationally.
The ISO 31000 standards establish a common language for risk management, outline principles and guidelines, and explain risk management techniques. They apply to a wide range of risk management activities, including strategies, decisions, operations, processes, functions, projects, products services and assets.
Gain insight on ways to direct decision-making to help your organization manage risk. Learn more
Learn how to select and apply the technique that best helps your organization best understand and address workplace risk. Learn more
Get the latest guidance on how to select and apply techniques that help your organization assess and manage risk. Learn more
Learn More About Risk Management Standards
Risk Education and Training
Our instructors are experts who have real-world experience. We carefully review and confirm their credentials and teaching abilities to bring you the most up-to-date education available. Select from a variety of formats and topics for practical, accessible and immersive education on risk.