In a perfect world, no one would ever get hurt or killed at work. In the real world, unfortunately, hundreds of thousands of workplace accidents happen every year… But we’re making progress. The rates of job-related injuries and deaths have fallen significantly over the last several decades. And if you’re an employer or occupational health and safety professional, there’s plenty you can do to bring the number of avoidable incidents at your organization closer and closer to zero.
It starts with a risk assessment.
What Is a Risk Assessment?
A risk assessment is an examination and evaluation of hazards present in a workplace. It’s the process of cataloging and classifying the various machines, equipment, operational procedures, employee behaviors and habits, working conditions, and other potential factors that could cause people harm.
Most people do this naturally on some level. You might see an unguarded circular saw and think yikes, that looks dangerous, or spot a paint can teetering on the edge of a scaffolding plank and wince at the idea of it falling on someone’s head. A risk assessment is a formalized, documented version of the same thought process.
Like safety audits and inspections, risk assessments are fundamental practices in the field of environment, health, and safety. When you conduct a risk assessment, you not only uncover issues that threaten the health and safety of your workers, but also determine the severity and probability of those issues. It means asking “What’s the worst that could happen?” and “What are the chances it will happen?” so that you can do everything in your power to prevent it from happening.
A safety risk assessment can help you answer questions like…
- How dangerous is your workplace?
- What kinds of accidents should you be prepared for?
- What’s the most severe injury this machine can cause?
- Is this personal protective equipment sufficient for that task?
- Are your employees working as safely as they could be?
- Are you doing everything you can to protect your people?
This sort of information helps you make smarter decisions. The better you understand your risks, the better you can build your safety program, improve workforce training, use your EHS budget, and manage risks proactively—rather than waiting for incidents to occur.
Risk assessments aren’t just useful for controlling your internal safety results, but navigating your responsibilities with external stakeholders. Parties outside of your business, including your insurance provider, vendors, and contractors—along with regulators such as the Occupational Safety and Health Administration—expect you to regularly conduct risk assessments. According to OSHA:
“One of the ‘root causes’ of workplace injuries, illnesses, and incidents is the failure to identify or recognize hazards that are present, or that could have been anticipated. A critical element of any effective safety and health program is a proactive, ongoing process to identify and assess such hazards.”
If you fail to conduct risk assessments when necessary, you’re putting your employees in jeopardy and your business on the line, increasing your prospects of regulatory enforcement, penalties, higher workers’ compensation premiums, lawsuits, reputational damage, and more.
When Should You Conduct a Risk Assessment?
You should conduct risk assessments on a regular basis, such as once per year or once every few months.
Additionally, it’s important to assess workplace health and safety risks at any of the following moments:
- before starting a new activity or task in the workplace
- before changing work activities or tasks
- when introducing new equipment, machines, or processes
- before any new hires begin working
- whenever existing employees take on new responsibilities
- immediately after identifying or learning of a risk
- following an accident or near-miss
- when required to by OSHA or another regulatory authority
How Do You Conduct a Risk Assessment?
The format of a risk assessment and the steps entailed vary depending on the organization and context. Your business, workforce, and operations are unique—and so are your risks, as well as how best you can identify and manage those risks.
That said, most risk assessments involve a few of the same general steps. Here’s a basic outline for uncovering and addressing hazards in the workplace:
1. Plan it.
Before you begin, you’ll need to nail down the details. What’s the scope and size of your risk assessment? What kinds of risks will you be looking for: safety hazards, noncompliance issues, inefficiencies, all of the above? What will you be evaluating: the entire workplace, one department or location, a machine, a group of employees?
Consider your risk assessment team. Which members of your organization will participate in the assessment, and who will be in charge of documenting information, reporting findings to leadership, following up on risk mitigation, and other tasks? What supplies, equipment, and other resources will the team need? Should you bring in a safety consultant to lead or help coordinate the process?
2. Identify risks.
Once your risk assessment plan is in place, the next step is to find what you’re looking for. OSHA recommends the following:
- Collect existing information about workplace hazards.
- Inspect the workplace for safety hazards.
- Identify health hazards.
- Conduct incident investigations.
- Identify hazards associated with emergency and non-routine situations.
Be thorough in risk identification. Don’t rely exclusively on visual and auditory observations and conjecture. Useful sources of information about risks include equipment operating manuals, material safety data sheets, results of inspections and audits, details of previous incidents, federal and state workplace safety regulations, and other safety documents and collections of workforce data.
An experienced risk management expert (like the ones here at KPA) can manage the process, interview workers, and use advanced analytics tools to make sure no hazards are overlooked.
3. Evaluate the risks.
Here’s where the “assessment” part of risk assessment kicks into gear. Your job at this point is to make an actionable inventory of your findings—to untangle the most severe hazards and time-sensitive issues from the rest. Consider the following questions for each risk you’ve identified:
- What are the consequences? How serious is the risk? Could it result in death or permanent, life-altering injuries for your workers? What would the financial impact look like for your organization?
- How likely is it? What are the chances of the risk occurring and affecting your workforce? Is it related to a core aspect of your organization or something your workers deal with frequently—e.g. an everyday machine, tool, or process?
Risk assessment professionals often use these two questions to assign scores to various issues and hazards and place risks on a risk matrix, a table that measures the consequences of risks against the likelihood of risks. The most severe and most likely risks are the most dangerous. Risk matrices vary in terms of detail, but usually include at least 3 columns and 3 rows, typically color-coded to indicate severity, as in the example below:
After you’ve identified and evaluated the risks that threaten the safety and health of your workers and your organization’s bottom line, the next order of business is to manage the risks.
Admittedly, this is easier said than done. Whether you need to replace equipment, retrain workers, institute new policies, or take a different course of action, it isn’t always possible to put an end to the risks you face. But you can minimize them—and the safest, fastest, and most reliable way to do that is by using the hierarchy of controls.
The hierarchy of controls is an approach to safety that structures protective measures into 5 stages, in order of most to least effective:
- Elimination: physically remove the hazard.
- Substitution: replace the hazard.
- Engineering controls: isolate people from the hazard.
- Administrative controls: change the way people work.
- PPE: protect workers with equipment.
You don’t need to manage your workforce risks alone.
See how KPA can help you reduce the hassle of compliance, save time and money, and protect your business. Request a demo.