Risk analysis, evaluation, and communication
A safety risk assessment is only effective if you analyze the information correctly, then communicate with appropriate team members to implement the changes that you need to make. As you are designing your risk assessment program, you should always build in a plan for implementation. It comes down to three steps: analysis, evaluation, and communication.
Not only do you need to gather information through the assessment, but these details need to be analyzed to identify actionable safety steps. A good risk analysis works to eliminate, where possible, the highest severity and frequency of risks. These potential risks are the issues that could damage the business, its resources, people, and the environment.
Through the risk analysis process, prioritize the highest risks first. As solutions are implemented, then you can work your way down the remainder of the list to address lower risk concerns. This ranking and prioritizing offer a systematic approach to determine the risks that are most serious. Then you can implement risk controls strategically as you are designing the action list.
Keep in mind that there isn’t a one-size-fits-all solution for determining the level of risk and priorities for your business. Through the risk assessment process, you need to identify the technique that works best for your unique situation. This process can create best-practice guidelines to use on future risk assessments.
Risk Matrix Template
Risk analysis is where you can use a risk matrix to break down the categories of frequency and severity. This matrix creates a tool that highlights the visibility of risks, giving management information to use in decision making.
Most risk matrices are laid out in a 3×3, 4×4, or 5×5 grid, with the probability or likelihood listed on the side (x-axis) and the severity or consequences listed at the top (y-axis). You can view example layouts for a risk matrix and edit the free risk assessment matrix according to your needs.
For example, the likelihood ratings can include a range:
- Almost Certain
Then, the severity ratings might use this rating range:
When the information is viewed in the grid format, it can show the results using a green light system – green, yellow, orange, and red based on the level of risk. Severity ratings that fall into the high-risk categories include serious hazards, such as head injuries, fatalities, major fractures, poisoning, or significant loss of blood. The medium-risk category might encompass less-serious injuries, such as a localized burn, strain, sprain, asthma, or any other injuries that result in a need to take days off from work. Finally, the low-risk category can encompass anything that can be treated using basic first aid, such as minor pain, dizziness, or irritation.
A risk assessment tool can be used to simplify the application of a risk matrix. For example, consider using an online form or mobile app, such as Safesite. Another option is to hire a third-party risk assessment provider.
Risk evaluation is where safety professionals’ certifications and experience contribute to an accurate assessment and development of subsequent controls. These controls are always customized based on your specific work activities and levels of risk. Generally, your safety team will examine the following:
- Elimination or substitution of the risk causing materials, equipment, or job task where possible. Is it necessary for the job to continue in the same systems? Look at the processes to identify areas of opportunity where hazardous steps can be removed or changed to reduce risk. Another possibility is to substitute hazardous chemicals with low-risk, non-hazardous chemicals when possible.
- Design of engineering controls. When you can’t remove hazards from the workplace, then look for options to isolate the hazardous process, substance, or item. Minimizing the contact between the hazard and personnel reduces the likelihood of injury. For example, design equipment and machines using built-in controls that minimize dangerous personnel interactions. Examples include machine guards, guard rails, mechanical ventilation, safety barriers, and sound-absorbing panels.
- Implementation of administrative controls. Administration can implement procedures or systems that keep personnel working at optimal levels. Signage can be placed to warn individuals of potential hazards. Additionally, job rotation is another strategy that can reduce potential injury. Housekeeping, ergonomics, and hygiene all fall within the category of administrative controls.
- Personal Protective Equipment (PPE). When personnel come in contact with potentially dangerous substances, then PPE is essential. If the above steps aren’t feasible to eliminate potential hazards, then various types of PPE can be used to protect staff members: gloves, personal fall arrest systems, safety glasses, and hard hats help offer protection when the above is not enough or not feasible for the specific type of work. When you identify the controls for the tasks, you might still have remaining risk – known as residual risk. You need to evaluate this remaining risk to ensure that it is maintained at an acceptable level.
Also, keep in mind that the above risk controls should be prioritized in the order listed. In many situations, elimination or substitution is most often the most effective means of dealing with a risk — so those options should always be addressed first. On the other hand, PPE is typically the least effective, which is why it falls at the bottom of the list.
Risk assessment templates and risk inspections are commonly used when identifying risk and developing solutions for each item.
Now that you’ve identified potential risks, evaluated the risks, and selected controls, the next step is to communicate this information to your team. Even though communication might seem like a simple step, thought must be given regarding how these various controls will be implemented to manage ongoing risk.
Not only do you need to have good systems in place for communicating the risks, but employees need to know how to use these controls for safety in their work areas. When the risks are communicated and employees have the right tools to minimize risk, it reduces the chances of accidents and injury. Another important element of communication is proper training for employees in order to manage liability.
Ultimately, senior management carries the responsibility of communicating this information and implementing the identified controls. Usually, they will delegate these tasks and responsibilities to the applicable frontline management and middle management – who carries the ongoing responsibilities of ensuring that the plan is in place and implemented correctly.
This risk communication should share detailed information about the plan of attack, as well as a specific timeline of execution. Risk management should be a high priority in every workplace, which is why you shouldn’t leave the managers to decide if or when they will implement the changes.
Getting Your Risk Plan Off the Ground
Just because the risk assessment is complete doesn’t mean that your company is successful in controlling the risk. Your company needs to address several important points as you are getting this program off the ground:
- Design a plan: Failure to plan means that risks on the job will continue to pose a threat to your company, people, and property. This plan needs to be detailed and easy to implement, with clear communication flowing down to those responsible for implementation.
- Allocate needed resources: What resources are required to ensure the risk controls are in place? Resources might include time, money, tools, or supplies that provide safety to everyone involved.
- Accountability for implementation: Finally, how will you hold managers and employees accountable for following the designated plan? Good intentions won’t keep the program going. You need to be clear in your expectations and communicate the follow-up accountability check-ins to evaluate the team’s progress.
- Monitoring and adjustments: Ongoing monitoring is needed to determine whether you successfully eliminated the hazard. If the risk can’t be removed, then this monitoring ensures that the risk is controlled appropriately. Implement a consistent schedule for follow-ups so that nothing is overlooked in the future.
Employee education and training play a critical role in the success of a risk management program. This training should be an integral part when onboarding new employees. Additionally, regular training for current staff ensures that the information is fresh and up-to-date for everyone involved.
Documentation for Risk Assessment and Management
One important aspect of risk communication is having documentation for the guidelines and controls. Managers and employees need to know where they can look for additional information. Documentation varies depending on the unique needs of your business but might include the processes and assessments used to identify the risk, evaluations and assessments, and conclusions determined through the risk assessment.
Then, it is helpful to have a system for ongoing documentation. For example, accountability and monitoring plans should be recorded. The level of documentation needed depends on the risk involved, management system requirements, or legislated requirements.
These records should document applicable information, such as the completion of the risk assessment, identified hazards, implemented control measures, and monitoring systems for those hazards.
Risk Management is a Core Value of the Company
Changing operational and production priorities can often result in risk management falling to the backburner. When your team focuses on productivity and immediate deadlines, it is common for people to relax safety practices. It is important to place risk management as a core value of the company, ensuring that it maintains a high priority as things change in the work environment.
Identifying risk management as a core value of the company helps frontline management and supervisors see that these tasks must be included in regular work duties. Too often, management thinks that they don’t have extra time to implement certain aspects of the risk management plan. When the risks come to pass in the future, the team finds that they need to deal with the immediate issues while also managing ongoing operations. The result is that fewer resources are available to deal with the risk event, which cascades into the productivity of daily tasks.
Thinking ahead is the first step to being proactive with risk management. A little bit of effort right now will go a long way to ensuring ongoing safety in the workplace.
Back to Table of Contents