5c7R89BujXNAfd3sfGhhLK5QTmQA2dPEP7J9Ja7ptsA 9fbb2aace798513b
Home Safety Five steps of a risk assessment

Five steps of a risk assessment

Five steps of a risk assessment
Five steps of a risk assessment
89 / 100

Five steps of a risk assessment follow to carry out a risk assessment in your workplace. Risk assessments should be performed by persons who are competent and experienced in the five steps of the risk management process. We developed this blog to provide you with basic knowledge of the risk assessment process within the five basic steps of the risk management system.

Remember in risk management, three types of methods are known for their qualification and evaluation: the qualitative, semi-qualitative and quantitative methods. We are going to describe here only the qualitative risk assessment method. This type of assessment manages general workplace hazards and is required under the direction of statutory health and safety administrations such as HSE.

A new risk assessment must be carried out when there are new machines, substances and procedures that may give rise to new hazards. They should be periodically reviewed and updated. The five steps of a risk assessment are a fundamental part of health and safety management in the company that helps the employer control risks in the workplace.

Five steps of the risk management process aimed at estimating the magnitude of the risks that could not have been avoided, providing the employer with the necessary information to decide on the need to adopt adequate measures to guarantee the safety and health protection of workers.

Five steps of a risk assessment
Five steps of a risk assessment

Risk assessment is essential within management, this is done before designating the action plan to be implemented for prevention. It is key to keep in mind that the evaluation must be validated and recorded, once this is done, it must be communicated to the entire organization.

To carry out the five steps of a risk assessment, the dangerous elements must be determined, then evaluating the existing risk based on objective evaluation criteria. So, a conclusion can be reached on deciding on control and reducing the risk.

At the end of the process, the risk assessment must be documented on the 5 steps risk assessment template, including the identification of the job, the existing risk and the list of affected workers, the result of the assessment and the appropriate preventive measures to make a suitable and sufficient assessment.

The five steps of a risk assessment process

Five steps of a risk assessment

Risk assessments should be performed by competent persons who are experienced in evaluating the severity, likelihood, and control measures of injury from hazards. To begin with, good planning will be essential to implementing a risk assessment effectively. Consider the following 5 steps as established by the Occupational Safety and Health Administration (OSHA):

Five steps of a risk assessment
Five steps of a risk assessment
  1. Identify the hazards
  2. Identify who might be harmed and how
  3. Evaluate the risk and decide on control measures
  4. Record the findings and implement them and
  5. Review and update if necessary


Step1: Identify the hazards

Five steps of a risk assessment

As its name indicates, at this stage the possible risks, both internal and external, that the company is facing must be identified. The following aspects must be taken into account:

  • What creates the risk? Whether tangible or intangible.
  • Causes and events.
  • SWOT (strengths, weaknesses, opportunities, and threats).
  • Internal and external context.
  • Changes that can be generated.
  • Indicators of each risk.
  • Company assets and resources.

Take a look at the workplace and consider what could reasonably be considered dangerous. Identify the most common hazard (hazard means “something potential to cause harm”) in the workplace that leads to disease or ill health such as work at height, vehicle movement, toxic or corrosive chemicals etc.
Health hazards can be divided into five categories:

  1. Physical: radiation, vibration, noise etc.
  2. Chemical: lead, mercury, acid, dust etc.
  3. Biological: Bacteria, viruses etc.
  4. Ergonomic: stooping, bending, twisting etc.
  5. Psychological: stress, trauma etc.
Hazard identification method

Five steps of a risk assessment

Consult manufacturers’ or suppliers’ instructions or safety data sheets for any obvious hazards. Review accident reports, risk assessments, medical records, inspections, audit and investigation reports, national and international legislation and previous accidents are the information source to find out hazards.
There are various methods to identify the hazards. Here we are going through the NEBOSH IG1 Book:

  1. Job safety analysis
  2. Legislation
  3. Manufacturer’s information and
  4. Incident data

Step 2: Identify who might be harmed and how

Five steps of a risk assessment

Identify the people at risk by the activities being done, which might be workers or operators, maintenance staff, cleaners, contractors, or visitors who could be injured. Ask workers if they can think of anyone else who might be hurt by the hazard.

Step 3: Evaluate the risk and decide on control measures

Five steps of a risk assessment

After identifying the hazards and who might be harmed, the next step in the assessment is to evaluate the risk. This evaluation can be done taking into account different degrees of detail and complexity, this depends on what you want to achieve with the evaluation. On the other hand, it is important to know the availability and reliability of information and resources.

Five steps of a risk assessment
Five steps of a risk assessment

For this analysis, qualitative, quantitative or both techniques are commonly applied, this already depends on each company directly. The purpose is to know whether the risk arising from the hazards is acceptable or needs to bring this risk to an acceptable level by deciding on control measures.

  • To carry out this evaluation, it is essential to take into account:
  • The probability that it could occur and the consequences that it would bring.
  • The origin and impact of the consequences.
  • Complexity and interconnectedness.
  • The effectiveness and efficiency of the established controls.
  • The level of sensitivity and trust.
Numerical risk rating

Five steps of a risk assessment

Risk is defined as:
Risk = Severity * Likelihood
Severity: How serious would the most serious injury be if exposed to the hazard? It is common to group the severity and consequence of injury into the following five categories:

(1) Insignificant (2) Minor (3) Moderate (4) Major (5) Catastrophic

Likelihood: How likely is one to be injured if exposed to the hazard? When evaluating probability, the question should be asked “If the hazard occurs, how likely is it that the worker will be injured?” It is common to group the probability of a hazard causing injury to the worker into the following five categories:






1 – Unlikely1 – First aid injury
2 – Rare2 – Medical treatment
3 – Possible3 – Lost time injury
4 – Likely4 – Severe injury
5 – Very likely

5 – Fatal incidents

Using this risk matrix system, a hazard created by a keeping grinding machine in busy access can cause a trip hazard might be calculated as 5 * 4 = 20 (very likely * serious injury). With the same grinding machine kept at the same access close to the wall, possible trip hazards might be rated 3 * 4 = 12 (possible * serious injury).

Five steps of a risk assessment
Five steps of a risk assessment

In both scenarios, the severity of the injury (4)is the same. Change of likelihood minimizes the risk rating. In this risk rating system if the score is: (see below image)


When evaluating the severity of a hazard, the first question should be asked: “If a worker is exposed to this hazard, how serious would the most likely serious injury be?” For this consideration, we assume that a hazard and injury are unavoidable and are only concerned with its severity.

Decide on control measures

Five steps of a risk assessment

Look for existing controls. Follow the hierarchy of controls prioritizing their implementation. The general hierarchy of risk control (based on ISO45001). Eliminating the hazards is the best option, if it is not possible use the substitution and engineering control. Administrative controls are using the work permit system, reducing exposure or exposure time, provision of instruction, information, instruction and training and use of safety signage. PPEs are the least preferred option.

After a hazard is identified and assigned a risk classification, effective controls must be put in place to protect workers. Working through a hierarchy of controls can be an effective method for choosing the appropriate control measure to reduce risk.

  1. Elimination: it is the most effective control. If it is possible to physically remove a hazard, it should be done.
  2. Substitution: it is the second most effective control. Proposes replacing the hazard with a safer alternative, e.g. eg automate a manual process identified as dangerous, purchase a newer model of equipment with better safety ratings, etc.
  3. Engineering controls – refers to physically isolating people from the hazard if possible
  4. Administrative controls: refers to changing the way people work. This may include procedural updates, additional training, or increasing the visibility of caution signs and warning labels.
  5. PPE – is the last line of defence if workers cannot be fully removed from a hazardous environment.

Step 4: Record the findings and implement them

Five steps of a risk assessment

Use a 5 steps risk assessment template to document your conclusions. Apply an action plan for implementing the conclusion. Write the name of the assessors who carry out the risk assessment. Five steps of a risk assessment

This step is essential because it contributes directly to decision-making. When we speak of assessment, we refer to the comparison made with the results obtained in the risk evaluation and the criteria established for each risk to identify and when need to implement the additional plan.

You may like

  1. Safety of work at height
  2. Health and safety training
  3. Welding safety precautions
  4. Incident investigation method
  5. Electrical safety hazard
  6. Sabic safety officer interview questions


Consider the personnel involved in the planning and implementation of the risk assessment. They can be managers, supervisors, workers or suppliers. Review and update if necessary – Follow up on your assessments to see if controls have been put in place or if new hazards have emerged or if further precautions are needed. Several situations can arise for review such as:

  • New processes, substances, equipment or steps are introduced in the workplace.
  • Changes are made to existing processes,
  • Equipment and tools; or new dangers arise.
  • After an accident or near-miss

Step 5: Review and update if necessary

Five steps of a risk assessment

Always monitoring the effectiveness of control measures and incident rates whether the precautions are elective or need more control measures. The Health and safety management system of the organization must keep a close eye to implement solutions for effectiveness.

So, a risk assessment should be reviewed by a competent person on regular basis to make sure the control measures are effective or further precautions are needed. The risk assessment must be reviewed after process change, technology change, legal change, work activity or work location change, the arrival of new equipment etc.
If there is no condition change then a risk assessment should be updated annually. (HSE)

Difference between Risk Assessment and Job Safety Analysis

Five steps of a risk assessment

Safety professionals are often confused about the difference between a Job Safety Analysis (JSA) or Job Hazard Analysis (JHA) and a risk assessment. The key difference between a risk assessment and a job safety analysis is the scope. Risk assessments assess safety hazards throughout the workplace and are often accompanied by a risk matrix to prioritize hazards and controls.

Whereas a JSA focuses on the specific risks of the job and is usually done for a single task, evaluating each step of the job. JSA also have five steps are:

  1. Choose a task
  2. Divide the task into small steps
  3. Identify the hazards of each step
  4. Decide control measures and
  5. Monitoring the effectiveness of control measures
Health and safety topics:

Five steps of a risk assessment

  1. Heat stress hazards and control measures
  2. Scaffold safety requirements
  3. Alcohol and drug tests at work
  4. Welfare facilities required a construction site
  5. 5 types of workplace hazards



Please enter your comment!
Please enter your name here