Risk assessments at work

What is a risk assessment?

A risk assessment is a careful examination of what could cause harm to people in your workplace. It helps you weigh up whether you’ve taken enough precautions or should do more to prevent that harm. The main goal isn't to create huge amounts of paperwork, but rather to identify sensible measures to control the risks in your workplace.

It’s about distinguishing between a hazard (something with the potential to cause harm) and a risk (the likelihood of that harm actually happening). For example, a trailing electrical cable is a hazard. The risk is that someone might trip over it and injure themselves.

What laws require employers to carry out risk assessments?

The duty for employers to ensure the health and safety of their staff is set out in the Health and Safety at Work etc. Act 1974. 

More specifically, the Management of Health and Safety at Work Regulations 1999 place a duty on employers to make a suitable and sufficient assessment of the risks to the health and safety of their employees while they're at work. This includes risks to non-staff (eg visitors or the public) who may be affected by the business's activities.

For more general information on workplace health and safety, read Health and safety.

Who is responsible for carrying out a risk assessment?

The ultimate responsibility for carrying out a risk assessment rests with the employer. It's a fundamental part of your legal duty to manage health and safety in your business.

While the responsibility is yours, the task can be delegated to a competent person. A competent person is someone with the necessary skills, experience, and knowledge to manage health and safety effectively. This could be you, an employee, or an external health and safety consultant.

How do I carry out a risk assessment?

To ensure the safety of your staff, you need to carry out workplace risk assessments regularly. The Health and Safety Executive (HSE) recommends a five-step approach to carrying out a risk assessment:

1. Identify the hazards

Walk around your workplace and think about what could reasonably be expected to cause harm. You should also check accident and ill-health records and speak to your employees – they may be aware of hazards you haven't considered.

2. Decide who might be harmed and how

For each hazard, you need to be clear about who might be harmed. This will help you identify the best way to manage the risk. Think about employees, visitors, contractors, and members of the public. Pay special attention to groups who may be particularly vulnerable, such as:

• young workers

• new and expectant mothers

• workers with disabilities

• lone workers

3. Evaluate the risks and decide on precautions

Once you've identified the hazards and who is at risk, you must decide what to do about them. You are not expected to eliminate all risks, but you must do everything 'reasonably practicable' to protect people from harm. Consider what you're already doing and whether you could do more.

To help you evaluate risks consistently, many employers use a risk assessment matrix. This is a simple tool used to score the level of risk by considering two factors:

1. the likelihood of harm occurring (eg very unlikely, possible, or certain)

2. the severity of the potential harm (eg minor injury, serious injury, or death)

By plotting these on a grid, you can prioritise which hazards require the most urgent attention. For example, a hazard that is very likely to occur and would cause severe harm is a high-priority risk.

4. Record your findings and implement them

If your business has five or more employees, you must keep a written record of your risk assessment's significant findings. This document must clearly show:

• the significant hazards you've identified

• who might be harmed and how

• the control measures you have put in place to manage the risks

Even if you have fewer than five employees, keeping a written record is still highly recommended. It helps you to organise your procedures, clearly communicate safety rules, and review them easily when things change. After recording your findings, you must implement the control measures and inform your staff.

5. Review your assessment and update if necessary

Few workplaces stay the same. You should review your risk assessment regularly to ensure the precautions are still working and relevant. It’s crucial to carry out a new assessment if any significant changes, such as new equipment, substances, or procedures, are introduced.

Major events often require a more formal and comprehensive assessment. For situations such as starting a new business with a physical workplace, opening a new site, or having staff return after a closure for renovations or collective illness, you can use our detailed Workplace risk assessment.

What are the main types of workplace hazards?

Hazards can be organised into several categories. Understanding these can help you spot them during your assessment. Common examples of hazards and mitigating measures include:

• physical hazards - these are the most common and include slips, trips, falls, and injuries from manual handling. Mitigating measures include providing training, using mechanical aids like trolleys, maintaining floors, using warning signs, and ensuring temperatures don’t fall below the legal minimum by providing adequate heating or ventilation and allowing regular breaks in temperature-controlled areas

• ergonomic hazards - these relate to workstation design and can cause musculoskeletal issues like backache. Mitigating measures include providing adjustable furniture and regular breaks, and offering display screen equipment (DSE) training

• chemical hazards - exposure to hazardous substances like cleaning fluids or fumes. Mitigating measures include providing appropriate personal protective equipment (PPE), ensuring safe handling procedures, and maintaining good ventilation

• psychological hazards - factors that can affect an employee's mental health, such as excessive workload, bullying, or violence. Mitigating measures include promoting a supportive work environment, providing access to employee assistance programs (EAPs) or counselling services, implementing flexible work, and encouraging open communication between management and employees

• biological hazards - exposure to bacteria, viruses, or other microorganisms. Mitigating measures include ensuring the premises are regularly deep-cleaned and providing appropriate PPE where necessary

Are there additional protections for pregnant employees?

Yes, employers have a specific legal duty to protect the health and safety of new and expectant mothers.

Once an employee informs you in writing that they're pregnant, have given birth in the last six months, or are breastfeeding, you must carry out a specific risk assessment for them. If the assessment reveals risks, you must take steps to remove them. This could involve:

• temporarily adjusting their working conditions or hours

•  offering them suitable alternative work on the same terms and conditions

• suspending them from work on paid leave, if no other option is available

The risks you need to consider will depend on the type of work, but could include heavy lifting, standing or sitting for long periods, exposure to chemicals, and long working hours.

For more information, read the HSE guidance on risk assessments for pregnant employees. 

If you need to create or formalise your business's overall approach to health and safety, you can make a Health and safety policy and include your key policies in an Employee handbook.

For specific major events, such as starting a new business, opening new premises, or returning to the workplace after a closure for renovations or collective illness, you can use our detailed Workplace risk assessment. 

Do not hesitate to Ask a lawyer if you have any questions or need advice on your specific situation.