My Safety Consultant
Add a Listing
Add a Listing
  1. Home
  2. Health & Safety
Admin
Health & Safety

What is a Risk Assessment?

Understanding the Basics

A risk assessment is a systematic process used to identify potential hazards in the workplace, evaluate the likelihood of harm, and determine appropriate control measures to reduce or eliminate those risks. It’s a legal requirement for all UK employers under the Management of Health and Safety at Work Regulations 1999.

The importance here is that it’s the process that matters, not just the document. The act of assessing risk is what keeps people safe. Many employers confuse the physical document with the actual duty. In fact, there’s a legal requirement for all businesses, regardless of size, to carry out risk assessments. If you have five or more employees, you must also record your findings in writing, but that doesn’t mean smaller employers are exempt from doing one.

A common misconception is that having fewer than five employees means you don’t need to do a risk assessment. That’s incorrect. You still need to carry one out, you just don’t need to document it formally.

Why Risk Assessments Matter

Every workplace contains hazards. Whether you’re on a construction site, in a warehouse, an office, or managing a public venue, there are always risks. The purpose of a risk assessment is not to eliminate all risk (which is rarely practical), but to manage it responsibly identifying the key areas where harm could occur and acting to reduce it.

A proper risk assessment:

• Demonstrates your duty of care

• Helps prevent accidents and ill health

• Protects staff, contractors, visitors, and the public

• Helps you stay compliant with UK health and safety law

What is the Legal Requirement?

The Health and Safety at Work etc. Act 1974 outlines the overarching duty to ensure the health, safety and welfare of employees. The Management Regulations (1999) take this further by stating that:

• Employers must carry out a ‘suitable and sufficient’ risk assessment

• If you employ five or more people, you must record it in writing

• It must be reviewed regularly — especially after significant change

What Does a Risk Assessment Involve?

Risk assessments generally follow five key steps:

1. Identify hazards – anything that may cause harm (e.g. machinery, manual handling, slips)

2. Decide who might be harmed and how – think employees, visitors, contractors, the public

3. Evaluate the risks and decide on precautions – consider likelihood and severity, and introduce control measures

4. Record your findings and implement them – document what you’ve done, and act on it

5. Review and update as necessary – if something changes (new equipment, processes, layout, incidents), revisit it

You can download the HSE’s free risk assessment template here.

Risk assessments come in different forms depending on the setting. For instance, a fire risk assessment is not the same as a general workplace risk assessment but the fundamental five-step structure often applies across both.

One major challenge in this process is how subjective risk evaluation can be. What one assessor deems as ‘high risk’, another might rate as ‘low’. This lack of standardisation creates inconsistencies and potential gaps in protection. To help quantify and standardise risk, many organisations use a risk matrix, such as a 5×5 table ranking likelihood (1 to 5) against severity (1 to 5).

Likelihood vs. Severity

Likelihood is the chance that harm will occur

Severity is how serious the harm would be if it does occur

In many cases, the severity doesn’t change, but control measures are introduced to reduce the likelihood of the hazard occurring. This is where the hierarchy of control comes into play.

What is the Hierarchy of Control?

The hierarchy of control is a widely accepted method to determine the most effective way to control risks. It prioritises control methods from most to least effective:

1. Elimination – remove the hazard entirely

2. Substitution – replace the hazard with something safer

3. Engineering controls – isolate people from the hazard

4. Administrative controls – change the way people work (e.g. training, procedures)

5. Personal protective equipment (PPE) – last line of defence

Too often, businesses jump straight to PPE without addressing the more effective higher-level controls. The hierarchy helps ensure controls are not just reactive, but meaningful and preventative.

Risk vs. Hazard: What’s the Difference?

A hazard is anything with the potential to cause harm.

A risk is the likelihood that harm will actually occur and how severe it might be.

Example: A spillage on the floor is a hazard. The risk increases if the area is a busy walkway, poorly lit, or left untreated.

Do I Need a Consultant to Do My Risk Assessment?

For small, low-risk businesses, it’s possible to carry out your own risk assessments using the HSE templates. However, for more complex environments or higher-risk industries (e.g. construction, manufacturing, fire safety), using a qualified safety consultant is highly recommended and in many cases expected by insurers and regulators.

How Often Should a Risk Assessment Be Reviewed?

There is no fixed time period but a review should take place:

• After an incident or near miss

• If new equipment, processes, or layouts are introduced

• If there’s reason to believe the current assessment is no longer valid

Annual reviews are common practice, but not a legal requirement if nothing has changed.

Frequently Asked Questions

Q: Do I need to do a risk assessment if I only have a few staff?

A: Yes. The duty applies to all employers but if you have fewer than five employees, you’re not legally required to record it in writing.

Q: Is a risk assessment the same as a method statement?

A: No. A risk assessment identifies hazards and control measures. A method statement is a step-by-step guide to how a task will be carried out safely.

Q: Who should complete the risk assessment?

A: Ideally someone competent and with experience in the task or area being assessed. Larger businesses may have internal H&S teams, while others use consultants.

Need Help With Your Risk Assessment?

Whether you need a one-off assessment or regular support, our verified consultants are here to help.

📌 Post your request now and get matched with trusted health and safety experts.

Tags:hazard assessmentHealth and Safetyhierarchy of controlHSElegal requirementlikelihood and severityrisk assessmentrisk matrixsafety blogsafety compliancesafety consultantwhat is a risk assessmentWorkplace Safety
Admin

Add a Comment

Recent Posts

Admin0 Comments

What Are the Health and Safety Responsibilities of Employees?

Admin1 Comment

Find a Trusted Health and Safety Consultant in the UK – Our Featured Experts

Admin0 Comments

What is PAT Testing?

All Categories
Tags
cdm regulations competent person COSHH employee responsibilities facilities management compliance Fire Risk Assessment fire risk assessments Fire Safety hazard assessment Health and Safety Health and Safety at Work Act health and safety consultants hierarchy of control HSE HSE requirements insurance inspections LOLER legal compliance legal duties of employees legal requirement lifting operations safety likelihood and severity LOLER inspection frequency LOLER meaning LOLER regulations LOLER vs PUWER risk assessment risk matrix safe systems of work safety audits safety blog safety compliance safety consultant Safety Regulations safety training Section 2 Section 7 telehandler inspection thorough examination LOLER UK legislation UK lifting regulations UK safety experts UK safety law what is a risk assessment work at height regulations Workplace Safety

Subscribe Our Newsletter

Get our daily latest news and updates.
Subscribe +

Get Free Consultations

SPECIAL ADVISORS
Quis autem vel eum iure repreh ende
Get A Quote