Are you assessing at the right level?
Are you assessing at the right level?
Construction Regulation 5(1)(a) requires that “a baseline risk assessment is to be performed for an intended construction work project”. Unfortunately, not many health and safety practitioners are aware that there are different levels of risk assessment. Leighton Bennett, SHE and risk management consultant at Benrisk Occupational Safety, Health, Environment and Risk Management Consultants, explains.
The term “baseline risk assessment” is not defined in the Occupational Health and Safety (OHS) legislation so it is generally not understood or performed at the right level.
A baseline risk assessment is a high-level, comprehensive risk assessment performed to identify, analyse, and evaluate the current status of a wide range of risks impacting the enterprise, project, or process being assessed. It establishes a prioritised risk profile and, on evaluation, permits the implementation of suitable risk management measures to mitigate the assessed risks to an acceptable risk appetite level.
A baseline risk assessment is performed to establish the risks related to the high or strategic levels of a business, project, or operation. In this way the assessment identifies, establishes and benchmarks the types and sizes of potential risks, which have (or could have) a significant impact on the whole business, project, or operation. The baseline risk assessment can be approached on a site, regional, national, or enterprise-wide basis concerning any facet of the business operations, processes, or activities.
One level down, the issue-based/job-task steps risk assessment focuses on the hazard and exposure risks attached to each step of a job-task or process. This assessment is often called a hazard identification and risk analysis (HIRA).
The third risk assessment level is the continuous risk assessment, which is the ongoing duty of management and/or supervisors to perform and monitor work activities. The aim is for those in charge to ensure that procedures in the workplace are correctly and safely performed by all.
The baseline risk assessment process should be performed considering both the internal and/or external context risks impacting the business or project. For any business or project to effectively operate, seven critical resources are required and have to be acquired and used. Each of these seven resources are, however, also “at risk”. The acronym PEPMELF (people; equipment; process/procedure/practices/policies; materials; environment; legal and liability; and financial) highlights these resources and can be used to identify the possible risks.
People: risks for employees, clients, contractors, suppliers, agents, visitors, public, and authorities.
Equipment: plant, machinery, equipment, personal protective equipment, racking, tools, PCs, and furniture risks.
Process/procedure etc.: risks relating to design, demolition, excavation, construction, height work, stacking, commissioning, safe-work procedures, hazardous substances procedures, manual handling procedures, incident investigation procedures, employment and placement practices, smoking, and Covid-19 policy.
Materials: rock, soils, design drawings, utilities, steel, concrete, consumables, articles and products, stationery, software, chemicals, hazardous substances, and waste risks.
Environment: site, location, layout, workplaces, macro/micro-environment, weather, and fauna and flora risks.
Legal and liability: compliance (acts/standards), contracts, OHS, and reputation risks.
Financial: risks for funding, income, expenditure, cash flow, cost controls, incident losses, and risk financing.
Hazards and exposure risks related to these categories are recorded in a risk assessment spreadsheet, followed by analysing and recording each respective risk rating score. The outcome of this assessment analysis facilitates the establishment of a rank-prioritised risk profile and gives the opportunity to apply risk control measures for management and mitigation to acceptable risk appetite levels.
PEPMELF baseline risk assessments comply with risk management process requirements, as published in the ISO 31000:2009/2018 Risk Management Standard. They can also easily be used for risk identification purposes for the ISO 9001 Quality, ISO14001 Environmental and also, now, the ISO 45001 OHS Management System Standards.
Baseline risk assessments have a completely different focus and outcome to HIRA risk assessments. Construction Regulation 5(1)(a) requires the client or the client’s construction health and safety agent to provide a baseline risk assessment of the whole project and not just lists of HIRAs for the job tasks related to the anticipated contractor’s construction work.