I am often asked the purpose and difference between various risk management tools.

Organisations with comprehensive health and safety management systems have a layered approach to risk management.


Framework of risk


At an organisational level, risks are documented according to their source. This is usually called a risk register. It can include non- safety as well as WHS risks such as financial, reputation, environmental, quality, compliance etc. There is no set defined way in which a risk register should be laid out. However it should include an identification of the sources of risk, the required risk treatments and an assessment of the risk. The register, as with all other risk management tools, should be designed to suit the contextual factors in which the organisation operates.

The risk register type of risk management tool filters down to a project specific; and sometimes business unit level within an organisation.

At a more localised level an organisation will have risk management tools to address task specific hazards. These may be in the form of a Job Hazard Analysis, Safe Operating Procedures etc. The purpose of these risk management tools is to document the steps required for a task, determine the hazards associated with those steps and what risk controls are required to mitigate the risk associated with those hazards.

Organisations will also have risk management tools to address specific activities. These may include the use of hazardous substances, plant, manual tasks etc. For example, a hazardous substances risk assessment will enable an organisation to meet its obligations under the Occupational Health and Safety Regulations 1996, Regulation 5.15 to assess the risk of exposure of employees to hazardous substances.

At an even more localised level is the use of personal risk assessments. Often these are called a ‘Take 5, ‘Start’ or something similar. The intention of these is for the individual to assess the current environment for issues that may impact on health and safety. This type of risk assessment supports higher level task based risk assessments.