Risk assessments are a fundamental requirement for businesses. Employers who are unaware of the hazards and risks within their organisation may be putting their employees, customers, the general public and their business in danger.

A work[lace risk assessment is a systematic process of examining a particular work-related job, task or activity, to identify any possible hazards and the risk of someone being injured.  A risk assessment should also include any controls needed to eliminate or reduce any risk.

The Health and Safety Executive (HSE) states that a risk should be assessed: “every time there are new machines, substances and procedures, which could lead to new hazards.” Additionally, the assessment must be ‘suitable and sufficient’.

As employers, you have a legal duty to protect the health and safety of your workforce. Under the Management of Health and Safety at Work (MHSW) Regulations 1999, both employers and self-employed workers are required to make an assessment of the health and safety risks arising from work activities.

The Regulations state that employers carrying out a risk assessment must record any significant findings.  If a business employs more than 5 workers, these findings must be recorded in writing.

Other legislation that specifies the importance of risk assessments include;

  • Control of Substances Hazardous to Health 2002
  • The Manual Handling Operations Regulations.
  • The Control of Asbestos at Work Regulations 2002.
  • The Personal Protective Equipment at Work Regulations 1992
  • The Display Screen Equipment Regulations.

How do I perform a Workplace Risk Assessments?

An HSE Risk Assessments should be carried out by a competent and appropriately trained person within your organisation, who has the ability to identify hazards, categorise and evaluate risks.

The are 5 key steps that need to be taken to ensure that a suitable and sufficient assessment has been made;

  1. Identify any hazards.
  2. Decide who might be harmed and how.
  3. Evaluate the risks and decide on any control measures.
  4. Record your findings and implement them.
  5. Review your assessment and update regularly if appropriate.

When should an employer carry out a risk assessment?

  • Whenever a new job brings in significant new hazards. If there is high staff turnover, then the way new staff do their work should be checked against the risk assessment, and training provided in safe working practices if necessary
  • Whenever something happens to alert the employer to the presence of a hazard – for example, an unusual volume of sickness absence, complaints of stress and bullying, or unusually high staff turnover
  • In response to particular changes to the level of risk to individual employees – for example, where an employee returns to work after a period of long-term sickness absence; or
  • Where an employee is pregnant or breastfeeding and her work might involve a risk to her or her unborn child’s health and safety. (Regulation 16, Management of Health and Safety at Work Regulations 1999).

For more detailed information regarding the importance of risk assessments and how to perform them, the Risk Assessment eLearning course explains effective risk assessment and management in the workplace.

The Risk Assessment eLearning course has been designed to introduce managers to the concept and importance of carrying out effective risk assessments, and their responsibilities to ensure that risks are appropriately managed. The course explains the difference between hazards and risks and demonstrates how to assess the likelihood and impact of a range of different risks.

The online course also highlights the role of recording risks, and of keeping those records up to date. When incidents do occur, investigating authorities are entitled to demand to see risk assessments, procedures and controls alongside the incident report.

The course demonstrates how to carry out a risk assessment that is appropriate for different types and sizes of business, exploring the five key areas that should be included in all risk assessments: the identification of risks; who is likely to be harmed; evaluation of risk; recording; and review.

Like all our courses, the Risk Assessment eLearning course can be customised to meet your needs, enabling your workforce to understand the specific approaches you have developed for your organisation. A designated course administrator can edit the text and images of the course, and link to organisation-specific documentation, all at no extra cost.

The Cyber Governance Health Check assesses and reports levels of cyber security awareness and preparedness in FTSE 350 companies (i.e., the UK’s 350 largest firms). The report allows these leading organisations to compare how security risks are managed and helps them to identify and address their different vulnerabilities.

According to the latest figures from the Health Check, over half (54%) of FTSE 350 companies list the risk of cyber-attacks as their number one concern (compared with other business threats like economic uncertainty or the unease surrounding Brexit). This figure is up from 29% just three years ago.

It’s likely that the recent spate of ransomware attacks in the UK, and the devastation that followed instances such as the NHS’s WannaCry scare, is cause for the unrest amongst Britain’s market leaders. Whilst it is positive to see the new priority given to limiting cyber-security risks by these leading organisations, the report also highlights a less optimistic statistic: the fact that one in ten organisations currently operate without a response plan for cyber-attacks, and over two-thirds of employees have not received any training as to how handle an event such as this.

However, as Marco Cova, Senior Security Researcher at Lastline, suggests:

“If one was to find a silver lining, I would say that these ransomware attacks will probably do more to raise the security awareness of vendors and organisations than many security measures have in the past.”

Indeed, faced with the seemingly ever-present threat from cyber-criminals looking to steal data (or else hold it hostage) at the moment, it seems obvious that organisations ought to conduct their due diligence and prepare for the worst. More than this, though, and with new GDPR legislation on the horizon for 2018, companies are now more accountable than ever for keeping their clients’ data safe. This means that investments in technology and thorough cyber-security training that is preventative rather than reactive are imperative. This type of risk-mitigating training could mean the difference between keeping confidential data safe and compliant with GDPR, and having to fire-fight the aftermath (financial, reputational, or otherwise) of a data-breach.

It remains true that the biggest risk to any company’s digital security is its own employees. More often than not, users inadvertently create an entry-point for cyber-criminals to take advantage of – by visiting unauthorised websites, re-using weak passwords, or opening an attachment from an unknown sender, for example. This is why VinciWorks offer a range of information and cyber-security eLearning courses, all specifically designed to reduce the risk of a security breach.

Ensure your employees are aware of how to prevent a data breach with our Data Protection and Preventing a Data Breach eLearning courses. For added online security, we can also provide an off-the-shelf cyber-security bundle of courses, which includes full and short-course training to ensure your employees have a full awareness of cyber-security policies and best practices.

VinciWorks has just released a new version of its tax evasion course specifically geared to the corporate sector. While the first version of Tax Evasion: Failure to Prevent is tailored for businesses in the regulated sector, the new version has been modified to better accommodate scenarios that often face companies in non-regulated industries.

Key changes

More content relevant to diverse industries

VinciWorks corporate users are based in industries as diverse as hospitality, retail and manufacturing. The corporate version of the course provides content that is more directly relevant to the kinds of issues people face in non-regulated sector industries.

Chose from six corporate scenarios

Scenarios for corporate tax evasion course

There are now six specifically corporate scenarios to choose from, with up to three included in the course. Scenarios, like everything else in the course, is fully customisable. You can upload your own scenarios or VinciWorks can help you design learning scenarios that are relevant to your company and industry.
Continue reading

Nagware allows managers to automatically send out an email to remind staff to begin or complete a learning activity. Administrators can select when to  start sending the nag emails, often to send them and a trigger for when to begin to send the nag emails.

We have just added a new feature that means a “nag” can easily be duplicated so that a new nag doesn’t need to be started from scratch.

Duplicate Nag
Administrators can now easily duplicate a “nag” without having to copy and paste the details of a previous nag

Receive automatic update notifications

VinciWorks is committed to keeping all users informed of any updates to our Learning Management System. You can join our LMS update notifications mailing list by clicking on the button below.

Sign up now

Diverse crowd

Diversity in the workplace is important not just from a compliance and legal perspective. Results published in a McKinsey research paper show that companies with more diverse workforces perform better financially. Further, in July 2017 the £1,200 employment tribunal fee was scrapped by the Supreme Court. The result is that those who feel mistreated can take their current or former employer to court without having to overcome a financial hurdle.

Full transparency of a company policy will help diminish the risk of discrimination in the workplace, as well as promote a diverse culture in the workplace. VinciWorks has therefore created an equality and diversity policy template that can easily be edited to suit your organisation and industry.

Download equality and diversity policy template

Equality and Diversity Policy

The procedures in an Equality and Diversity Policy should reflect the controls and processes within an organisation for promoting equality and diversity, and explain the structured process for encouraging equality of opportunity and respect for diversity and preventing unlawful discrimination, whether direct or indirect, within in the organisation and in relationships with clients and others. The requirements reflected in the procedures will apply in relation to protected characteristics, including age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation. The procedures should be in accordance with local laws, for example, the Equality Act 2010 in the UK.

What should the equality and diversity policy include?

Introduction

The introduction should explain the purpose of the policy and what it consists of. It should also explain the importance of everyone contributing to compliance with the requirements of the policy by embedding such values in the workplace and by challenging inappropriate behaviour and processes.
Continue reading

An epidemic is an infectious disease that quickly and severely affects a large number of people and then subsides. However, a pandemic is an epidemic that spreads worldwide, or at least across a large region.

Pandemics have posed the most deadly threats to mankind throughout history, claiming more lives than all accidents and wars combined. Tuberculosis, an airborne bacterial infection and smallpox, a viral infection have affected the human population on a pandemic scale for thousands of years.

More recently, in February 2004, the avian influenza virus was detected in birds in Vietnam. This discovery sparked fresh fears of the emergence of new variant strains. There is great concern among experts, that if the avian influenza virus combines with a human influenza virus (in a bird or a human), the new subtype created could be both highly contagious and lethal in humans, causing a global influenza pandemic to occur.

Diseases such as Lassa fever and the Ebola virus have the potential to become pandemics due to their ability to spread and mutate.

In the event of a Pandemic, what should you do to protect your business?

Information and guidance on infection control in the event of a pandemic can be found by visiting the HSE website http://www.hse.gov.uk/biosafety/diseases/pandemic.htm

Additionally, the UK government has invested a considerable amount of money and resource in contingency planning in the event of an influenza outbreak. 

https://www.gov.uk/government/publications/pandemic-flu-guidance-for-businesses

As with all Health and Safety matters, employers have a duty of care to protect their workers in the event of a pandemic break out.

If your staff are not aware of your organisation’s precautions and measures, then germs can spread and cause serious disruption to your company. The Health and Safety Executive (HSE) recommends that precautionary measures are implemented and that employers ensure that their employees practice good personal hygiene.  

Training your staff in Pandemic Awareness will help your company be compliant with the HSE protection guidelines, help refine your health and safety processes and relay specific company policies, so staff are aware of what to do in the case of a pandemic and thus, reducing the risk of cross-infection.

The course explains what a pandemic is, and the difference between that and a seasonal outbreak. The course describes the physical symptoms that might be seen, explores how a virus can spread and provides advice about the actions to take if medical help is required.

The online course highlights the necessity for good hygiene and how this can work to prevent viruses from being spread amongst the workforce. It also looks at vaccinations and at-risk employees.

The course has been designed to support an organisation’s approach to the implementation of control measures and, as with all the VinciWorks offers, the course can be fully customised, enabling your workforce to understand the specific policies and procedures you have developed for your organisation. A designated course administrator can edit the text and images within the course, and link to organisation-specific documentation, all at no extra cost.

Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.

The threats to your personal and professional cyber security are ever-growing, with the needs of each organisation and employee varying. VinciWorks has therefore added a further six apps to it’s bank of available customisations.

Acceptable use cyber security appAcceptable Use

What constitutes acceptable use of company resources? Review the do’s and don’ts of the fair and proper use of business equipment and protect it from unauthorised access.

Information Classification cyber security appInformation Classification

Top tips and need-to-know’s on keeping company information in the right hands and away from the wrong eyes.
Continue reading

Group of Diverse Hands Together Joining Concept

The interpretation of the Equality Act 2010 in everyday life continues to evolve and progress. Tribunal decisions and court cases are constantly adding layers to equality and diversity best practice. One important general update employers should bear in mind is that the £1,200 employment tribunal fee was scrapped by the Supreme Court last month.

This roundup of the latest rulings will help you review equality policy and practice in your workplace.
Continue reading

We all enjoy a bit of work banter from time to time. Sharing humour is a great way of getting to know each other at work, lightening the mood and boosting morale – but inappropriate jokes and remarks can be offensive and discriminatory and can leave people feeling hurt, humiliated and excluded.