Who is Responsible for Ensuring that Risk Assessments are Carried Out?

Our Risk Assessment Courses

Ultimately, it is an employer’s responsibility to ensure that a risk assessment is conducted within a workplace. However, this does not mean that the employer themselves must conduct the risk assessment – they can appoint someone else within the organisation with this responsibility to carry out the risk assessment and comply with all health and safety requirements. This individual must be competent to uphold all health and safety duties, essentially beginning with the risk assessment.

How must an employer ensure health and safety standards are maintained?

Initially, the employer needs to decide upon the individual whose responsibility it is to conduct health and safety duties. Once this has been decided, you need to become aware of all of the relevant health and safety laws which you are expected to comply with.

In the UK:

The Control of Substances Hazardous to Health Regulations (COSHH) 2002. This legislation deals with substances in the workplace which have the ability to harm individuals, and subsequently how these substances must be dealt with. To comply with this legislation, a risk assessment is necessary.

The Health and Safety Executive (HSE) then has a step-by-step advisory process which employers can follow if they wish to comply with UK health and safety legislation, as well as risk assessment requirements.

How can the appointed individual carry out a risk assessment?

Step 1: Identify the hazards. This involves anything which can cause potential harm. This can include physical items or chemical and biological substances.

Step 2: Identify which individuals are at risk from these hazards. For example, if there are only certain employees dealing with biological substances in your workplace, then these are the individuals you must aim to protect.

Step 3: Implement control measures. Control measures ultimately protect individuals against the hazards in order to reduce the risk which is associated with them. Therefore, you need to ensure that appropriate control measures are implemented to ensure everything is dealt with properly.

Step 4: Record all of the processes and steps you have conducted during your risk assessment. This will ultimately prove to authorities, if they were to investigate your workplace, that you have conducted a risk assessment properly. This documentation will protect you.

Step 5: Review and monitor your risk assessment regularly. A workplace is ever changing, so your risk assessment needs to be kept up to date to take into consideration new hazards as well as new employees joining. Through doing this, your risk assessment will always be at its most effective.

It is a common misconception that risk assessments have to be time consuming, expensive and a lot of hard work, when they do not. Moreover, if a risk assessment is not conducted and an incident occurs within your workplace which requires repercussions, then your organisation will be in far more trouble for having not implemented the risk assessment procedures in the first place. It is always better to be safe than sorry, and conduct a risk assessment appropriately.

Our Risk Assessment Courses

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”