Work health and safety risk management

All businesses, regardless of their structure or size, must have work health and safety risk assessment that is current and meets legal obligations.

Your risk management plan should identify risks in your business. The plan will describe ways to minimise the likelihood of an incident by including 'controls' - measures to either prevent or manage hazards. To make your risk management plan more effective, you need to monitor the risks and review and update the plan regularly.

A strong risk management plan, as part of a larger business continuity plan, will improve your business resilience and help you recover from incidents.

Risks and hazards

A hazard is something with the potential to cause harm. A risk is the likelihood that the harm will occur from exposure to the hazard. For example, if you have identified electricity as a potential hazard in your workplace, the risk is the likelihood that a worker might be electrocuted because of exposure to electrical wires that are inadequately insulated.

Workplace hazards involving the risks of illness or injury may include:

Find out more about managing hazardous chemicals in the workplace.

Risk management legislation

Under the How to manage work health and safety risks code of practice 2011 (PDF, 494KB), to properly manage exposure to risks you must:

  1. look for the hazards
  2. determine who might be harmed and how
  3. decide on control measures
  4. put controls in place
  5. review the controls.

Control measures should be implemented in the following order:

  1. Get rid of the harm or prevent the risk.
  2. If this is not possible
    • replace with something less harmful
    • separate people from the harm
    • change work processes or the physical work environment (e.g. by redesigning work, plant, equipment, components or premises)
    • apply administrative arrangements (e.g. limit entry or time spent in a hazardous area)
    • use personal protective equipment.