Understanding the principles and practicalities of risk assessment
Understanding risk evaluation
Selecting and implementing control measures
Monitoring and reviewing
EC Directive 89/391/EEC
IEC/ISO 31010:2009
2. • Understanding the principles and practicalities of
risk assessment
• Understanding risk evaluation
• Selecting and implementing control measures
• Monitoring and reviewing
Lecture 03 outcomes
4. Legal background
• EC Directive 89/391/EEC of 12 June 1989 on the introduction
of measures to encourage improvements in the safety and
health of workers at work https://eur-lex.europa.eu/legal-
content/EN/TXT/PDF/?uri=CELEX:31989L0391&from=EN
• OHSAS 18001:2007 «Occupational health and safety
management systems — Requirements» - British Standard
• ISO 45001 Occupational Health & Safety management system
• IEC/ISO 31010:2009 Risk management— Risk assessment
techniques
ISO 45001 adoption by country
5. KEY POINTS of Directive 89/391/EEC
• It stipulates that employers:
– have a duty to ensure the health and safety of their workforce — this includes evaluating and
avoiding risks, developing an overall safety policy and providing appropriate training to staff;
– appoint someone responsible for the prevention of risks at work;
• take the necessary first aid, fire-fighting and evacuation precautionary measures;
• assess the risks particular workers might face and ensure the necessary protective measures
are in place;
• provide employees and/or their representatives with all relevant information on possible
health and safety risks and the measures taken to prevent them;
• consult employees and/or their representatives and involve them in all discussions on health
and safety at work;
• ensure each employee receives adequate health and safety training relevant to their job.
Each employee is responsible for taking care, as far as possible, of their own, and their
colleagues’, health and safety.
Special protection must be given to employees who may be particularly sensitive to possible risks
and dangers in the workplace.
Measures related to safety, hygiene and health at work may in no circumstances involve the
workers in financial cost.
6. ISO 45001 changes compared to OHSAS 18001:2007
• Context of the organization
– The organization shall determine internal and external issues that are
relevant to its purpose and that affect its ability to achieve the
intended outcome(s) of its OH & S management system.
– Understanding the needs and expectations of workers and other
interested parties: interested parties are workers, suppliers,
subcontractors, clients, regulatory authorities.
• Risk and opportunities: companies are to determine, consider and, where
necessary, take action to address any risks or opportunities that may impact
(either positively or negatively) the ability of the management system to deliver its
intended results, including enhanced health and safety at the workplace.
• Leadership and management commitment has stronger emphasis on
top management to actively engage and take accountability for the
effectiveness of the management system.
• Planning:
7. Definitions
Hazard - source, situation, or act with a potential for harm in
terms of human injury or ill health, or a combination of these.
Hazard Identification - process of recognizing that a
hazard exists and defining its characteristics
Incident - work-related event(s) in which an injury or ill health
(regardless of severity) or fatality occurred, or could have occurred.
Risk
Combination of the likelihood of an occurrence of a hazardous event or
exposure(s) and the severity of injury or ill health (that can be caused
by the event or exposure(s).
Risk Assessment
Process of evaluating the risk(s) arises from a hazard(s), taking into
account the adequacy of any existing controls, and deciding whether or
not the risk(s) is acceptable.
8. Hazard and Risk
Hazard the potential to cause harm or damage
Risk the chance of that harm occurring
Calculated as -
potential severity of harm
(the consequence – or damage)
x
likelihood of event occurring
stationary car parking on a hill moving car moving cars
9. Risk assessment & management process
contain the following elements
• communication and consultation
• establishing the context
• risk assessment (comprising risk identification,
risk analysis and risk evaluation)
• risk treatment;
• monitoring and review.
10. Risk assessment & management process
contain the following elements
• communication and consultation
• establishing the context
• risk assessment (comprising risk identification,
risk analysis and risk evaluation)
• risk treatment;
• monitoring and review.
11. Risk assessment & management process
contain the following elements
• communication and consultation
• establishing the context
• risk assessment (comprising risk identification,
risk analysis and risk evaluation)
• risk treatment;
• monitoring and review.
12. Risk assessment & management process
contain the following elements
• communication and consultation
• establishing the context
• risk assessment (comprising risk
identification, risk analysis and risk evaluation)
• risk treatment;
• monitoring and review.
14. 5 fundamental steps in risk assessment are:
Step 1: Identifying hazards and those at risk
Step 2: Evaluating and prioritizing risks
Step 3: Deciding on preventive action
Step 4: Taking action
Step 5: Monitoring and reviewing
15. • What are the hazards?
• What is the degree of risk?
• What do we need to, or can we, do to control
(eliminate/minimise) exposure to the risk?
• Who is doing what, where & when? (WWW)
AND
Who else might be affected by what is done?
• How will we monitor the work/people?
Risk Assessment – the 5 steps
17. Information about hazards at workplaces
• History and Records
• Intellectual or Practical Work
• Labor vs. Automation
• Complexity of Work
• Age of Equipment and Preventative Maintenance
Programs
• …..
Safety Pyramid
18. Risk analysis
• Risk analysis consists of determining the
consequences and their probabilities for
identified risk events, taking into account the
presence (or not) and the effectiveness of any
existing controls.
• The consequences and their probabilities are
then combined to determine a level of risk.
19. ISO/IEC 31010:2019. Risk management — Risk assessment techniques
Assessment techniques Examples
1. Techniques of expert opinion analysis o Brainstorming
o Delphi techniques
o Interviews
2. Identification techniques
o Checklists,
classifications and
taxonomies
o Scenario analysis
3. Techniques of risk source analysis
o Ishikawa method
(fishbone)
4. Techniques of analysis of management
measures
o Hazard analysis and
critical control points
HACCP ХАССП
5. Методики визначення наслідків,
ймовірності та ризику
o Event tree analysis ETAo Monte Carlo simulation
6. Методики аналізу залежностей o Causal mapping o Cross impact analysis
7. Методики визначення ступеня ризику
o Toxicological risk
assessment
8. Методики оцінки значущості ризику o Pareto charts o Risk indices
9. Методики вибору варіантів
o Cost benefit analysis
CBA
o Multi-criteria analysis MCA
10. Методики звітності і записів o Risk registers o Fault tree analysis
ДСТУ ІЕС/ІSО 31010:2013 (ІЕС/ІSО 31010:2009,IDТ). Управління ризиком. Методи
загального оцінювання ризику
https://khoda.gov.ua/image/catalog/files/dstu%2031010.pdf
20. Persons carrying out risk assessments
should be clear about
• the context and objectives of the organization,
• the extent and type of risks that are tolerable, and how
unacceptable risks are to be treated
• how risk assessment integrates into organizational
processes
• methods and techniques to be used for risk assessment, and
their contribution to the risk management process,
• accountability, responsibility and authority for performing
risk assessment,
• resources available to carry out risk assessment,
• how the risk assessment will be reported and reviewed.
22. • What could go wrong?
• What is the worst that could happen?
Consequence - severity
Likelihood
• How often must it be done?
• How many people do it?
Qualitative assessment
Risk calculates as
potential severity of harm
(the consequence – or damage)
x
likelihood of event occurring
23. Evaluating the risk
1. Highly unlikely
2. Possibly
3. Quite likely
4. Very likely
1. Slight harm
2. Injury affecting work
3. Serious injury
4. Possible fatality
24. Risk Assessment Matrix
Likelihood
Consequences Highly unlikely Possibly Quite likely Very Likely
Often to Almost
Always
Slight harm Very Low Very Low Low Low Medium
Injury affecting work Very Low Low Medium Medium High
Serious injury Low Medium High High Very High
Possible fatality Medium High High Very High Very High
RISK SCORING/ANALYSIS
25.
26. Quantitative risk assessment (RA):
• Statistical RA is based on statistical information,
calculations of danger probabilities, creation of event-
trees etc;
• Modeling RA is based on creation of models of hazard
impact on human, social group, humanity
• Expert RA uses the probabilities of events defined by
experts;
• Sociological RA includes opinion pulls of citizens and
employees, stakeholders etc
27. Engineering (statistical) RA
• R denotes risk per defined period (year);
• n denotes quantity of the dangerous events (accidents,
injuries etc);
• N denotes the maximum, theoretically possible quantity of
dangerous events;
• D are the losses per accident;
• k1…kn are the coefficients which include changes of initial
conditions
n
k
k
k
D
N
n
R
...
2
1
29. Individual
Social
Spatial
probability of the human mortality, injuries or
other dangerous consequences from the
hazard taking into account probability of the
person position near the source of hazard
probability of the human mortality, injuries or
other dangerous consequences over defined
quantity taking into account probability of the
person position near the source of hazard
probability of mortality, injuries or other
dangerous consequences for the person,
which is located in a certain space, during a
year
30. Risk levels
• Negligible risk is extremely low level of
danger.
• Acceptable risk is accepted in a given
context based on the current values of
society.
In other words, a risk is acceptable when
it is acceptable to the general public.
• Catastrophic (unacceptable) risk is the
level of risk which leads to unwanted
consequences in most cases
31. • Acceptable Risk - risk that has been reduced
to a level that can be tolerated by the
organization having regard to its legal
obligations and its own OH&S policy
32. Ukraine
• Methodology of assessment of risks and theirs
acceptable levels (Decree of Ministry of Social Policy of Ukraine № 637,
04.12.03)
Risk borders Acceptable Unacceptable
Spatial Rt >= 10-7 Rt > 10-5
Individual Ri >= 10-8 Ri > 10-6
Social Rs >= 10-7 Rs > 10-5
Negligible Acceptable Unacceptable
10-8 10-6
Local authorities taking into account regional features can determine other
borders. However they are not allowed to exceed the listed levels.
34. The main ways to control a hazard
• Elimination (including substitution): remove the hazard from the
workplace, or substitute (replace) hazardous materials or machines
with less hazardous ones.
• Engineering Controls: includes designs or modifications to plants,
equipment, ventilation systems, and processes that reduce the
source of exposure.
• Administrative Controls: controls that alter the way the work is
done, including timing of work, policies and other rules, and work
practices such as standards and operating procedures (including
training, housekeeping, and equipment maintenance, and personal
hygiene practices).
• Personal Protective Equipment: equipment worn by individuals to
reduce exposure such as contact with chemicals or exposure to
noise.
35.
36. 3.3. Monitoring and Review
Monitoring
• ‘Live’ nature of assessments
• Possible modification to procedures
Review
• Identifies changes to procedures
• Possible modification to assessment
41. The employer shall implement the measures
on the basis of the following general principles of prevention
(a) avoiding risks;
(b) evaluating the risks which cannot be avoided:
(c) combating the risks at source;
(d) adapting the work to the individual, especially as regards the design of work
places, the choice of work equipment and the choice of working and production
methods, with a view, in particular, to alleviating monotonous work and work at a
predetermined work-rate and to reducing their effect on health.
( e) adapting to technical progress;
(f) replacing the dangerous by the non-dangerous or the less dangerous;
(g) developing a coherent overall prevention policy which covers technology,
organization of work, working conditions, social relationships and the influence of
factors related to the working environment;
(h) giving collective protective measures priority over individual
protective measures;
(i) giving appropriate instructions to the workers.
42. The additional measures referred to in the
second indent of Article 3 ( 1 ) shall be
1 . providing medical surveillance of workers prior to exposure and thereafter
at regular intervals. In special cases, it shall be ensured that a suitable form of
health surveillance is available to workers who have been exposed to the
agent, after exposure has ceased ;
2. access by workers and/or their representatives at the place of work to the
results of exposure measurements and to the anonymous collective results of
the biological tests indicating exposure when such tests are provided for ;
3 . access by each worker concerned to the results of his own biological tests
indicating exposure ;
4. informing workers and/or their representatives at the place of work where
the limit values referred to in Article 4 are exceeded, of the causes thereof
and of the measures taken or to be taken in order to rectify the situation ;
5 . access by workers and/or their representatives at the place of work to
appropriate information to improve their knowledge of the dangers to which
they are exposed.