A standard risk assessment process identifies potential hazards and the people at risk, evaluates risks, outlines control measures, implements findings, and periodically reviews the assessment, according to RoSPA workplace safety. There are no fixed rules for conducting the assessment.
A safety officer identifies hazards by using different techniques, including talking to employees and walking around the workplace, states RoSPA workplace safety. After identifying the hazards, the officer identifies the people likely to be harmed by the hazards. People at risk could be employees or members of the public. The officer then outlines control measures such as removing the hazard or controlling it to minimize the likelihood of injury. The officer records the assessment findings in a legal document in the presence of five or more employees.
A safety officer may need to review and update the findings periodically, since most workplaces keep changing, notes RoSPA workplace safety. Risk factors include legal, operational, financial, strategic and technological risks, states Cornell University. An auditor may organize the organizational structure into auditable units, gather data from each unit, and combine units that share risk factors before conducting a risk assessment. The degree of risk attached to each unit depends on the effect of the risk on the financial position of the organization, service delivery and employee welfare.