Professional Documents
Culture Documents
A risk assessment is a process to identify potential hazards and analyze what could happen if
a hazard occurs. A business impact analysis (BIA) is the process for determining the potential
impacts resulting from the interruption of time sensitive or critical business processes.
There are numerous hazards to consider. For each hazard there are many possible scenarios
that could unfold depending on timing, magnitude and location of the hazard. Consider
hurricanes:
A Hurricane forecast to make landfall near your business could change direction and go out to
sea.
The storm could intensify into a major hurricane and make landfall.
There are many “assets” at risk from hazards. First and foremost, injuries to people should be
the first consideration of the risk assessment. Hazard scenarios that could cause significant
injuries should be highlighted to ensure that appropriate emergency plans are in place. Many
other physical assets may be at risk. These include buildings, information technology, utility
systems, machinery, raw materials and finished goods. The potential for environmental impact
should also be considered. Consider the impact an incident could have on your relationships
with customers, the surrounding community and other stakeholders. Consider situations that
would cause customers to lose confidence in your organization and its products or services.
As you conduct the risk assessment, look for vulnerabilities—weaknesses—that would make
an asset more susceptible to damage from a hazard. Vulnerabilities include deficiencies in
building construction, process systems, security, protection systems and loss prevention
programs. They contribute to the severity of damage when an incident occurs. For example, a
building without a fire sprinkler system could burn to the ground while a building with a
properly designed, installed and maintained fire sprinkler system would suffer limited fire
damage.
The impacts from hazards can be reduced by investing in mitigation. If there is a potential for
significant impacts, then creating a mitigation strategy should be a high priority.
Risk Assessment Process Diagram - Text Version
Use the Risk Assessment Tool complete your risk assessment. Instructions are provided on
the form.
Hazards
Natural Hazards
Meteorological -Flooding, Dam/Levee Failure, Severe Thunderstorm (Wind, Rain,
Lightning, Hail), Tornado, Windstorm, Hurricanes and Tropical Storms, Winter Storm
(Snow/Ice)
Geological -Earthquake, Tsunami, Landslide, Subsidence/Sinkhole, Volcano
Biological - Pandemic Disease, Foodborne Illnesses
Human-Caused Hazards
Accidents -Workplace Accidents, Entrapment/Rescue (Machinery, Water, Confined Space,
High Angle), Transportation Accidents (Motor Vehicle, Rail, Water, Air, Pipeline),
Structural Failure/Collapse, Mechanical Breakdown
Intentional Acts - Labor Strike, Demonstrations, Civil Disturbance (Riot), Bomb Threat,
Lost/Separated Person, Child Abduction, Kidnapping/Extortion, Hostage Incident,
Workplace Violence, Robbery , Sniper Incident, Terrorism (Chemical, Biological,
Radiological, Nuclear, Explosives), Arson, Cyber/Information Technology (Malware Attack,
Hacking, Fraud, Denial of Service, etc.)
Technological Hazards
Information Technology - Loss of Connectivity, Hardware Failure, Lost/Corrupted Data,
Application Failure
Utility Outage - Communications, Electrical Power, Water, Gas, Steam,
Heating/Ventilation/Air Conditioning, Pollution Control System, Sewage System
Fire/Explosion - Fire (Structure, Wildland), Explosion (Chemical, Gas, or Process failure)
Hazardous Materials -Hazardous Material spill/release, Radiological Accident, Hazmat
Incident off-site, Transportation Accidents, Nuclear Power Plant Incident, Natural Gas
Leak Supply
Chain Interruption - Supplier Failure, Transportation Interruption
Risk Assessment Resources
Natural Hazards
Multi-hazard Mapping Information Platform - Federal Emergency Management Agency
(FEMA)
Flood Map Service Center - FEMA
Earthquake Hazards information - United States Geological Survey (USGS)
Rapid Visual Screening of Buildings for Potential Seismic Hazards: A Handbook. Second
Edition - FEMA
Hurricane - FEMA
Landslide Hazards Program - USGS
Volcano Hazards Program - USGS
Protecting Workers from Heat Illness - Occupational Safety and Health Administration
(OSHA)
Human-Caused Hazards
Survey Your Workplace for Additional Hazards - OSHA Compliance Assistance Quick Start
for General Industry
Methodology for Preparing Threat Assessments for Commercial Buildings - FEMA
Workplace Violence—Issues in Response - Federal Bureau of Investigation
Technological Hazards
Risk Assessment Portal, EPA tools, guidance and guidelines - U.S. Environmental
Protection Agency
Computer Security Resource Center, Special Publications, National Institute of
Standards and Technology, Computer Security Division
IT Security Essential Body of Knowledge, United States Computer Emergency Readiness
Team
https://worksmart.org.uk/health-advice/health-and-safety/hazards-and-risks/what-are-five-steps-risk-assessment
What are the five steps to risk assessment?
The Health and Safety Executive (HSE) advises employers to follow five steps when carrying out a workplace risk assessment:
Step 1: Identify hazards, i.e. anything that may cause harm.
Step 2: Decide who may be harmed, and how.
Step 3: Assess the risks and take action.
Step 4: Make a record of the findings.
Step 5: Review the risk assessment.
https://www.ccohs.ca/oshanswers/hsprograms/risk_assessment.html
Risk Assessment
CLOSE ALL
What is a risk assessment?
Risk assessment is a term used to describe the overall process or method where you:
Identify hazards and risk factors that have the potential to cause harm (hazard identification).
Analyze and evaluate the risk associated with that hazard (risk analysis, and risk evaluation).
Determine appropriate ways to eliminate the hazard, or control the risk when the hazard cannot be eliminated (risk control).
A risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc. that may cause
harm, particularly to people. After identification is made, you analyze and evaluate how likely and severe the risk is. When
this determination is made, you can next, decide what measures should be in place to effectively eliminate or control the
harm from happening.
The Canadian Standards Association (CSA) Z1002 Standard "Occupational health and safety - Hazard identification and
elimination and risk assessment and control" uses the following terms:
Risk assessment - the overall process of hazard identification, risk analysis, and risk evaluation.
Hazard identification - the process of finding, listing, and characterizing hazards.
Risk analysis - a process for comprehending the nature of hazards and determining the level of risk.
Notes:
(1) Risk analysis provides a basis for risk evaluation and decisions about risk control.
(2) Information can include current and historical data, theoretical analysis, informed opinions, and the concerns of
stakeholders.
(3) Risk analysis includes risk estimation.
Risk evaluation - the process of comparing an estimated risk against given risk criteria to determine the significance of the
risk.
Risk control - actions implementing risk evaluation decisions.
Note: Risk control can involve monitoring, re-evaluation, and compliance with decisions.
For definitions and more information about what hazards and risks are, please see the OSH Answers document Hazard and
Risk.
Delivering product to Drivers work alone May be unable to call for help if needed
customers
Drivers have to occasionally work long Fatigue, short rest time between shifts
hours
Drivers have to lift boxes when delivering Injury to back from lifting, reaching,
product carrying, etc.