Risk Management Procedure

Risk Management Procedure

This risk management procedure template can assist your business comply with ISO 45001, OH&S Management Systems clauses:

  • 6.0. Planning.
  • 6.1. Actions to Address Risks and Opportunities.
  • 6.1.2. Hazard Identification and Assessment of Risks and Opportunities.
  • 8.1.2. Eliminating hazards and reducing OH&S risks.


– Price Includes All Taxes


What is a Risk Management Procedure?

A risk management procedure is the process that is followed for identifying, analyzing, responding and managing a risk. It includes completing a risk assessment, which is a tool for identifying and analyzing a risk.

A risk management procedure is a fundamental part of an organization’s overall safety program.

The Risk Management Process

Effective risk management provides a level of assurance that an organization will achieve or exceed its objectives. Complying with obligations and is an essential component of due diligence responsibilities.

The risk management process typically involves a four-stage process (outlined below) to identify hazards and assess and control the associated risks with activities, products and services over which it has control or influence.

A risk management process takes into consideration the health and safety of employees, contractors, visitors, stakeholders and equipment, as well as environmental impacts.

Risk Management

The goal and objective of the risk management process is to enable:

  • Foreseeable hazards to be identified.
  • Risks to be assessed.
  • Risks to be eliminated or controlled to as low as reasonably practicable.
  • Monitoring and review to determine if control measures are effective.

1. Hazard and Risk Identification

An organization needs to be on the offensive to search for, detect and eliminate, or control all reasonably foreseeable hazards and identified risks that have the potential to expose personnel or the organization to risk.

Some hazards that may arise in a workplace include:

  • The nature and type of work being performed (both routine and non-routine).
  • The location and type of work.
  • Materials, chemicals, plant or equipment used.
  • The time of day and climatic conditions when the work is performed.
  • Proximity to the public.
  • Enterprise risks.
  • The work environment.
  • Workload, work hours, victimization and harassment.
  • Leadership and culture.
  • Potential emergencies.
  • Changes in knowledge and competencies.
  • Human factors and acts and omissions of personnel.

If a hazard is identified that cannot be immediately controlled, a verbal or documented hazard report should be completed and submitted to management.

2. Evaluation of Risks

Risk evaluation involves the assessment of both the likelihood of any injury, illness or damage occurring and the likely severity (or consequence) of any injury, illness or damage that may occur.

Risk Management Procedure

The following factors should be considered when doing a risk analysis of the identified types of risks and hazards:

  • The workplace and the working environment (including layout and conditions).
  • The capability, skill, experience and training of personnel, ordinarily undertaking work.
  • The number of persons exposed to the risk occurring.
  • The frequency to which persons are exposed to the risk.
  • The duration of persons’ exposure to the basic risk or overall risk.
  • The systems of work used and measures currently implemented to control the risk.
  • Information that is available from an authoritative source that is relevant to the hazard.
  • Information provided by a supplier of any plant, equipment or substance.
  • Safety data sheets and labels for any hazardous chemical.
  • Information about previous injuries, illnesses and dangerous incidents.

Risk management can be undertaken with varying degrees of detail depending on the type of hazards and the information, data and resources that are available under the circumstances.

3. Risk Elimination and Risk Treatment

A method of control must be selected and applied to each hazard identified. It is important to select the most effective and reasonably practicable method. This may include selecting a combination of control measures.

Where it is not reasonably practicable to eliminate risks, control measures must be implemented to minimize risks to the lowest level reasonably practicable, in accordance with a hierarchy of controls. Refer to the hierarchy of control flowchart.

Control measures and risk mitigation prescribed by a hierarchy must be applied in the order specified and in combination (if no single measure is sufficient) to minimize the risk to the lowest level reasonably practicable.

Where higher level control measures are not able to be implemented immediately, interim control measures (albeit relatively less effective) should be implemented to reduce the risk to an acceptable level until the primary controls can be introduced.

4. Monitoring and Review of Risk Assessments

The final step of the risk assessment process is to monitor and review the effectiveness of control measures, to verify they are as low as reasonably practicable. It is also possible that not all hazards have been identified during the initial risk assessment and the dynamic nature of some work activities results in frequent changes, so re-assessment may be required.

Reviews of risk control measures and may include:

  • Consultation with staff.
  • Verification that control measures have been fully implemented.
  • Inspection of hazard reports.
  • Confirmation that controls are suitable for the nature and duration of the work.
  • Observation of work activities.
  • Suitability of tools and equipment, including PPE.
  • Checks that the implementation of control measures did not result in the introduction of any new hazards or complications.

The control measures decided upon should be discussed and reviewed for as long as necessary to enable ongoing safe work practices. Whenever there is evidence that control measures are no longer effective (e.g. an injury or illness, employee complaint or advancements in technology) another assessment of the residual risks must be undertaken.

Contents of this Risk Management Procedure

  • Approval.
  • Purpose.
  • Scope.
  • Terms and Definitions.
  • Roles and Responsibilities.
  • Procedures.
  • Steps in the Risk Management Process.
  • Risk Management Planning.
  • Risk Management Framework.
  • Hazard and Risk Register.
  • Related Procedures, Forms and Documents.
  • Review Criteria.
  • Record Management.
  • References.

Why Choose to Buy this Risk Management Procedure

This 11-page risk management procedure documents the strategic risk management processes. By following the procedure you can minimize or eliminate the exposure of potential risks to your organization.

After purchasing this template you will be able to:

  • Very easily edit and customize the template to create your own procedure.
  • Apply your own style, format and brand to the procedure.
  • Use it in any industry or sector regardless of the size or type of organization.

Availability and Use of this Risk Management Procedure

  • This risk management procedure is accessible to you right now by clicking the ‘Buy Now’ button.
  • The procedure will be delivered to you in fully editable Microsoft Word format for immediate and full use in your business.
  • There are no subscriptions, contracts or ongoing costs.

Risk Management Procedure Guarantee

This Risk Management Procedure is 100% Satisfaction Guaranteed.


You may also need: