Site Information and assistance

On this page:

Effective systematic management of risks improves worker health and safety, as well as productivity.

Eliminating health and safety risks

The model WHS Act and Regulations require those who have a duty to ensure health and safety, achieve it by eliminating health and safety risks, so far as is reasonably practicable.

We strongly encourage businesses to strive to go beyond minimum compliance.

  • Workers should be given the highest practical level of protection to their health and safety from hazards and risks arising from work.

Key terms explained

  • Hazard refers to a situation or thing that has the potential to harm a person. Hazards at work may include noisy machinery, a moving forklift, chemicals, electricity, working at heights, a repetitive job, bullying and violence at the workplace.
  • Risk is the possibility that harm (death, injury or illness) might occur when exposed to a hazard.
  • Risk control means taking action to eliminate health and safety risks so far as is reasonably practicable, and if that is not possible, minimising them so far as is reasonably practicable. Eliminating a hazard will also eliminate any risks associated with that hazard.

A step-by-step process

Managing WHS risks involves four steps:

  • Identifying hazards—find out what could cause harm.
  • Assessing risks (if necessary)—understand the nature of the harm that could be caused by the hazard, how serious the harm could be and the likelihood of it happening.
  • Controlling risks—implement the most effective control measure that is reasonably practicable in the circumstances.
  • Reviewing control measures—ensure control measures are working as planned.

Figure 1 The risk management process

Many hazards and their associated risks are well known and have well established and accepted control measures. In these situations the second step to formally assess the risk is unnecessary.

If, after identifying a hazard, you already know the risk and how to control it effectively, you can simply implement the controls.

  • Risk management is a proactive process that helps you respond to change and facilitate continuous improvement in your business. It should be planned, systematic and cover all reasonably foreseeable hazards and associated risks.

Consult workers

Consulting workers and their health and safety representatives is required at each step of the health and safety risk management process.

By drawing on the experience, knowledge and ideas of workers, you are more likely to identify all hazards and choose effective control measures.

Workers should be encouraged to report any hazards and health and safety problems immediately so that risks can be managed before an incident occurs.

If there is a health and safety committee for the workplace, it should also be engaged in the health and safety risk management process.

Identify hazards

Identifying hazards in the workplace involves finding things and situations that could potentially cause harm to people. Hazards generally arise from the following aspects of work and their interaction, including:

  • physical work environment
  • equipment, materials and substances used
  • work tasks and how they are performed
  • work design and management.

Some hazards are part of the work process such as mechanical hazards, noise or toxic properties of substances. Other hazards result from equipment or machine failures and misuse, chemical spills and structural failures.

A piece of plant, substance or a work process may have many different hazards. Each of these hazards needs to be identified. For example a production line may have dangerous moving parts, noise, hazards associated with manual tasks and psychological hazards due to the pace of work.

Assess the risks

Assessing risk involves considering what could happen if someone is exposed to a hazard and the likelihood of it happening. Carrying out a risk assessment can help you evaluate the potential risks that may be involved in an activity or undertaking.

A risk assessment can help determine:

  • how severe a risk is
  • whether any existing control measures are effective
  • what action you should take to control the risk
  • how urgently the action needs to be taken.

A risk assessment should be done when:

  • there is uncertainty about how a hazard may result in injury or illness
  • the work activity involves a number of different hazards and there is a lack of understanding about how the hazards may interact with each other to produce new or greater risks
  • changes at the workplace occur that may impact on the effectiveness of control measures.

It is mandatory under the model WHS Regulations to carry out a risk assessment for high risk activities such as entry into confined spaces, diving work and live electrical work.

A risk assessment can be carried out with varying degrees of detail depending on the type of hazards and the information, data and resources you have available. It can be as simple as a discussion with your workers or involve specific risk analysis tools and techniques recommended by safety professionals.

For more information about how to carry out a risk assessment, refer to the model Code of Practice: How to manage work health and safety risks.

Controlling the risks

Once the hazards and their risks are known, controls need to be put in place.

Under the model WHS Act, the best control measure involves eliminating the risk—that is removing the risk from the workplace. If that is not possible you must minimise risks, so far as is reasonably practicable.

When determining the most suitable controls, you must consider various options and choose the control/s that most effectively eliminates the hazard or minimises the risk in the circumstances. This can be a single control or it could be a combination of different controls that together provide the highest level of protection that is reasonably practicable.

Some problems can be fixed easily and should be done straight away, while others will need more effort and planning to resolve. Of those requiring more effort, you should prioritise areas for action, focusing first on those hazards with the highest level of risk.

The hierarchy of risk control

The ways of controlling risks are ranked from the highest level of protection and reliability to the lowest as shown in the Figure 2. This ranking is known as the hierarchy of risk control.

The model WHS Regulations require duty holders to work through this hierarchy when managing health and safety risks.

Figure 2 The hierarchy of risk control

Deciding what is reasonably practicable

Deciding what is reasonably practicable to protect people from harm requires taking into account and weighing up all relevant matters including:

  • the likelihood of the hazard or risk occurring
  • the degree of harm that might result from the hazard or the risk
  • knowledge about the hazard or risk
  • ways of eliminating or minimising the risk
  • the availability and suitability of ways to eliminate or minimise the risk.

It is only after you’ve assessed the extent of the risk and the available ways of eliminating or minimising it, that you should consider associated costs, including whether they are grossly disproportionate to the risk.

Benefits of risk management

Managing risks helps businesses to:

  • prevent and reduce the number and severity of workplace injuries, illnesses and associated costs
  • promote worker health, wellbeing and capacity to work
  • foster innovation, quality and efficiency through continuous improvement.

Further advice

SWA is not a regulator and cannot advise you about identifying, assessing and controlling hazards in the workplace. If you need help, please contact your state or territory work health and safety authority.


You must check with your WHS regulator if a model Code of Practice has been implemented in your jurisdiction. Check with your WHS Regulator.

This site is undergoing constant refinement. If you have noticed something that needs attention or have ideas for the site please let us know.

Last modified on Tuesday 28 March 2017 [6401|33461]