Managing risks

Eliminating the risk is the best control. If you can’t, you must minimise the risk so far as is reasonably practicable. The hierarchy of control measures assists duty holders to select the highest control measures to effectively manage risk. 

A step-by-step approach 

To manage WHS risks you should: 

  1. Identify hazards 

  1. Assess risks 

  1. Control risks 

  1. Review control measures 

At each step you must consult with workers and their health and safety representatives. Workers have knowledge, experience and ideas that can help you manage WHS risks. 

Risk management should be used for both physical risks and psychological risks in the workplace. Psychological risks are risks to someone’s psychological health (mental health). 

Step 1 - Identify hazards 

Hazards are things and situations that could harm a person. Find out what could cause harm in your workplace.  

Step 2 - Assess risks 

Undertake a risk assessment to identify the hazards in your workplace, which may cause harm (death, injury, or illness).  A risk assessment involves looking at what could happen if someone is exposed to a hazard and the likelihood of it happening. 

A risk assessment can help you work out: 

  • how severe a risk is  

  • if your control measures are effective  

  • what action you should take to control the risk  

  • how urgently you need to take action. 

You may not need to undertake this step if the hazards, risks, and control measures are well-known. 

Step 3 - Control risks 

You should always aim to eliminate risks, as this is the best way to manage risks.  Where this is not possible, you must minimise risks so far as is reasonably practicable. 

To control risks, you can follow the hierarchy of control measures, which are ranked from the highest level of protection and reliability to the lowest.  

Step 4 - Review control measures 

Review your control measures to make sure they work as planned. 

Examples of the risk management process can be found in Appendix B of the model Code of Practice: How to manage work health and safety risks

Control measures 

You should always aim to eliminate risks, as this is the best way to manage risk. If you can’t eliminate risks, you must minimise risks so far as is reasonably practicable. 

Use the hierarchy of control measures to control risks and reduce exposure to hazards. The ways of controlling risk are ranked from the highest level of protection and reliability to the lowest.  Administrative controls and personal protective equipment (PPE) are the least effective. They do not control the hazard at the source and rely on human behaviour and supervision. 

The hierarchy of control measures can be applied to any risk and must be applied where it is not reasonably practicable to eliminate risks linked to: 

  • remote or isolated work 

  • hazardous atmospheres or chemicals 

  • hazardous manual tasks 

  • falls or falling objects 

  • plant, electrical or construction work 

  • hearing loss associated with noise 

  • general diving work 

  • confined spaces 

  • naturally occurring asbestos   

Figure 1. The hierarchy of control measures
Figure 1. The hierarchy of control measures

Reasonably practicable 

What you must do to manage WHS risks depends on what is reasonably practicable. To decide if something is reasonably practicable you should think about all the relevant matters, for example: 

  • the likelihood of the hazard or risk 

  • the harm that could occur 

  • knowledge about the hazard or risk 

  • ways to minimise or eliminate the risk, and if these are available and suitable 

  • cost, including whether the cost is grossly disproportionate to the risk. 

Further information about ‘reasonably practicable’ is available in our guide How to determine what is reasonably practicable to meet a health and safety duty