Risk assessment began as a discipline in the late 1960's, with some of the earliest formal papers published in the early 1970's. The early researchers were part of the US military, and were interested in finding ways to reduce the risks for military personnel carrying out their duties.
Since then, risk assessment has become a key part of reducing risk to manufacturers, employers, and workers. Today, extensive risk assessment research is being done by organizations and universities around the world.
What is risk assessment?
Limiting this discussion to machinery, risk assessment is essentially an orderly process where things that can do harm to people, animals or the environment, called hazards, are identified, the severity of injury presented by each hazard is estimated, and the probability of occurrence of the injury is estimated.
For risks that are considered to be "intolerable" or "unacceptable" based on applicable laws, regulations, standards and public opinion, control measures are applied to reduce the risk.
Risk controls are applied based on the 'Hierarchy of Controls". The hierarchy includes:
- Hazard Elimination or Substitution;
- Engineering Controls:
- Barriers (Fences)
- Fixed Guards
- Movable Guards including Adjustable and Self Adjusting Guards and Interlocking Guards with or without Guard Locking
- Safeguarding Devices including Light Curtains, Fences and Beams, Safety Mats, Area Scanners and two-Hand Controls
- Awareness Devices including lights, horns, buzzers, markings, etc.
- Information for Use including Operator Screens, Manuals, and Hazard Warnings
- Administrative Controls
- Safe Working Procedures including HECP, Permit to Work, Confined Space Entry, etc.
Control measures must be applied in the order given in the hierarchy. Control measures are generally most effective at the top of the hierarchy and least effective at the bottom. All may be necessary to reduce risk to acceptable levels.
The process is repeated until the residual risk, meaning the risk that remains after the control measures have been applied, is within "tolerable" or "acceptable" levels. This is sometimes referred to as "ALARP" for "As Low As Reasonably Practicable" or "ALARA" for "As Low As Reasonably Achievable." It's worthwhile noting that many labour organizations have significant problems with this concept. This arises from their legitimate concern that risk reduction will stop once the risk is deemed "tolerable" or "acceptable." The problem being that the worker who is actually exposed to the risk may not realize the risk or agree to accept the exposure. Risk control is never complete unless the hazard has been eliminated. New technologies and control methods will be developed as time passes, and must be implemented to maintain the lowest possible risk.
There are always financial considerations in controlling risk. If you are dealing with a risk that involves a significant severity of injury and the controls seem too expensive, you should consider not proceeding with the project/product/machine. It is never acceptable to leave an uncontrolled risk when there are risk control measures available and the severity of injury is anything more than a minor cut or bruise.
Types of Assessments
Risk assessments can be Hazard Based, meaning that hazards are assessed without specific reference to tasks that workers are expected to carry out, or they can be Task Based, where hazards are assessed based on the specific tasks that workers must carry out. This type is also called a Job Hazard Analysis or a Task Hazard Analysis.
Risk assessments can be objective when there is sufficient data available to allow the severity and probability factors to be quantified, but often this is impossible. Subjective risk assessments are based on the combined knowledge and skill of the risk assessment team that is assigned to the task.
At the simplest level, "What-if?" analysis can be used to get a quick reading on risk. Most of us do this daily as we get ready for our commute to work, when crossing the street, and when considering large purchases. What-if analysis consists of asking as many what-if questions as necessary to exhaust the potential scenarios that can be imagined. For machinery, this may be a place to start, but it is seldom detailed or comprehensive enough to be effective. Additional tools are required.
There are a number of risk assessment standards published, and there are an even larger number of product family standards that have risk assessment methodologies built into them.
ISO 14121 was the de-facto preferred standard for machinery until 2010 when it was combined with ISO 12100-1 and ISO 12100-2 and republished as ISO 12100. ISO/TR 14121-2 – Safety of machinery — Risk assessment — Part 2: Practical guidance and examples of methods was not included in the new document and is still published and valid as of early 2011.
This standard deals primarily with the Preliminary Hazard Analysis (PHA) method, and provides guidance on using FMEA, MFMEA, FTA, HazOPS and other systems to analyze the risks.
CSA has embedded the ANSI RIA 15.06 risk analysis scoring system in two key Canadian machinery standards, CSA Z432 – Safety of Machinery and CSA Z434 – Industrial Robots and Robot Systems - General Safety Requirements. These matrix-based systems follow the general methodology given in ISO 14121, but provide a simplified approach.
Internationally, ISO and IEC are preparing to publish ISO/IEC 31010, Risk Management - Risk Assessment Techniques. This standard is part of the new ISO 31000 series on Risk Management.
CSA is also developing a new workplace risk assessment standard, CSA Z1002 – Occupational Injury and Illness Risk Assessment and Management. This standard is part of the new CSA Z1000 series of standards dealing with Occupational Health and Safety Management. Compliance InSight Consulting is contributing to the development of CSA Z1002 directly with the involvement of Doug Nix on the CSA s362 Technical Committee.
To assist practitioners, a few risk assessment software packages have been created that assist in the process by handling the scoring calculations automatically, and in some cases allowing for revision control and many other features.
For simple designs and limited applications, it is possible to develop risk assessment scoring sheets using standard spreadsheet applications like MS Excel™, Apple Numbers™ and many others. These can be very flexible, but usually end up being too cumbersome to maintain effectively over time.
There is software, and then there is software. CIRSMA™ (Corporate Industrial Risk & Safety Management Application) risk analysis software, produced by Industrial Safety Integration is modular and uses a standard database architecture to maintain and control the risk assessments and supporting documentation. In our opinion, this product brings all of the key features to the table that an industrial user needs, and many that are simply not available in an integrated product like this. We use CIRSMA™ when we are assessing the risk(s) - shouldn't you?
Click for more information on CIRSMA™.
For those new to risk assessment, we can provide training and facilitation services, as well as conducting risk assessments on your products. We have both public and private training available.
For more information, check out these resources:
The RISKANAL Internet mailing list is operated by the Pacific Northwest Laboratory and Society for Risk Analysis' Columbia-Cascades Chapter. Anyone with an Internet account/address may subscribe to RISKANAL.
In order to sign up for RISKANAL, simply send the message:
subscribe riskanal YourFirstName YourLastName
to the email address:
Innovations in Safety Management, Fred Manuele, Sept 2001
On the Practice of Safety, Fred Manuele, 3rd edition, 2003.
Risk Analysis – risk analyst social network