The UK Health and Safety Executive (HSE) is seeking views on proposed changes to its generic guidance on risk assessment. The proposals emphasise that a risk assessment need not be a separate standalone document but can instead be evidenced by existing records and management processes which do the same thing. This could prove to be quite a significant – and for many, welcome – clarification on the ground.
Legally, every employer must carry out a suitable and sufficient assessment of risks to the health and safety of their employees at work, and any such risk to others (such as the general public) affected by their business activities. Real and obvious hazards need to be identified and the risk of harm posed by them evaluated. A common sense approach should be taken, with significant findings being recorded; it is not a duty to eliminate all risk. The process is a means to an end – all reasonably practicable measures being taken to control material risks – and not an end in itself.
But the HSE is now raising concerns that many view the need to record risk assessment results as something different to other day-to-day requirements of managing a business. Against that backdrop, the regulator is looking to highlight that dutyholders are allowed more flexibility to rely on documents that they already have to serve as a risk assessment record: relevant workplace “housekeeping” rules, for instance, or employee guidance (including HSE guidance); manufacturers’ instructions; method statements, data sheets and so on. In their draft revision the HSE is quite clear: “You do not need to duplicate these”.
This ought to be welcomed by many, particularly smaller, businesses, as well as by those organisations whose risk assessments are in effect “designed in” to their processes and represented by the issuing of new or revised operational procedures, for example, instead of separately recording the results of risk assessments which might underpin these processes.
Also of interest in the revised guidance is the HSE’s acknowledgement that insurers and contractors “may ask for more detailed paperwork than the law requires”. Bespoke risk assessment documentation may well be needed in the circumstances, but its function is not simply to serve as a “tick-box” for an audit or when an HSE inspector comes calling. The HSE would prefer the focus – rightly – to be on identifying sensible measures for controlling risks, not on the production of paperwork which may provide only token reassurance of compliance, abandoned in a desk drawer or filing cabinet.
The HSE’s online survey can be accessed here.