Facebook Google Instagram

★★★★★ LOWEST PRICES  |  MAXIMUM COVERAGE  |  GREAT SERVICE ★★★★★

07 5346 0149
GET A QUOTE

How to Conduct a Workplace Risk Assessment: 5-Step Guide

By /

A solid risk assessment does more than tick a compliance box — it keeps people safe, cuts downtime, and protects your business reputation. Yet many managers and owners put it off because it feels time‑consuming or overly technical. Maybe you’ve had a near miss, brought in new equipment, or your insurer or regulator has asked for your risk assessment. Whatever the trigger, you need a clear, practical way to do it properly without getting buried in jargon.

The good news: you don’t need to be a safety specialist to get this right. This guide breaks the process into five straightforward steps — identify hazards, assess the risks, control the risks, record your findings, and review — using plain language, a simple risk matrix, and examples you can adapt to your workplace, from office to workshop to fleet operations.

Here’s what you’ll learn next: how to spot hazards across people, tasks, equipment, chemicals and environment; how to rate risk by likelihood and consequence, accounting for existing controls; how to choose reasonably practicable controls using the hierarchy of control and assign actions; how to document everything in a usable risk register; and how to keep it current through reviews, incidents, and worker feedback. Let’s begin with Step 1: identifying hazards.

Step 1. Identify hazards (people, tasks, equipment, chemicals, environment, and who may be harmed)

Start by walking the work area and talking with the people who do the job. Ask “what could cause harm?” and “who could be hurt and how?”. Look at normal operations and non‑routine work (maintenance, cleaning, changeovers). If you’re learning how to conduct risk assessment well, good hazard spotting is the foundation.

  • People and work practices: Observe how work is actually done. Note manual handling, fatigue, lone work, time pressure, and work‑related stress.
  • Tasks and processes: Break jobs into steps. Flag cutting, hot work, driving, reversing and loading, working at height, confined spaces, and energised work.
  • Plant and equipment: Check guards, emergency stops, interlocks, maintenance status, and mobile plant/vehicle movements (including parking and loading zones).
  • Chemicals and substances: List what’s used or stored. Review labels and safety data sheets, ventilation, storage, decanting, and PPE needs.
  • Environment and premises: Identify slips, trips, uneven surfaces, lighting, noise, heat/cold, weather exposure, dust, and housekeeping.
  • Non‑routine and change: Consider start‑ups, shutdowns, breakdowns, contractors, new staff, new equipment, or process changes.
  • Records and data: Review incident and near‑miss reports, inspection findings, and health surveillance results to catch less obvious hazards.

Consider everyone who could be affected: employees, contractors, visitors, and the public. Pay special attention to vulnerable workers such as young or new workers, expectant mothers, migrants, and people with disabilities.

Capture each hazard with a brief note of who might be harmed and how. You’re now ready to rate the risk in Step 2.

Step 2. Assess the risks (likelihood x consequence, risk matrix, existing controls, who might be harmed and how)

Now convert each hazard into a clear level of risk so you can prioritise action. In simple terms, you’re judging how likely the harm is and how bad it could be, considering what you already do to control it. This is the heart of how to conduct risk assessment well: consistent ratings, agreed definitions, and solid notes to back your decisions.

Build a simple, shared risk matrix

Use a 4×4 or 5×5 matrix with agreed definitions so everyone rates hazards the same way. For likelihood, terms such as Rare, Unlikely, Likely, Almost certain work well. For consequence, align to Insignificant (first aid), Minor (up to 7 days off), Moderate (7+ days off), Major (fatality or permanent disability), Catastrophic (multiple fatalities) as used by regulators. Calculate a score using Risk = Likelihood x Consequence and colour‑code to show Low, Moderate, Significant, or Severe.

Rate each hazard consistently

For every hazard:

  • Who might be harmed and how: Note employees, contractors, visitors, or public, and the injury or ill‑health that could result.
  • Existing controls: List what’s in place (engineering, procedures, training, PPE) and judge how effective they are.
  • Likelihood: Decide how often exposure occurs and how failure could happen, using your agreed scale.
  • Consequence: Choose the most credible worst injury outcome.
  • Risk rating: Plot it on the matrix and record the level.
  • Assumptions and evidence: Write brief notes (e.g., data from incidents, inspections) so others can understand your call.

Quick example

Hazard: reversing vehicles in the loading yard. Who: pedestrians, drivers, contractors. Controls: beepers, mirrors, painted walkways; spotters used at peak times. Likelihood: Likely. Consequence: Major. Rating: Significant. Assumptions: tight space, mixed traffic, two near misses in 12 months. This rating sets up Step 3 to identify stronger controls that are reasonably practicable.

Involve workers in scoring; they know real exposure and near misses. If in doubt, err on the higher rating and justify it—your next step is to reduce that risk.

Step 3. Control the risks (hierarchy of control, what is reasonably practicable, assign actions and consult workers)

With your ratings done, the goal is simple: reduce each risk so harm is unlikely. The best way to control risks — and a key part of how to conduct risk assessment well — is to follow the hierarchy of control, choose what’s reasonably practicable, and turn decisions into clear actions with owners and deadlines.

Apply the hierarchy of control

Work from most effective to least:

  • Eliminate: Remove the hazard (e.g., design out reversing or a manual lift entirely).
  • Substitute: Swap for something safer (e.g., less hazardous chemical, smaller loads).
  • Engineering controls: Isolate people from harm (e.g., barriers, machine guarding, ventilation, traffic separation).
  • Administrative controls: Change the way work is done (e.g., procedures, scheduling, permits, training, supervision).
  • PPE: Use as a last line of defence and only alongside higher‑order controls.

What ‘reasonably practicable’ means

You’re not expected to remove all risk, but you must do what is reasonably practicable — balance the level of risk against the time, cost and effort to control it, without using cost as an excuse for inaction where serious harm is possible. Consult workers, HSRs and relevant experts to test feasibility and effectiveness.

Turn controls into actions

Make controls stick by assigning:

  1. Owner: Who is responsible.
  2. Deadline: When it’ll be done.
  3. Resources: Budget, tools, approvals.
  4. Competency: Training and communication needed.
  5. Verification: How you’ll check it works (inspection, test, trial).

Prioritise by risk level: Severe – stop and fix now; Significant – rectify with urgency; Moderate – reduce further; Minor – manage via continuous improvement.

Quick example: reversing vehicles

  • Eliminate/substitute: Redesign yard flow to avoid reversing; use smaller vehicles for tight zones.
  • Engineering: Install physical barriers, dedicated pedestrian walkways and gates, mirrors/cameras, marked exclusion zones.
  • Administrative: Banksman/spotter at peaks, delivery windows, traffic management plan, licences and permits.
  • PPE: High‑vis and two‑way comms.

Document why your chosen mix is reasonably practicable, then move to Step 4 to record it properly.

Step 4. Record your findings (risk register, actions, responsibilities, due dates, and how you’ll verify controls)

Now make your assessment usable. Capture your significant findings in a simple risk register so decisions are transparent, responsibilities are clear, and progress is trackable. Don’t rely purely on paperwork — your priority is to control the risks in practice — but a clear record is essential to show how to conduct risk assessment properly and to keep improvements moving.

  • Hazard and harm: Concise description of the hazard and potential injury/ill health.
  • People at risk: Who might be harmed and how.
  • Existing controls: What’s in place and how effective it is.
  • Risk rating: Using your agreed matrix.
  • Required actions: Controls (by hierarchy) and why they’re reasonably practicable.
  • Owner and due date: One accountable person and a realistic deadline.
  • Verification: How you’ll check it works (inspection, test, trial) and what evidence you’ll keep.
  • Review trigger/date: When you’ll revisit (e.g., change, incident, or scheduled date).
Hazard (summary) Who might be harmed and how Risk rating Key actions Owner Due date Verification
Reversing vehicles in loading yard Pedestrians struck; drivers injured Significant Redesign traffic flow; install barriers and cameras; schedule deliveries; spotter at peaks Ops Manager 30/11 Site walk‑through, traffic audit, near‑miss tracking

Keep entries short, specific, and evidence‑based so Step 5 — review and monitoring — is straightforward.

Step 5. Review and monitor controls (changes, incidents and near misses, worker feedback, audits, continuous improvement)

Controls aren’t “set and forget”. You need to check they’re working in the real world, then refine them. This is the final step in how to conduct risk assessment that actually improves safety day to day: verify, learn, adjust, and update your records so the risk profile stays accurate.

  • Changes: Reassess after changes to staff, process, substances, equipment, or the work environment.
  • Incidents and near misses: Investigate, update likelihood/consequence, and strengthen controls based on findings.
  • Worker feedback: Use toolbox talks, HSR input, and suggestions to spot gaps early.
  • Audits and inspections: Test that engineering and administrative controls work as intended; gather evidence.
  • Monitoring trends: Track issues and improvements over time to see if risk is reducing.
  • Review dates: Keep scheduled reviews and update the risk assessment record with any changes.

If controls are ineffective, escalate up the hierarchy, assign new actions, communicate changes, and verify again. That continuous loop keeps people safe and your business compliant and resilient.

Next steps

You’ve now got a practical, five‑step way to reduce harm and keep work moving: spot hazards, rate the risk, choose controls, record decisions, and review. Start with one area, involve your workers, log actions with owners and due dates, and set a review in 3–6 months. If your assessment flagged vehicle risks, pair strong controls with the right cover and claims support. For tailored advice and a competitive motor insurance quote with a price‑beat guarantee and 365‑day support, visit National Cover.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

National Cover Pty Ltd
ABN 74 639 621 480
Authorized Representative
001284720
Shanebridge Pty Ltd (ABN:16 011 049 899)
AFSL: 245566
Facebook Google Instagram
National Cover Pty Ltd
Contact Details

Head Office:

298 Musgrave Road, Coopers Plains, QLD 4108

Member #14155
© Copyright 2022 National Cover Pty Ltd, All Rights Reserved.
Insurance Not Due Yet?
We'll contact you at the perfect time when your current insurance is about to expire
We'll only use this to send you a timely renewal reminder.
No spam, unsubscribe anytime.
Scroll to Top