Compliance inSight Consulting Inc.
, Compliance inSight Consulting Inc.

Risk assess­ment began as a dis­ci­pline in the late 1960s, with some of the ear­li­est for­mal papers pub­lished in the ear­ly 1970s. The ear­ly researchers were part of the US mil­i­tary and were inter­est­ed in find­ing ways to reduce the risks for mil­i­tary per­son­nel car­ry­ing out their duties.

Since then, risk assess­ment has become a key part of reduc­ing risk to man­u­fac­tur­ers, employ­ers, and work­ers. Today, exten­sive risk assess­ment research is being done by orga­ni­za­tions and uni­ver­si­ties around the world.


Lim­it­ing this dis­cus­sion to machin­ery, risk assess­ment is essen­tial­ly an order­ly process where things that can do harm to peo­ple, ani­mals or the envi­ron­ment, called haz­ards, are iden­ti­fied, the sever­i­ty of injury pre­sent­ed by each haz­ard is esti­mat­ed, and the prob­a­bil­i­ty of occur­rence of the injury is estimated.

For risks that are con­sid­ered to be “intol­er­a­ble” or “unac­cept­able” based on applic­a­ble laws, reg­u­la­tions, stan­dards and pub­lic opin­ion, con­trol mea­sures are applied to reduce the risk.


Risk con­trols are applied based on the ‘Hier­ar­chy of Con­trols”. In North Amer­i­ca, the Hier­ar­chy is con­sid­ered to have five lev­els, while in the Inter­na­tion­al Stan­dards only the first three lev­els are rec­og­nized. This dis­crep­an­cy exists because ISO and IEC stan­dards are writ­ten from the per­spec­tive of the prod­uct design­er, and the last two lev­els are only avail­able to work­places. There are dis­tinct link­ages between the first three lev­els and the last two, so none of these con­trol mea­sures exists in a vacuum.

The five-lev­el hier­ar­chy includes:

  1. Inher­ent­ly Safe Design;
  2. Engi­neer­ing Controls:
    • Bar­ri­ers (Fences)
    • Fixed Guards
    • Mov­able Guards includ­ing Adjustable and Self Adjust­ing Guards and Inter­lock­ing Guards with or with­out Guard Locking
    • Safe­guard­ing Devices includ­ing Light Cur­tains, Fences and Beams, Safe­ty Mats, Area Scan­ners and two-Hand Controls
    • Aware­ness Devices includ­ing lights, horns, buzzers, mark­ings, etc.
  3. Infor­ma­tion for Use includ­ing Oper­a­tor Screens, Man­u­als, and Haz­ard Warnings
  4. Admin­is­tra­tive Controls
    • Train­ing
    • Safe Work­ing Pro­ce­dures includ­ing HECP, Per­mit to Work, Con­fined Space Entry, etc.
    • Super­vi­sion
    • etc.
  5. Per­son­al Pro­tec­tive Equip­ment (PPE)

Con­trol mea­sures must be applied in the order giv­en in the hier­ar­chy. Con­trol mea­sures are gen­er­al­ly most effec­tive at the top of the hier­ar­chy and least effec­tive at the bot­tom. All may be nec­es­sary to reduce risk to accept­able levels.


The process is repeat­ed until the resid­ual risk, mean­ing the risk that remains after the con­trol mea­sures have been applied, is with­in “tol­er­a­ble” or “accept­able” lev­els. This is some­times referred to as “ALARP” for “ALow AReason­ably Prac­ti­ca­ble” or “ALARA” for “ALow AReason­ably Achiev­able.” It’s worth­while not­ing that many labour orga­ni­za­tions have sig­nif­i­cant prob­lems with this con­cept. This aris­es from their legit­i­mate con­cern that risk reduc­tion will stop once the risk is deemed “tol­er­a­ble” or “accept­able.” The prob­lem being that the work­er who is actu­al­ly exposed to the risk may not real­ize the risk or agree to accept the expo­sure. Risk con­trol is nev­er com­plete unless the haz­ard has been elim­i­nat­ed. New tech­nolo­gies and con­trol meth­ods will be devel­oped as time pass­es, and must be imple­ment­ed to main­tain the low­est pos­si­ble risk.

There are always finan­cial con­sid­er­a­tions in con­trol­ling risk. If you are deal­ing with a risk that involves a sig­nif­i­cant sever­i­ty of injury and the con­trols seem too expen­sive, you should con­sid­er not pro­ceed­ing with the project/product/machine. It is nev­er accept­able to leave an uncon­trolled risk when there are risk con­trol mea­sures avail­able and the sever­i­ty of injury is any­thing more than a minor cut or bruise.


Risk assess­ments can be Haz­ard Based, mean­ing that haz­ards are assessed with­out spe­cif­ic ref­er­ence to tasks that work­ers are expect­ed to car­ry out, or they can be Task Based, where haz­ards are assessed based on the spe­cif­ic tasks that work­ers must car­ry out. This type is also called a Job Haz­ard Analy­sis or a Task Haz­ard Analy­sis.

Risk assess­ments can be objec­tive when there is suf­fi­cient data avail­able to allow the sever­i­ty and prob­a­bil­i­ty fac­tors to be quan­ti­fied, but often this is impos­si­ble. Sub­jec­tive risk assess­ments are based on the com­bined knowl­edge and skill of the risk assess­ment team that is assigned to the task.

At the sim­plest lev­el, “What-if?” analy­sis can be used to get a quick read­ing on risk. Most of us do this dai­ly as we get ready for our com­mute to work, when cross­ing the street, and when con­sid­er­ing large pur­chas­es. What-if analy­sis con­sists of ask­ing as many what-if ques­tions as nec­es­sary to exhaust the poten­tial sce­nar­ios that can be imag­ined. For machin­ery, this may be a place to start, but it is sel­dom detailed or com­pre­hen­sive enough to be effec­tive. Addi­tion­al tools are required.

For more infor­ma­tion, request a FREE Con­sul­ta­tion, or Request a Quo­ta­tion!


There are a num­ber of risk assess­ment stan­dards pub­lished, and there are an even larg­er num­ber of prod­uct fam­i­ly stan­dards that have risk assess­ment method­olo­gies built into them.

ISO 14121 was the de-fac­to pre­ferred stan­dard for machin­ery until 2010 when it was com­bined with ISO 12100–1 and ISO 12100–2 and repub­lished as ISO 12100. ISO/TR 14121–2 – Safe­ty of machin­ery — Risk assess­ment — Part 2: Prac­ti­cal guid­ance and exam­ples of meth­ods was not includ­ed in the new doc­u­ment and is still pub­lished and valid as of ear­ly 2011.

This stan­dard deals pri­mar­i­ly with the Pre­lim­i­nary Haz­ard Analy­sis (PHA) method, and pro­vides guid­ance on using FMEA, MFMEA, FTA, HazOPS and oth­er sys­tems to ana­lyze the risks.

CSA has embed­ded the ANSI RIA 15.06 risk analy­sis scor­ing sys­tem in two key Cana­di­an machin­ery stan­dards, CSA Z432 – Safe­ty of Machin­ery and CSA Z434 – Indus­tri­al Robots and Robot Sys­tems — Gen­er­al Safe­ty Require­ments. These matrix-based sys­tems fol­low the gen­er­al method­ol­o­gy giv­en in ISO 14121, but pro­vide a sim­pli­fied approach.

Inter­na­tion­al­ly, ISO and IEC prepar­ing to pub­lished ISO/IEC 31010, Risk Man­age­ment — Risk Assess­ment Tech­niques. This stan­dard is part of the new ISO 31000 series on Risk Management.

ISO has also pub­lished a new OHS Risk Assess­ment stan­dard, ISO 45001:2018, Occu­pa­tion­al health and safe­ty man­age­ment sys­tems — Require­ments with guid­ance for use. This stan­dard has also been adopt­ed as a Cana­di­an stan­dard as CSA Z45001:2019.

CSA pub­lished it’s own OHS risk assess­ment stan­dard, CSA Z1002:2012 – Occu­pa­tion­al Injury and Ill­ness Risk Assess­ment and Man­age­ment. This stan­dard is part of the CSA Z1000 series of stan­dards deal­ing with Occu­pa­tion­al Health and Safe­ty Man­age­ment. Com­pli­ance InSight Con­sult­ing is con­tribut­ing to the devel­op­ment of CSA Z1002 direct­ly with the involve­ment of Doug Nix on the CSA s362 Tech­ni­cal Committee.


To assist prac­ti­tion­ers, a few risk assess­ment soft­ware pack­ages have been cre­at­ed that assist in the process by han­dling the scor­ing cal­cu­la­tions auto­mat­i­cal­ly, and in some cas­es allow­ing for revi­sion con­trol and many oth­er features.

For sim­ple designs and lim­it­ed appli­ca­tions, it is pos­si­ble to devel­op risk assess­ment scor­ing sheets using stan­dard spread­sheet appli­ca­tions like MS Excel™, Apple Num­bers™ and many oth­ers. These can be very flex­i­ble, but usu­al­ly end up being too cum­ber­some to main­tain effec­tive­ly over time.

There are oth­er soft­ware pack­ages avail­able to assist you with risk assess­ment. We don’t cur­rent­ly have a pack­age that we recommend.


For those new to risk assess­ment, we can pro­vide train­ing and facil­i­ta­tion ser­vices, as well as con­duct­ing risk assess­ments on your prod­ucts. We have both pub­lic and pri­vate train­ing available.

For more infor­ma­tion, request a FREE Con­sul­ta­tion, or Request a Quo­ta­tion!


For more infor­ma­tion, check out these resources:

List Servers


The RISKANAL Inter­net mail­ing list is oper­at­ed by the Pacif­ic North­west Lab­o­ra­to­ry and Soci­ety for Risk Analy­sis’ Colum­bia-Cas­cades Chap­ter. Any­one with an Inter­net account/address may sub­scribe to RISKANAL.

In order to sign up for RISKANAL, sim­ply send the fol­low­ing mes­sage, replac­ing Your­First­Name YourLast­Name with your own details:

sub­scribe riskanal Your­First­Name YourLastName

to the email address:

[email protected]

The list­serv­er will respond to you to let you know if you’ve been successful.


ASSE: Amer­i­can Soci­ety of Safe­ty Engineers

SAR: Soci­ety for Risk Analysis

IEEE Prod­uct Safe­ty Engi­neer­ing Society


Risk Assess­ment: Basics and Bench­marks, Bruce Main. See the IEEE Xplore Review

Inno­va­tions in Safe­ty Man­age­ment, Fred Manuele, Sept 2001

On the Prac­tice of Safe­ty, Fred Manuele, 3rd edi­tion, 2003.


PreAc­ci­dent Inves­ti­ga­tion Pod­cast (USA) — Dr. Todd Conklin

The Safe­ty of Work (Aus­tralia) — Dr. Drew Rae and Dr. David Provan 

Web Sites

CCOHS: Cana­di­an Cen­tre for Occu­pa­tion­al Health and Safety

Risk Analy­sis – risk ana­lyst social network


Risk World

Wikipedia: Risk Assessment

Social media & sharing icons powered by UltimatelySocial