• Skip to main content
  • Skip to site information
  • Departments

Language selection

  • Français

Canadian Centre for Occupational Health and Safety

Scheduled maintenance - Thursday, July 12 at 5:00 PM EDT

We expect this update to take about an hour. Access to this website will be unavailable during this time.

Hazard and Risk - Risk Assessment

On this page, what is a risk assessment, why is risk assessment important, what is the goal of risk assessment, when should a risk assessment be done, how do you plan for a risk assessment, how is a risk assessment done, how are the hazards identified, how do you know if the hazard will cause harm (poses a risk), how are risks ranked or prioritized, what are methods of hazard control, why is it important to review and monitor the assessments, what documentation should be done for a risk assessment.

Risk assessment is a term used to describe the overall process or method where you:

  • Identify hazards and risk factors that have the potential to cause harm (hazard identification).
  • Analyze and evaluate the risk associated with that hazard (risk analysis, and risk evaluation).
  • Determine appropriate ways to eliminate the hazard, or control the risk when the hazard cannot be eliminated (risk control).

A risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc. that may cause harm, particularly to people. After identification is made, you analyze and evaluate how likely and severe the risk is. When this determination is made, you can next, decide what measures should be in place to effectively eliminate or control the harm from happening.

The CSA Standard Z1002 "Occupational health and safety - Hazard identification and elimination and risk assessment and control" uses the following terms:

Risk assessment – the overall process of hazard identification, risk analysis, and risk evaluation. Hazard identification – the process of finding, listing, and characterizing hazards. Risk analysis – a process for comprehending the nature of hazards and determining the level of risk. Notes: (1) Risk analysis provides a basis for risk evaluation and decisions about risk control. (2) Information can include current and historical data, theoretical analysis, informed opinions, and the concerns of stakeholders. (3) Risk analysis includes risk estimation. Risk evaluation – the process of comparing an estimated risk against given risk criteria to determine the significance of the risk. Risk control – actions implementing risk evaluation decisions. Note: Risk control can involve monitoring, re-evaluation, and compliance with decisions.

For definitions and more information about what hazards and risks are, please see the OSH Answers document Hazard and Risk .

Risk assessments are very important as they form an integral part of an occupational health and safety management plan. They help to:

  • Create awareness of hazards and risk.
  • Identify who may be at risk (e.g., employees, cleaners, visitors, contractors, the public, etc.).
  • Determine whether a control program is required for a particular hazard.
  • Determine if existing control measures are adequate or if more should be done.
  • Prevent injuries or illnesses, especially when done at the design or planning stage.
  • Prioritize hazards and control measures.
  • Meet legal requirements where applicable.

The aim of the risk assessment process is to evaluate hazards, then remove that hazard or minimize the level of its risk by adding control measures, as necessary. By doing so, you have created a safer and healthier workplace.

The goal is to try to answer the following questions:

  • What can happen and under what circumstances?
  • What are the possible consequences?
  • How likely are the possible consequences to occur?
  • Is the risk controlled effectively, or is further action required?

There may be many reasons a risk assessment is needed, including:

  • Before new processes or activities are introduced.
  • Before changes are introduced to existing processes or activities, including when products, machinery, tools, equipment change or new information concerning harm becomes available.
  • When hazards are identified.

In general, determine:

  • What the scope of your risk assessment will be (e.g., be specific about what you are assessing such as the lifetime of the product, the physical area where the work activity takes place, or the types of hazards).
  • The resources needed (e.g., train a team of individuals to carry out the assessment, the types of information sources, etc.).
  • What type of risk analysis measures will be used (e.g., how exact the scale or parameters need to be in order to provide the most relevant evaluation).
  • Who are the stakeholders involved (e.g., manager, supervisors, workers, worker representatives, suppliers, etc.).
  • What relevant laws, regulations, codes, or standards may apply in your jurisdiction, as well as organizational policies and procedures.

Assessments should be done by a competent person or team of individuals who have a good working knowledge of the situation being studied. Include either on the team or as sources of information, the supervisors and workers who work with the process under review as these individuals are the most familiar with the operation.

In general, to do an assessment, you should:

  • Identify hazards.
  • Consider normal operational situations as well as non-standard events such as maintenance, shutdowns, power outages, emergencies, extreme weather, etc.
  • Review all available health and safety information about the hazard such as Safety Data Sheet (SDS), manufacturers literature, information from reputable organizations, results of testing, workplace inspection reports, records of workplace incidents (accidents), including information about the type and frequency of the occurrence, illnesses, injuries, near misses, etc.
  • Understand the minimum legislated requirements for your jurisdiction.
  • Identify actions necessary to eliminate the hazard, or control the risk using the hierarchy of risk control methods.
  • Evaluate to confirm if the hazard has been eliminated or if the risk is appropriately controlled.
  • Monitor to make sure the control continues to be effective.
  • Keep any documents or records that may be necessary. Documentation may include detailing the process used to assess the risk, outlining any evaluations, or detailing how conclusions were made.

When doing an assessment, also take into account:

  • The methods and procedures used in the processing, use, handling or storage of the substance, etc.
  • The actual and the potential exposure of workers (e.g., how many workers may be exposed, what that exposure is/will be, and how often they will be exposed).
  • The measures and procedures necessary to control such exposure by means of engineering controls, work practices, and hygiene practices and facilities.
  • The duration and frequency of the task (how long and how often a task is done).
  • The location where the task is done.
  • The machinery, tools, materials, etc. that are used in the operation and how they are used (e.g., the physical state of a chemical, or lifting heavy loads for a distance).
  • Any possible interactions with other activities in the area and if the task could affect others (e.g., cleaners, visitors, etc.).
  • The lifecycle of the product, process or service (e.g., design, construction, uses, decommissioning).
  • The education and training the workers have received.
  • How a person would react in a particular situation (e.g., what would be the most common reaction by a person if the machine failed or malfunctioned).

It is important to remember that the assessment must take into account not only the current state of the workplace but any potential situations as well.

By determining the level of risk associated with the hazard, the employer, and the health and safety committee (where appropriate), can decide whether a control program is required and to what level.

See a sample risk assessment form .

Overall, the goal is to find and record possible hazards that may be present in your workplace. It may help to work as a team and include both people familiar with the work area, as well as people who are not - this way you have both the experienced and fresh eye to conduct the inspection. In either case, the person or team should be competent to carry out the assessment and have good knowledge about the hazard being assessed, any situations that might likely occur, and protective measures appropriate to that hazard or risk.

To be sure that all hazards are found:

  • Look at all aspects of the work.
  • Include non-routine activities such as maintenance, repair, or cleaning.
  • Look at accident / incident / near-miss records.
  • Include people who work off site either at home, on other job sites, drivers, teleworkers, with clients, etc.
  • Look at the way the work is organized or done (include experience of people doing the work, systems being used, etc).
  • Look at foreseeable unusual conditions (for example: possible impact on hazard control procedures that may be unavailable in an emergency situation, power outage, etc.).
  • Determine whether a product, machine or equipment can be intentionally or unintentionally changed (e.g., a safety guard that could be removed).
  • Review all of the phases of the lifecycle.
  • Examine risks to visitors or the public.
  • Consider the groups of people that may have a different level of risk such as young or inexperienced workers, persons with disabilities, or new or expectant mothers.

It may help to create a chart or table such as the following:

Each hazard should be studied to determine its' level of risk. To research the hazard, you can look at:

  • Product information / manufacturer documentation.
  • Past experience (knowledge from workers, etc.).
  • Legislated requirements and/or applicable standards.
  • Industry codes of practice / best practices.
  • Health and safety material about the hazard such as safety data sheets (SDSs), research studies, or other manufacturer information.
  • Information from reputable organizations.
  • Results of testing (atmospheric or air sampling of workplace, biological swabs, etc.).
  • The expertise of an occupational health and safety professional.
  • Information about previous injuries, illnesses, near misses, incident reports, etc.
  • Observation of the process or task.

Remember to include factors that contribute to the level of risk such as:

  • The work environment (layout, condition, etc.).
  • The systems of work being used.
  • The range of foreseeable conditions.
  • The way the source may cause harm (e.g., inhalation, ingestion, etc.).
  • How often and how much a person will be exposed.
  • The interaction, capability, skill, experience of workers who do the work.

Ranking or prioritizing hazards is one way to help determine which risk is the most serious and thus which to control first. Priority is usually established by taking into account the employee exposure and the potential for incident, injury or illness. By assigning a priority to the risks, you are creating a ranking or an action list.

There is no one simple or single way to determine the level of risk. Nor will a single technique apply in all situations. The organization has to determine which technique will work best for each situation. Ranking hazards requires the knowledge of the workplace activities, urgency of situations, and most importantly, objective judgement.

For simple or less complex situations, an assessment can literally be a discussion or brainstorming session based on knowledge and experience. In some cases, checklists or a probability matrix can be helpful. For more complex situations, a team of knowledgeable personnel who are familiar with the work is usually necessary.

As an example, consider this simple risk matrix. Table 1 shows the relationship between probability and severity.

Risk Matrix

Severity ratings in this example represent:

  • High: major fracture, poisoning, significant loss of blood, serious head injury, or fatal disease
  • Medium: sprain, strain, localized burn, dermatitis, asthma, injury requiring days off work
  • Low: an injury that requires first aid only; short-term pain, irritation, or dizziness

Probability ratings in this example represent:

  • High: likely to be experienced once or twice a year by an individual
  • Medium: may be experienced once every five years by an individual
  • Low: may occur once during a working lifetime

The cells in Table 1 correspond to a risk level, as shown in Table 2.

Risk Ratings

These risk ratings correspond to recommended actions such as:

  • Immediately dangerous: stop the process and implement controls
  • High risk: investigate the process and implement controls immediately
  • Medium risk: keep the process going; however, a control plan must be developed and should be implemented as soon as possible
  • Low risk: keep the process going, but monitor regularly. A control plan should also be investigated
  • Very low risk: keep monitoring the process

Let's use an example: When painting a room, a step stool must be used to reach higher areas. The individual will not be standing higher than 1 metre (3 feet) at any time. The assessment team reviewed the situation and agrees that working from a step stool at 1 m is likely to:

  • Cause a short-term injury such as a strain or sprain if the individual falls. A severe sprain may require days off work. This outcome is similar to a medium severity rating.
  • Occur once in a working lifetime as painting is an uncommon activity for this organization. This criterion is similar to a low probability rating.

When compared to the risk matrix chart (Table 1), these values correspond to a low risk.

Risk Matrix / Ratings

The workplace decides to implement risk control measures, including the use of a stool with a large top that will allow the individual to maintain stability when standing on the stool. They also determined that while the floor surface is flat, they provided training to the individual on the importance of making sure the stool's legs always rest on the flat surface. The training also included steps to avoid excess reaching while painting.

Once you have established the priorities, the organization can decide on ways to control each specific hazard. Hazard control methods are often grouped into the following categories:

  • Elimination (including substitution).
  • Engineering controls.
  • Administrative controls.
  • Personal protective equipment.

For more details, please see the OSH Answers Hazard Control .

It is important to know if your risk assessment was complete and accurate. It is also essential to be sure that any changes in the workplace have not introduced new hazards or changed hazards that were once ranked as lower priority to a higher priority.

It is good practice to review your assessment on a regular basis to make sure your control methods are effective.

Keeping records of your assessment and any control actions taken is very important. You may be required to store assessments for a specific number of years. Check for local requirements in your jurisdiction.

The level of documentation or record keeping will depend on:

  • Level of risk involved.
  • Legislated requirements.
  • Requirements of any management systems that may be in place.

Your records should show that you:

  • Conducted a good hazard review.
  • Determined the risks of those hazards.
  • Implemented control measures suitable for the risk.
  • Reviewed and monitored all hazards in the workplace.
  • Fact sheet last revised: 2017-02-15

Shot of a group of young businesspeople working on a computer network during a late night at work

Risk management is the process of identifying, assessing and controlling financial, legal, strategic and security risks to an organization’s capital and earnings. These threats , or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents and natural disasters.

If an unforeseen event catches your organization unaware, the impact could be minor, such as a small impact on your overhead costs. In a worst-case scenario, though, it could be catastrophic and have serious ramifications, such as a significant financial burden or even the closure of your business.

To reduce risk, an organization needs to apply resources to minimize, monitor and control the impact of negative events while maximizing positive events. A consistent, systemic and integrated approach to risk management can help determine how best to identify, manage and mitigate significant risks.

At the broadest level, risk management is a system of people, processes and technology that enables an organization to establish objectives in line with values and risks.

A successful risk assessment program must meet legal, contractual, internal, social and ethical goals, as well as monitor new technology-related regulations. By focusing attention on risk and committing the necessary resources to control and mitigate risk, a business will protect itself from uncertainty, reduce costs and increase the likelihood of business continuity and success. Three important steps of the risk management process are risk identification, risk analysis and assessment, and risk mitigation and monitoring.

Risk identification is the process of identifying and assessing threats to an organization, its operations and its workforce. For example, risk identification may include assessing IT security threats such as malware and ransomware, accidents, natural disasters and other potentially harmful events that could disrupt business operations.

Risk analysis involves establishing the probability that a risk event might occur and the potential outcome of each event. Risk evaluation compares the magnitude of each risk and ranks them according to prominence and consequence.

Risk mitigation refers to the process of planning and developing methods and options to reduce threats to project objectives. A project team might implement risk mitigation strategies to identify, monitor and evaluate risks and consequences inherent to completing a specific project, such as new product creation. Risk mitigation also includes the actions put into place to deal with issues and effects of those issues regarding a project.

Risk management is a nonstop process that adapts and changes over time. Repeating and continually monitoring the processes can help assure maximum coverage of known and unknown risks.

There are five commonly accepted strategies for addressing risk. The process begins with an initial consideration of risk avoidance then proceeds to three additional avenues of addressing risk (transfer, spreading and reduction). Ideally, these three avenues are employed in concert with one another as part of a comprehensive strategy. Some residual risk may remain.

Avoidance is a method for mitigating risk by not participating in activities that may negatively affect the organization. Not making an investment or starting a product line are examples of such activities as they avoid the risk of loss.

This method of risk management attempts to minimize the loss, rather than completely eliminate it. While accepting the risk, it stays focused on keeping the loss contained and preventing it from spreading. An example of this in health insurance is preventative care.

When risks are shared, the possibility of loss is transferred from the individual to the group. A corporation is a good example of risk sharing — a number of investors pool their capital and each only bears a portion of the risk that the enterprise may fail.

Contractually transferring a risk to a third-party, such as, insurance to cover possible property damage or injury shifts the risks associated with the property from the owner to the insurance company.

After all risk sharing, risk transfer and risk reduction measures have been implemented, some risk will remain since it is virtually impossible to eliminate all risk (except through risk avoidance). This is called residual risk.

Risk management standards set out a specific set of strategic processes that start with the objectives of an organization and intend to identify risks and promote the mitigation of risks through best practice. Standards are often designed by agencies who are working together to promote common goals, to help to ensure high-quality risk management processes. For example, the ISO 31 000 standard on risk management is an international standard that provides principles and guidelines for effective risk management.

While adopting a risk management standard has its advantages, it is not without challenges. The new standard might not easily fit into what you are doing already, so you could have to introduce new ways of working. And the standards might need customizing to your industry or business. 

Manage risk from changing market conditions, evolving regulations or encumbered operations while increasing effectiveness and efficiency.

Speed insights, cut infrastructure costs and increase efficiency for risk-aware decisions with IBM RegTech.

Simplify how you manage risk and regulatory compliance with a unified GRC platform fueled by AI and all your data.

Better manage your risks, compliance and governance by teaming with our security consultants.

Identify IT security vulnerabilities to help mitigate business risks.

Create a smarter security framework to manage the full threat lifecycle.

Understand your cybersecurity landscape and prioritize initiatives together with senior IBM security architects and consultants in a no-cost, virtual or in-person, 3-hour design thinking session.

Understand your cyberattack risks with a global view of the threat landscape

Discover how a governance, risk, and compliance (GRC) framework helps an organization align its information technology with business objectives, while managing risk and meeting regulatory compliance requirements.

Find out how threat management is used by cybersecurity professionals to prevent cyber attacks, detect cyber threats and respond to security incidents.

The Cost of a Data Breach Report explores financial impacts and security measures that can help your organization avoid a data breach, or in the event of a breach, mitigate costs.

Keep up to date with the latest strategies from our expert writers.

  • ASSP Community
  • Member Benefits
  • Member Types and Qualifications
  • Employer Justification
  • ASSP Fellows
  • Past Recipients
  • Region SPY Past Recipients
  • Practice Specialty/CIG SPY Past Recipients
  • Chapter SPY Past Recipients
  • Chapter SPY Recipients Archive
  • Council Safety Professional of the Year Award
  • Committees and Committee Members
  • Committee Leadership Roles
  • Leadership Connection
  • Online ASSP Community
  • Local Chapters
  • Engineering
  • Environmental
  • Fire Protection
  • Global Operations
  • Industrial Hygiene
  • Manufacturing
  • Public Sector
  • Risk Management
  • Training and Communications
  • Transportation
  • Member Mentoring
  • Membership Directory
  • Get Involved
  • Board of Directors Elections
  • Council Vice President Elections
  • Regional Elections
  • Practice Specialty Elections
  • Common Interest Group Elections
  • Nominations
  • Past ASSP Election Results
  • Election Resource
  • Member-Get-A-Member
  • Community Leader Resources
  • My Learning
  • Education Catalog
  • Online Learning
  • Math Review
  • Safety Management
  • Leadership in Safety Management
  • Safety 2024: Call for Presenters
  • Leadership Conference
  • SafetyFOCUS
  • Diversity, Equity and Inclusion Summit
  • Global Education
  • Train Your Safety Team
  • ASSP-Owned Course Proposal
  • New ASSP Course Proposal
  • Instructors
  • Buy Standards
  • Standards Development
  • Active Shooter Technical Report
  • Confined Spaces (Z117.1)
  • Construction and Demolition Operations (A10)
  • Fall Protection and Fall Restraint (Z359)
  • Fleet/Motor Vehicles (Z15)
  • Hydrogen Sulfide Training (Z390.1)
  • Lockout, Tagout and Alternative Methods (Z244.1)
  • Machine Guarding (B11)
  • OSH Management (Z10)
  • OSH Management (ANSI/ASSP/ISO 45001)
  • OSH Training (Z490)
  • PPE for Women (Z590.6)
  • Prevention Through Design (Z590.3)
  • Risk Management (ISO 31000)
  • Safety and Health Metrics (Z16.1)
  • Temporary Workers (Z590.9)
  • Walking/Working Surfaces (A1264)
  • Work/Aerial Work Platforms (A92)
  • Certification and Accreditation
  • Call for Submissions
  • Book Proposals
  • Share Your Story
  • Submission Form
  • Online Bookstore
  • Professional Safety
  • Journal of Safety, Health and Environmental Research Archive
  • Salary Survey
  • Alliances and Affiliations
  • ASSP Safety Curriculum Guidelines
  • Government Affairs News
  • Safe + Sound Week
  • Position Statements
  • Risk Assessment Committee
  • ROI of Safety
  • Roles and Responsibilities of the Safety Professional
  • Safety Research Agenda

President's Message

  • For the Media
  • Fall Protection
  • Construction Safety Management Systems | ASSP
  • The Case for Safety Podcast
  • Career Center
  • What Can You Expect From OSHA in the New Administration
  • Business Skills and Leadership Webinars
  • Become a Safety Professional
  • By The Way, This Is Not The Way
  • Apply for a Professional Education Grant
  • Assessing Readiness for Total Worker Health
  • Making the Business Case for Total Worker Health
  • Risk Assessment and Management
  • Free Training Funded by OSHA Susan Harwood Grant
  • Free Field Inspection Management Software
  • Apply to Join
  • Membership Benefits and Qualifications
  • Student News and Events
  • Student Sections
  • Scholarships
  • Accredited Academic Programs
  • Student Membership Drive
  • Board of Directors
  • ASSP Fact Sheet
  • Past Society General Chairs and Presidents
  • Code of Professional Conduct
  • Society Bylaws
  • Society Operating Guidelines
  • Governance Proposal Background
  • Strategic Plan
  • Advertising and Sponsorship
  • Corporate Alliance
  • Current Sponsors
  • Jobs at ASSP
  • Staff Directory
  • Diversity, Equity and Inclusion
  • The ASSP Advisory Group

Risk Assessment and Management for Safety Professionals

What is risk assessment.

Risk assessment is a function within occupational safety and health (OSH) risk management that focuses on identifying potential hazards. The goal is to identify hazards, then analyze and evaluate the risks they create.

What Is Risk Management?

Risk management in OSH is a formal process for identifying hazards, evaluating and analyzing risks associated with those hazards, then taking action to eliminate the hazards or control the risks that can’t be eliminated to minimize injury and illness potential. Risk management is a critical step in any organization’s efforts to proactively mitigate risk before an injury or catastrophe occurs.

Why Is Risk Important in Safety?

Risk is the main cause of uncertainty in any organization. As a safety professional, you can help your organization identify and manage risks before an incident happens.

While your organization must comply with regulations and reduce its injury rate, those metrics force a rear-view mirror perspective. Applying risk management principles can help you proactively reduce risk, advance safety and drive a return on investment from safety programs.

Core Risk-Related Competencies

Many core competencies of risk are defined and described in standards such as ANSI/ASSP Z10 and ANSI/ASSP/ISO 45001, which address OSH safety management systems. Additional details are outlined in ANSI/ASSP ISO 31000, Risk Management, and ANSI/ASSP Z590.3, Prevention Through Design.

To effectively manage risk as an OSH professional, you should have a keen understanding of the following processes:

   Principles of Risk Management

The goal of risk management is to create and protect value through the following steps:

  • Integrate risk assessment into all areas of your organization.
  • Structure risk management to generate consistent results.
  • Customize the risk management program to specific internal and external objectives.
  • Include knowledge, views and perceptions from all stakeholder levels.
  • Anticipate and respond to changes and risks in a timely manner.
  • Identify data, historical and current, and define expectations to aid decision-making.
  • Acknowledge the influence of human performance and culture on risk management .
  • Continually improve risk management by evaluating previous successes and determining next steps.

   Data Gathering

Data gathering is the foundation for risk management and allows safety professionals and others to develop an understanding of what hazards and risks exist within a facility and how they affect worker safety.

During this phase, teams:

  • Conduct data and work analyses of recordkeeping documents, examining the work being performed, how it is being done, and the hazards and risks associated with it.
  • Conduct a proactive risk analysis of the probability of hazards harming a worker, and how severe that harm could be. This will help decision-makers analyze and prioritize the issues identified.

   Setting the Scope of a Risk Assessment Plan

Setting the scope includes determining the purpose, context and limitations for the risk assessment plan and mitigation of risks.

  • Establish a clear understanding of organizational objectives to determine risk criteria, risk scoring, stakeholder roles and responsibilities.
  • Use risk assessment tools such as a risk assessment matrix , failure mode and effect analysis, and risk heat map.

   Conducting a Risk Assessment

Conducting a risk assessment includes understanding the basics of common risk assessment techniques, including reducing operational risks, improving safety performance and achieving objectives.

Safety professionals conducting a risk assessment must first understand how to:

  • Identify risks
  • Conduct a quantitative risk analysis
  • Conduct a qualitative risk analysis
  • Conduct a risk evaluation
  • Communicate risks
  • Evaluate/analyze risk assessments
  • Establish acceptable risk
  • Prioritize risks
  • Establish risk control metrics and dashboards

   Treating Your Organizational Risks

Risk treatment is an iterative process in which safety professionals and other stakeholders formulate options to reduce risks, assess the effectiveness of possible controls and plan for implementation.

  • Determine the best treatment plan against organizational objectives, costs, the effort involved and available resources.
  • Develop a solid understanding of the hierarchy of controls decision-making process to reduce risks to acceptable levels.
  • Establish processes for monitoring the effectiveness of risk control measures.
  • Establish requirements and process for selecting and managing contractors to mitigate risk.

By protecting workers and helping to achieve business objectives as an OSH professional, you can position yourself as a high-profile leader who makes a real difference.

Go Beyond Compliance

Stay at the forefront of continuously evolving risk assessment tools and methods with voluntary OSH consensus standards . Safety standards go beyond regulations and reflect recognized best practices in the United States and internationally. Protect your team with voluntary consensus safety standards. Click a topic to learn more.

Latest Resources

Article: 4 Ways to Take Risk Management to the Next Level

Podcast: Tools and Techniques for Improving Risk Management

Book: Assessing and Managing Risk: An ERM Perspective

Request More Info

Risk education and training.

Our instructors are experts who have real-world experience. We carefully review and confirm their credentials and teaching abilities to bring you the most up-to-date education available. Select from a variety of formats and topics for practical, accessible and immersive education on risk.


Essential Risk Assessment Tools

Beginner 0-4 years | 1.4 CEUs Develop a foundational understanding of essential risk assessment tools for identifying hazards, modifying risk assessment tools and applying risk reduction concepts.


Prevention Through Design

Beginner 0-4 years | 1.4 CEUs Learn how to incorporate prevention through design concepts into decision-making related to the design and redesign of work premises, tools, equipment, machinery, substances, and work processes.


Risk Assessment

Intermediate 5-9 years | 2.1 CEUs Risk assessment is a dynamic process that enables OSH professionals to proactively manage workplace risks. Learn about the three main areas of conducting a risk assessment: hazard identification, risk analysis and risk evaluation.


Creating and Sustaining Effective Risk Assessment Teams

Intermediate 5-9 years | 0.5 CEUs High-functioning safety risk assessment teams are at the heart of any effective risk management system, and risk management is most effective when all team members understand the risk assessment process.


Risk-Based Incident Analysis

Intermediate 5-9 years | 0.5 CEUs Risk-centric concepts, like hazard classification and the hierarchy of controls, can yield valuable insights into common weaknesses in your management system and risk assessment methodology.


Enterprise Risk Management

Advanced 10+ years | 3.0 CEUs Develop a solid knowledge of risk management initiatives that will help you reduce risk across your enterprise. Practice effective ways to apply risk management methods that impact your entire organization.

Additional Risk Resources

Technical Publications

Technical Publications


Networking Opportunities


All participants are welcome. Please let us know of any accommodations that would make your experience better when you register.

Engage and Network With Risk Safety Professionals

Read the ASSP president's thoughts on the safety profession.

ISO 45001 Standard

This game-changing standard provides a global foundation for worker safety.

Connect With ASSP



  1. FREE 4+ Control Risk Assessment Forms in PDF

    risk assessment and control

  2. Risk Control Services

    risk assessment and control

  3. An 8-Step Risk Assessment for Your Facility's Security

    risk assessment and control

  4. Risk Control Self Assessment (RCSA) template in Excel

    risk assessment and control

  5. The 5 Step Process to Risk Assessment

    risk assessment and control

  6. Guidelines for effective risk management

    risk assessment and control


  1. Risk Management Best Practice (Recorded)

  2. Risk Management

  3. Understanding Risk

  4. Pilot Risk Management : Practical Tips

  5. Risk Management

  6. Risk assessment


  1. Risk Assessment: Process, Examples, & Tools

    Risk management is the proactive control and evaluation of threats and risks to prevent accidents, uncertainties, and errors. Together with risk assessment, these are all vital elements that help make informed decisions such as mitigating risks. Why is it Important?

  2. Risk Assessment and Analysis Methods: Qualitative and ...

    “Risk assessment is an inherent part of a broader risk management strategy to introduce control measures to eliminate or reduce any potential risk- related consequences.” 1 The main purpose of risk assessment is to avoid negative consequences related to risk or to evaluate possible opportunities. It is the combined effort of: “…

  3. CCOHS: Hazard and Risk

    Risk control – actions implementing risk evaluation decisions. Note: Risk control can involve monitoring, re-evaluation, and compliance with decisions. For definitions and more information about what hazards and risks are, please see the OSH Answers document Hazard and Risk. Why is risk assessment important? Back to top

  4. What is risk management?

    Risk management is the process of identifying, assessing and controlling financial, legal, strategic and security risks to an organization’s capital and earnings. These threats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents and natural disasters.

  5. Risk Assessment and Management for Safety Professionals

    What Is Risk Management? Risk management in OSH is a formal process for identifying hazards, evaluating and analyzing risks associated with those hazards, then taking action to eliminate the hazards or control the risks that can’t be eliminated to minimize injury and illness potential. Risk management is a critical step in any organization ...

  6. Risk Assessment: A Complete Guide

    The definition of a risk assessment is a systematic process of identifying hazards and evaluating any associated risks within a workplace, then implementing reasonable control measures to remove or reduce them. When completing a risk assessment, it is important to clearly define some keywords: