4 Risk Management Strategies for Workplace Health & Safety

In 2019/2020, HSE’s summary report revealed 111 fatal injuries to workers and 700,000 workers sustaining non-fatal injuries in the workplace over the past year. 

How many of these incidents could have been prevented? Or could the severity of impact have been reduced? 

While it’s impossible to answer this question without an in-depth analysis of each incident on a case-by-case basis, we can look at overall non-compliance trends to know that there is still room for improvement. 

HSE’s enforcement report further shows that during the same period of 2019/2020, 342 non-compliance cases were prosecuted with a 95% conviction rate, resulting in a total of £35.8 million in fines for breaching health and safety offences. 

Behind these breaches is usually a lack of, or a weak implementation of, health and safety risk management.

It is thus critical for employers to have a robust health and safety risk management strategy in place, even if you trust your employees’ abilities or perceive the work environment to be low in risk. 

In this article, we will walk you through everything you need to know about health and safety risk management strategies, from its definition to a framework that applies this risk assessment template to manage health and safety risks in the workplace. 

What is organisational risk and risk management?

According to the Higher Education Funding Council for England (HEFCE), “risk” is broadly defined as ‘the threat or possibility that an action or event will adversely or beneficially affect an organisation’s ability to achieve its objectives.’

The HEFCE further defines risk management as “a process which provides assurance that: objectives are more likely to be achieved; damaging things will not happen or are less likely to happen; beneficial things will be or are more likely to be achieved.”

These broad definitions cover all types of risks an organisation faces, including financial, reputational, legal, environmental, technology, security, and operational risks. 

While health and safety risks technically fall under operational risks, its effects can spill over into every area of an organisation, such as reputation, finance, security, and environment. It is thus important to have a risk management strategy for health and safety.

What is a risk management strategy?

A risk management strategy is a planned and systematic approach to identify, assess, and manage risks. It is essentially a cost-benefit analysis of any type of organisational risk identified.

When applied to health and safety, a risk management strategy helps an organisation identify the risks and hazards that can harm an employee or cause damage. 

Once identified, the strategy acts as a guide to set priorities and allocate resources for the necessary actions to remove or lower these risks. The end goal is to prevent or reduce incidents and work-related ill health.

The importance of a risk management strategy for health and safety

Many studies have shown that people tend to think they have more control over events than they actually do due to cognitive biases such as confirmation biases. 

A confirmation bias is the tendency to ignore evidence that contradicts one's beliefs. This can lead to overconfidence or excessive belief in one's abilities and judgment, which in turn can lead to assumptions and the feeling of having control over events.

Cognitive biases can be dangerous when it comes to health and safety. Here’s an example of how they can impact workplace health and safety. 

Let’s say a group of employees in an organisation has an outstanding performance record. As a result, their supervisor trusts in the employees’ skills and ability to make decisions with sound judgement. 

Then, the company invests in new equipment. Instead of conducting a risk assessment, the supervisor trusts the employees’ skills and ability to use the new equipment safely. The supervisor may have seen some safety red flags, but due to the confirmation bias, rejects the red flags that do not support his or her preconceived beliefs.

Unfortunately, ignoring these warning signs led to an incident that harmed the employees.

Although this is just an example, far too many incidents in the workplace follow this pattern of cognitive biases leading to assumptions that cause incidents. 

This is why it’s important to have a risk management strategy in place. A risk management strategy is a system designed to interrupt assumptions by challenging cognitive biases and putting them under a magnifying glass. Thus, appropriate action can be taken to avoid or minimise the risks and help prevent incidents from happening.

The benefits of risk management strategy for workplace safety

The financial and human cost of workplace incidents and work-related ill health is staggering. The “Health and safety at work: Summary statistics for Great Britain 2020” report released by HSE shows:

The financial costs of workplace incidents and work-related ill health in 2018/2019:

• £16.2 billion in annual costs of work-related injury and new cases of ill health, excluding long-latency illness.
• £5.6 billion in annual costs of new cases of workplace injury.
• £10.6 billion in annual costs of new cases of ill health, excluding long-latency illness.

The financial costs of workplace incidents in 2018/19 to Britain according to the cost bearer:

• £3.5 billion by the government.
• £3.2 billion by employers.
• £9.6 billion by individuals.

The financial and human cost of non-fatal work-related injury in 2019/2020:

• 111 workers killed at work.
• 693,000 workers sustaining a non-fatal injury according to self-reports from the Labour Force Survey.
• 65,427 non-fatal injuries reported by employers under RIDDOR
• 6.3 million estimated working days lost.

The financial and human cost of work-related ill health in 2019/2020:

• 1.6 million workers suffering from work related ill health (new or longstanding).
• 638,000 workers suffering from a new case of work-related ill health.
• 13,000 deaths each year estimated to be linked to past exposure at work, primarily to chemicals or dust.
• 32.5 million working days lost.

Applying a risk management strategy to health and safety in the workplace can help to reduce these high costs amongst many other benefits, including: 

• Reducing or removing the risks and hazards that can lead to work-related injuries or ill health.
• Reducing work-related injury and ill health costs upon the employer and individuals.
• Minimise the impact of incidents, which can save workers from life-sustaining injuries or death.
• Reduce costs of asset damage.
• Minimise downtime as a result of employee leave or asset damage.
• Managers and employees spend less time creating reports or investigating incidents that happen in the workplace.
• Improves decision-making when managers and employees are better informed of the risks present in the workplace. 
• Improves productivity and operational management.
• Improves client and customer service with minimal service disruption or downtime. 
• Helps an organisation reach their targets more effectively and efficiently. 
• Boosts an organisation’s reputation for safety and employee-care.
• Boosts employee happiness.
• Attracts top talent and reduces turnover rates. 
• Ensures compliance with health and safety laws and legislations.
• Minimises or eliminates fines for health and safety non-compliance. 
  

The different types of risk management strategies

There are four types of risk management strategies that can be applied when a company evaluates the cost-benefit of health and safety risks in the workplace. 

1. Risk acceptance
   Definition:
   Infrequent or small risks that are worth accepting and do not require allocating resources to take actions that mitigate the risks. Actions or activities associated with these risks are allowed to continue.
   
   Applied to: 
   • Minor risks that do not have the potential to be catastrophic for the safety of employees; 
   • Minor risks that do not have the potential to be exorbitantly expensive upon the employer in terms of health costs, downtime, or asset damage. 
     
     
2. Risk transference
   Definition:
   An organisation passes the risk to a third party who will take responsibility for the risk they’re most suited to handle.
   
   Applied to: 
   • Risks that require special skills to manage or mitigate, which the organisation does not specialise in or have the specialists for; or 
   • Risks that require special equipment to manage or mitigate, which the organisation does not specialise in or is too expensive to invest in.
     
     
3. Risk avoidance
   Definition:
   The actions that cause the risks are eliminated to avoid the risk completely.
   
   Applied to: 
   • Risks that have too much potential to be catastrophic for the safety of employees; or 
   • Risks that have too much potential to be catastrophic for the safety of employees; or 
   • Risks that have too much potential to be exorbitantly expensive upon the employer in terms of health costs, downtime, or asset damage; or
   • Risks that do not have any potential way to minimise its impact; or
   • Risks whose preventive actions are too costly upon the employer; or
   • Risks that are not worth taking for any of the above reasons in exchange for the potential benefit of the action.
     
     
4. Risk reduction
   Definition:
   Also known as lowering or mitigating risks, risk reduction is taking action that minimises the severity or impact the risk can have upon financial or human costs.
   
   Applied to: 
   • Risks that can be confidently reduced through the use of safety equipment or change of behaviour; or
   • Risks that are worth investing the resources to mitigate in exchange for the potential benefit of the action.
     

Risk management framework for workplace safety

Now that we understand the importance, benefits, and types of risk management strategies for workplace safety, the next step is to implement a risk management framework. 

While broad risk management frameworks can be applied to all types of organisational risk, here, we will dive into a specific framework for workplace safety. This framework consists of four key stages.

Stage 1: Risk Assessments

The first stage is assessing the risks. There are two processes to identify the risks in a workplace environment. 

The first process is by conducting a health and safety risk assessment. You should also additionally conduct a lone working risk assessment if you also employ workers who work alone at any point of time during their shift. 

The objective of a risk assessment is to identify all the different types of potential risks to employees’ health, safety, or well-being, from environmental hazards to lone working risks. 

The second process of identifying risks is through a hazard reporting system. All employees and managers must know what they need to do when they see a potential safety hazard in the workplace. 

Once you have identified all potential risks through risk assessments and a hazard reporting system, the next stage is to assess these risks.

Stage 2: Risk Analysis

At this stage, you will evaluate each risk according to two factors:

1. The likelihood of an incident occurring due to this risk; and
2. The impact that the risk can have on employee safety or company expenses should an incident occur due to the risk. 

You can grade each risk using the following risk analysis matrix:

Stage 3: Risk Control

In the third stage, the management needs to evaluate the type of risk management strategy to apply for each risk: risk acceptance, risk transference, risk avoidance, or risk reduction. 

In general, risk acceptance can be applied to low-scoring (green) risks, while anything above medium needs to either be transferred, avoided, or reduced. 

Stage 4: Risk Monitoring

The final stage is risk monitoring to review how they have changed over time.

All risks, including the low-scoring (green) risks, need to be regularly monitored to keep things under control. This is because even low risks have the potential to become higher risks that will require new preventive actions or corrective action plans.

After this stage, the process will repeat to begin again at Stage 1, which is conducting regular risk assessments. 

Following Up on a Risk Management Strategy

The success of a risk management strategy lies in the follow-up actions you take. 

Accepting, transferring, or avoiding the risks identified require minimal actions from managers or employees involved with day-to-day internal operations. 

Risk reduction, however, requires constant attention and focus. At Vatix, we provide numerous tools that help managers and employees effectively and productively stay on top of risk reduction actions. 

Check out how Protector can reduce risks for your lone workers and high-risk or site-based workers as well as streamline incident and hazard reporting. For preventive and maintenance actions, see how Workflows can digitise your inspections with integrated task management for better quality inspections and faster resolution of preventive and corrective actions.