assessing risk: where should i start?

share this article:

It's a question that's top of mind for leaders at many organizations today — and with good reason. After all, integrating risk assessment, communications and controls across the enterprise is the kind of transformational improvement that can drive bottom-line growth. And considering the fact that a worker is injured on the job every seven seconds, making progress on risk and safety shouldn’t just be a business priority, but a human one as well.

So if where to start on risk assessments is a question on your mind, you've come to the right place. And while it shouldn't be a source of anxiety, it is a sure sign that you need to take action and start the journey. Here's how.

define "safety" in terms of desired outcomes

Safety is a pretty broad concept, and without defining what exactly you want to achieve, it’ll be hard to know what success looks like. And that means framing “safety" in terms of desired outcomes. Here are a few examples to help you think through outcomes that might be relevant to your business.

  • sustaining zero serious injuries or fatalities

  • achieving a desired number of risk assessments, audits and assessments targeting the prevention of serious injury

  • seeing gains in profitability and efficiency as a result of reductions in post-incident management (e.g., decreased cost of workers comp programs, claims management, litigation rates, etc.)

Of course, you'll need to define safety in terms that are specifically relevant to your organization. But these examples might help you start to think about the safety-related metrics you might want to prioritize.

shift to a proactive approach

For many companies today, the traditional approach to safety and risk is likely focused on, say, post-incident metrics. That's okay — at least for now. But backward-looking reporting isn't best-in-class when it comes to organizational safety and risk today. Celebrating a certain number of days without a safety incident means very little if your organization can’t point to specific behaviors and actions that drive desired safety outcomes. And “safety by luck” has proven to be a very poor strategy.  

What's required is a shift in mindset: Rather than looking in the rearview mirror, train your front-line supervisors and workers on how to identify risks, provide feedback on desired (and undesired) behaviors and connect performance goals to safety.

That means taking a proactive approach to safety — one that enables those closest to safety risks to more effectively anticipate and manage them. Enabling your front-line workforce to better manage safety is culturally empowering, and critically necessary to avoid accidents before they even happen.

But how?

The key is to create a feedback loop between the behaviors, actions and work practices that lead to desired outcomes — because, in reality, we all drift from known, safe work practices from time to time. So timely feedback from co-workers, supervisors and leaders is crucial in order to nudge us back to safe practices. Unfortunately, at many organizations today, this is still something to strive for.

But the good news is that reviewing these feedback loops — and the associated data — can be illuminating. This data contains a treasure trove of insights about possible areas for improvements across all business areas. From there, creating an intervention strategy capable of delivering those desired outcomes becomes much more feasible.

create a comprehensive safety management system

At the center of any safety improvement initiative — and the primary tool you'll use for monitoring and assessing risk — is your safety management system (SMS). Think of it as your overarching, comprehensive framework for getting ahead of organizational risk and safety.

To be effective, your SMS should account for the following five Ps from the National Safety Council:


Who's going to be on the front line of safety improvements at your organization — and who's going to ensure that protocols are adhered to going forward? You'll probably need to carry out a deep-dive job-hazard analysis for all functions and areas of your operations. Just make sure you have widespread buy-in and support first, because no safety initiative can get off the ground without dedicated people behind it.


You need to plan for risks, both over the short and long term. Getting stakeholders on board and aligned will be part and parcel of this proactive planning process (phew, that's a lot of Ps).


Best-in-class safety organizations have dedicated environmental health and safety (EHS) programs in place to ensure they're not only identifying and controlling hazards but effectively monitoring and measuring their impacts. Check out these guidelines from the Occupational Safety and Health Administration (OSHA) for recommended program practices.


Don't get complacent around safety and risks. Beginning your risk assessment is just the first step in a much longer journey — and you need to be constantly moving the needle. Carry out ongoing audits and reviews to ensure continual improvement.  


As we touched on in the last section of this article, measuring your performance is critical for developing insights and identifying additional improvements going forward. Think about the KPIs that matter for your organization, and institute regular reporting with senior leaders to ensure you're making headway. At times, you may find you need to course-correct, too — and that's perfectly fine. Agility and safety go hand in hand.

For more tips and best practices on safety management systems, head on over to the ISO 45001 website — it's the highest safety standard to meet for organizations today.

key takeaways

If you're not sure where to start with assessing risk, don't beat yourself up about it. You’re certainly not alone — that's the position a lot of organizations are in today. But you do need to take next steps now, because the cost of inaction is high, so you can't afford to delay.

Fortunately, a fresh assessment of the risks affecting your organization, together with a commitment to a strong framework to work through (like the ISO 45001 standard), should place you on the same path as many best-in-class organizations.

looking to solve a hiring problem? let us help you