Back to Glossary

Risk Assessment Last modified: April 24, 2026

impact hr ident
Risk Assessment

SECTION GUIDE

What is a Risk Assessment?

A risk assessment is a structured process used by employers to identify potential hazards in the workplace, evaluate how likely they are to cause harm, and implement controls to protect people. In the UK, it is a legal requirement under the Management of Health and Safety at Work Regulations 1999.

Put simply: a hazard is anything that could cause harm; a risk is the likelihood that harm will happen. A good risk assessment helps reduce both.

What does Risk Assessment mean in Health & Safety?

In Health & Safety terms, a risk assessment is about preventing accidents before they happen. Employers must make sure their workplace is safe for:

  • Employees
  • Contractors
  • Visitors
  • Members of the public

It covers hazards such as:

  • Physical: machinery, vehicles, slips, trips and falls
  • Chemical: solvents, cleaning agents, fuels
  • Biological: bacteria, mould, viruses
  • Ergonomic: manual handling, poorly set-up workstations
  • Psychosocial: stress, long hours, or poor workload management

The HSE requires that assessments are “suitable and sufficient,” meaning they must reflect the real risks of the business, not just a tick-box exercise.

A lady carrying out a risk assessment

Why does Risk Assessment matter for your Business?

A risk assessment for your business is a fundamental part of managing health and safety effectively. It’s not just a legal requirement, it’s a practical tool that helps you identify hazards, reduce risks, and protect your people and operations

  • Legal penalties – enforcement notices, fines or even prosecution from the HSE.
  • Injury or ill health – causing absence, claims, and costly downtime.
  • Reputation damage – unsafe workplaces lose staff trust and customer and stakeholder confidence.

On the other hand, carrying out a suitable and sufficient risk assessment for your business can deliver real commercial benefits:

  • Reduce accidents and sickness absence.
  • Keep insurance premiums and claims costs down.
  • Improve productivity by creating safer, better-designed work practices.
  • Show you are a responsible employer who values staff wellbeing.

For SMEs, a risk assessment for your business isn’t just about ticking a compliance box, it’s a smart investment.

By taking a proactive approach, you can minimise disruption, protect your team, and build a safer, more resilient business for long-term success.

Risk Assessment

Risk Assessment – Best Practices & The 5 Steps

Follow these five steps for effective workplace risk assessments:

  • Identify Hazards

    Look for anything with the potential to cause harm. Use:

    Examples: a trailing cable in the office (trip hazard), a forklift in the warehouse (collision risk).

  • Decide who might be harmed and how

    When carrying out a risk assessment, it’s important to look beyond your direct employees. Consider anyone who could be affected by your work activities, including contractors, agency staff, cleaners, delivery drivers, visitors, and even members of the public.

    Think carefully about how different people interact with your workplace. Ask yourself: who uses this space, when are they present, and how might they be exposed to hazards?

  • Evaluate risks and decide on controls

    Assess the likelihood and severity of harm, often using a risk matrix. Apply the hierarchy of control:

    1. Eliminate the hazard entirely
    2. Substitute with a safer alternative
    3. Use engineering controls (guards, barriers)
    4. Use administrative controls (policies, safe systems of work, training)
    5. Provide Personal Protective Equipment (PPE) as a last resort

  • Record your findings

    If you employ more than five people, this is a legal obligation, but all employers should do it. Your records should show:

    • Hazards identified
    • Who might be harmed
    • Existing control measures
    • Any further action needed and by when

  • Review and update regularly

    Risk assessments must be reviewed:

    • After significant changes (e.g. new equipment, processes, locations)
    • Following an accident, incident or near miss
    • At regular intervals as part of good practice

    Engage employees in the review – they’ll know whether safety measures are working day to day.

  • Common mistakes to avoid

    • Copying generic templates without tailoring them
      Using off-the-shelf templates can be a helpful starting point, but they must reflect your actual workplace, tasks, and risks. A generic document won’t stand up if it doesn’t match what really happens day to day.
    • Forgetting non-employees (like visitors)
      It’s easy to focus only on staff, but contractors, visitors, delivery drivers, and the public can all be exposed to risks. Overlooking them can leave serious gaps in your assessment.
    • Filing assessments away and never reviewing them
      Risk assessments should be living documents. If they’re not reviewed regularly, or updated after changes, incidents, or near misses, they quickly become outdated and ineffective.

Your Questions Answered

Everything you need to know about Risk Assessment

  • Is a risk assessment a legal requirement in the UK?Reveal

    Yes. Employers must carry out risk assessments under the Management of Health & Safety at Work Regulations 1999.

  • How often should risk assessments be reviewed?Reveal

    Following changes in work processes, equipment, or staffing changes; after an accident or near miss. It is a good idea to review as part of a routine management process. For this reason, annual reviews would be considered good practice.

    At least annually, and whenever there are workplace changes, accidents or near misses.

  • Do small businesses need to do risk assessments?Reveal

    Yes. All employers must assess risks. If you employ 5+ staff, you must keep written records.

  • What’s the difference between a hazard and a risk?Reveal

    • A hazard is something that could cause harm
    • A risk is the chance that harm could actually happen, and how serious it could be

    Example:

    • A wet floor is a hazard
    • The likelihood of someone slipping on it, and how badly they might be injured, is the risk

    In practice, risk assessments are about identifying hazards first, then evaluating the level of risk so you can put the right controls in place to reduce or remove that risk.

  • Can I use a template for my risk assessments?Reveal

    Yes, but it must be tailored to your business. Generic templates alone may not meet HSE’s “suitable and sufficient” standard.

  • Who is responsible for risk assessments?Reveal

    Employers are legally responsible, but managers should carry them out with employee input.

  • How long should I keep risk assessment records?Reveal

    At least 3 years, but many businesses retain them longer for insurance and compliance purposes.

  • What happens if I don’t do one?Reveal

    You risk legal action, financial penalties, and reputational damage if harm occurs and you cannot show risk assessments were in place.

  • Do self-employed people need risk assessments?Reveal

    Yes, if their work poses risks to themselves or others.

  • Can impact HR help me with risk assessments?Reveal

    Absolutely! We can carry out risk assessments, provide tailored templates, deliver training, and support your ongoing Health & Safety compliance.

  • How often should manual handling risk assessments be reviewed?Reveal

    Following changes in work processes, equipment, or staffing changes. It is a good idea to review as part of a routine management process. For this reason, annual reviews would be considered good practice.

  • Does manual handling apply in offices as well as manual jobs?Reveal

    Yes. Even in offices, staff may move boxes, furniture, or equipment. All workplaces should risk assess manual handling.

  • What are the risks of poor manual handling?Reveal

    Back pain, slipped discs, hernias, sprains, long-term musculoskeletal disorders (MSDs), and chronic absence.

  • Who is responsible for safe manual handling?Reveal

    The employer has overall responsibility. Managers must enforce safe practices, and employees must follow training and report risks.

  • Do I legally need to provide manual handling training?Reveal

    Yes. Under Manual Handling Operations Regulations 1992 (MHOR), employers must ensure employees are trained in safe practices. Training is vital for compliance and prevention.

  • What’s the maximum manual handling weight an employee can lift in the UK?Reveal

    There is no fixed legal maximum. Manual handling assessments should be carried out considering the task, load, individual capability and surrounding environment.

Where to find out more A collection of hand-picked useful resources for Risk Assessment from impact HR and beyond

Make an enquiry

Let’s talk

Start making your impact.

Whether you need day-to-day HR support, ad-hoc support or a long-term partner, we’re here to help.

Get in touch for a free initial chat — no pressure, just practical advice from people who get it.

0330 2369866
hello@impacthr.co.uk

Leicester: 6 St. Georges Way, 3rd Floor, St. George’s House, Leicester LE1 1QZ
London: 167 City Road, London EC1V 1AW
Leeds: Building 3, City West Business Park, Gelderd Rd, Holbeck, Leeds LS12 6LN
Essex: Halford House, 2 Coval Lane, Chelmsford, England, CM1 1TD