Some of our services have changed. Please see our services page for more details

How to carry out a risk assessment

What's involved and a form to complete your own with


A risk assessment is a systematic method of looking at work activities, considering what could go wrong, and deciding on suitable control measures. These control measures are designed to eliminate, reduce or minimize the risks of loss, damage or injury in the workplace.

It is a legal requirement for all organisations to carry out a risk assessment. If you have five or more employees you must also keep a written record of it.

Use the links below to find information on the steps you should take when performing a risk assessment in your organisation. 

  1. Identify hazards in risk assessment
  2. Establish who might be harmed and how in risk assessment
  3. Evaluate and decide on precautions in risk assessment
  4. Record and share key findings of risk assessment
  5. Review risk assessment regularly

4. Record and share key findings of risk assessment

Once you have evaluated the risks and decided on precautions you should

  • record your key findings on a template
  • prioritise your actions
  • set deadlines to achieve them by
  • share this information with employees.

You only need to keep a written record of your risk assessment if you have five or more employees. It is strongly recommend however, that all organisation do this.

Risk assessments will be among the first pieces of evidence requested by the enforcement authority in the event of investigation following and adverse event such as an accident or breach.

You should keep your risk assessments for at least 3 years. Any records relating to health should be kept for at least 40 years.​

​Carry out a risk assessment

​Once you are familiar with all the steps explained in this guide, you can carry out a risk assessment using our form.

​Use our risk assessment form​