If you’re an employer in the UK, knowing how to write a risk assessment isn’t just good practice — it’s a legal requirement under the Management of Health and Safety at Work Regulations 1999. A clear, structured risk assessment protects your employees, reduces incidents, and demonstrates compliance during audits, inspections, and insurance reviews.
This step‑by‑step guide walks you through the full process, using terminology and expectations aligned with UK regulators such as the HSE. You can use this as a practical reference or pair it with your own risk assessment template UK to streamline documentation.
1. Identify the Hazards
Start by walking around the workplace and observing activities, equipment, substances, and behaviours.
Consider:
- Physical hazards (machinery, slips, trips, manual handling)
- Chemical hazards (cleaning products, fumes, COSHH substances)
- Biological hazards (bodily fluids, bacteria, mould)
- Psychosocial hazards (stress, fatigue, lone working)
- Environmental hazards (noise, temperature, lighting)
Use incident reports, near‑miss logs, and manufacturer instructions to ensure nothing is missed.
2. Decide Who Might Be Harmed and How
A compliant UK risk assessment must specify who is at risk. This includes:
- Employees
- Contractors
- Visitors
- Members of the public
- Young workers, new starters, pregnant workers, or anyone with additional needs
Describe how harm could occur — for example: “Employees may suffer musculoskeletal injuries from repetitive lifting.”
3. Evaluate the Risks and Decide on Controls
This is where you assess the likelihood and severity of harm, then decide on suitable control measures. Use the hierarchy of control:
- Eliminate the hazard
- Substitute with something safer
- Engineering controls
- Administrative controls
- PPE (last resort)
For example:
- Replace a hazardous cleaning chemical with a safer alternative
- Install guarding on machinery
- Introduce training and safe‑system‑of‑work procedures
A risk assessment template UK usually includes a scoring matrix (e.g., 1–5 for likelihood and severity) to calculate risk levels before and after controls.
4. Record Your Findings
If you employ five or more people, you must record your assessment. Even if you don’t, written evidence is strongly recommended.
Your record should include:
- The hazards
- Who may be harmed
- Existing controls
- Additional actions required
- Responsible persons
- Timescales
- Residual risk rating
This is where a structured risk assessment template UK helps maintain consistency and audit readiness.
5. Implement the Control Measures
A risk assessment is only effective if the actions are completed. Ensure:
- Staff receive training
- Procedures are updated
- Equipment is installed or maintained
- Supervisors monitor compliance
Assign responsibilities clearly and set realistic deadlines.
6. Review and Update Regularly
Risk assessments must be reviewed:
- Annually (best practice)
- After an incident or near miss
- When new equipment, processes, or chemicals are introduced
- When staffing or layout changes
- If legislation or guidance changes
Regular reviews ensure your assessment remains accurate and defensible.
Get in touch with us for further information on Risk Assessments
Online Risk Assessment Course (Approved by IIRSM & CPD)
Why not take a look at our online Risk Assessment Course.
