Good morning all I wondered whether I could have your views on something that has been proposed to us for our risk assessments. We have been finding that some of the historic risk assessments are not up to the standard and to make them even more meaningful to the trades on site it has been suggested that we remove the scoring out of risk assessments altogether. The reason behind this is that often some of the trades find the scoring confusing, lots of inconsistent scoring, different matrices used, different people score differently in their opinion of risk etc. So we have had some in depth discussions questioning "why do we need it in there?" as all the guys at the 'coal face' just really need to know what the hazards are and what they need to do to carry out the work safely. There are also differences of opinion on this as some specialists have argued that how can you show you have reduced the risk if you don't score and how do you know what are the highest risks are so you can deal with these? I would welcome people's views on this, as I have never thought about doing it this way. The feedback we have had from the trades is that they find these easier to work with this method on site as basically it shows them a quick and easy way of working safely. (Almost their method statement really?) Pros and cons (and meeting legal requirements), please discuss!

Agreed. I have always found that non H&S people find a traffic light system - red, amber, green (high, medium, low) far more user friendly.

No legal requirement for scoring matrices, and no legal requirement to issue risk assessments to the workforce. R/A is a management tool - not a work instruction. Risks reduced SFARP, suitable and sufficient, frequent review etc. 'Evidence' that process of assessment has been applied should be by authorised signature of accountability - this is a legally discoverable document! We've had similar discussion here on several threads. Beware of "paper safety."

Great reply, completely agree.

As per the previous post, there is no legal requirement to categorise risk. Having worked on both sides of the equation here, I can say that I do not find ranking the hazards particulalry useful. What goes into the risk assessment is what the person doing the job needs to know to do the job safely and as such all the controls in the risk assessment have to be implemented to do the job safely. In my experience categorising the risk at the point of execution is not of benefit. Are the controls treated with differently dependent on the categorisation of risk? If the control identified in the risk assessment is not in place the job isn't done so it makes no odds the categorisation. Hope this is useful.

RA can be either quantitative (matrix) or qualitative (who,what, by when, etc.). Both can be useful but have different applications. I think the biggest mistake companies (including mine) make with regard to managing RAs is going either this or that way, while both kinds of RA can be use successfully for different processes.

I agree with other posters that there is no need for using a numbered matrix. In the last place I worked we did use a matrix, but in my current company I don’t. I was however discussing these two ways of recording an assessment with a manager. I explained both and showed examples, saying that he would be getting some training soon on how to do risk assessment. He actually responded that he could see that the workers if they had to look at them would be slightly better off with just High, Med and Low, but if he had to do them he liked the matrix as he felt it helped take him through the process and helped him to decide easier if it was High, Med or Low. He did seem to be able to follow what was going on in the assessment logically across, without prompting from me. He then said as he knew I intend to completely rewrite all our assessments that he would want mine to have a matrix, so he could see if it was the likelihood or the severity was the thing I either considered high or low. He also expressed that he could easily see that following the controls where it is scored again that the result of the control altered the severity or likelihood (he could see the effect and importance) I guess what I got out of the conversation was that for me to do the assessment it was easy enough to go straight to High, Med or Low. However, for others especially for those who may only do them infrequently (as I will do most) then they may prefer what seemed to be considered a methodical approach. It would also allow me to consider what they were thinking when they created one (are they considering death when that was possible, but not the likely outcome). As I don’t mind which way I record it, I thought I might give all the managers a choice (majority wins). The only other comment I have is that where we used to use the matrix when we had a significant number of Med risks, it did sort of help prioritise, ie which were closest to high and which were closes to low, when considering projects to improve/ reduce to ALARP. I will admit though when this has come up on this forum in the past the scoring method seems to have been looked down upon, as not being for professionals. At the end of the day it is a tool, so do what works for you and your company. Chris

I think you've already got the answer (and I agree with the consensus in general - I dislike the numbered scoring systems), but on this specific comment: Really? If you gave them the choice of going into a cage with a hungry tiger or going into one containing a sleepy dormouse they'd need to fill in numbers on a bit of paper to establish which had the highest risk? You know what's the highest risk because you've assessed the risk holistically, without arbitrarily reducing it to two trivialised numbers. Almost invariably the numbers in an A x B = C type assessment have been massaged anyway because the person filling it in knew what C they wanted and adjusted A and B to get there without contradicting the other rows in that table anyway. (There are exceptions - I've done some potentially 'risky' stuff with O&G, and they knew such matters as the energy potential of the discharge spark from a thungummy docking with a wotsit and the ignition potential of a cloud of whatever-it-was and had hard quantitative figures to go into a table, but in most other industries it seems to me someone says "oooh, let's say it's a umm, two").

It depends --risk matrices have a place in the assessment process, but probably not for "simple" risks. The key to using the matrices is that there is CLARITY in the description of both the probability and consequences--and that this is properly understood by the risk assessment "team"--as most risk assessment includes those who do the work, other experts and so on. Ultimately for complex risks, there needs to be a means to justifying how one arrived at the judgement whether the risk is low, medium or high --obviously in some cases, one may not even need a risk assessment to make that judgement--!

That is why the headings for probability need to be supplemented by descriptors. In our case we have:- Very Likely-Possibility of Repeated Incidents • Similar event may occur at Site every 0-10 yrs • Has happened several times at Site or many times in Company 0.1 to 1 Nominally: 0.3 i.e. Probability of Occurring per year of exposure Somewhat Likely i.e Possibility of Isolated Incidents • Similar event may occur at Site every 10-40 yrs • Has happened once before at Site or several times in Company 0.01 to 0.1 Nominally: 0.03 Unlikely i.e Possibility of Occurring Sometime • Similar event may occur every 10-40 yrs at one of 10 Company Sites • Has not happened before at Site or has happened a few times in Company 0.001 to 0.01 Nominally: 0.003 Very Unlikely i.e Not Likely To Occur • Similar event may occur every 10-40 yrs at one of 100 Company Sites • Have been isolated occurrences in Company or has happened several times in industry 0.0001-0.001 Nominally: 0.0003 Practically Impossible • Has happened once or not at all in Company • Has happened a few times or not at all in industry <0.0001

Let us agree to disagree. In higher hazard industry, not necessarily COMAH Site, when undertaking scenario based and similar risk assesments, such descriptors indeed help--and also, the aim ultimately is that nobody gets hurt at all--the aim is not only to prevent fatalities! Properly designed and "used" ( by trained/expert teams) risk matrices also support justifications whether risk is potentially above, at or below SFAIRP/ALARP levels and prioritising actions The key to robust judgement of probability is reliable data--and that remains for most of us a guess but not all of us But my posting also included that risk matrices are not essential for simple risks.

We all I think like certainty and this is probably where matrices developed. The problem is that except in an engineering sense for plant and equipment failure rates thus likelihoods cannot really be assigned a number. A large number of units have to be manufactured before such rates can be identified and there lies a great deal of statistical analysis and confidence calculation behind all engineering/manufacturing failure rates. Put people into it and the uncertainty climbs astronomically. Even claims of High Medium and Low rely on some background idea of a numerical figure in the assessors head. All that said people can be trained to use matrices far better than "simple high medium low based on my experience type systems" Through training and subsequent mentoring one is able to produce an in company system that tends to produce the same results regardless of the individual assessor. As long as the particular system is understood the results will tend to agree. After all we should be working towards the local management and operatives formulating the RAs rather than us "experts". We all have our own background experience and what I would regard as High might not be so by another professional. But then I have survived a major explosion, witnessed the aftermath of some nasty fatalities, witnessed close hand Occ Health deaths and talked to steeplejacks who think they are invincible. Not forgetting sundry and many operatives who can they believe climb ladders without hand hold.

Or why did you make it low instead of medium risk! Same argument.

Firstly - making RAs more 'understandable for the trades' is to misunderstand the purpose of RA - which is a management decision-making process (employer duty). So it needs to be 'manager-friendly'. The information derived from the RA process is best done via specifically targeted information for users. It can be a notice, leaflet, instruction, TBT or a suite of training or all the above. Handing out RAs is pointless, especially if they are full of matrices and pseudo science mumbo-jumbo. If you follow the HSE RA model (not a matrix in sight - never has been) their example RAs could be used for informing anyone and everyone, although I am still a fan of splitting up the outcomes into 'management to do' and 'employees to know / follow' and recomposing this information into manager action plans and worker instructions. Excepting high-hazard process and engineering functions, where probabilities CAN be given a number, most other workplaces / organisations just do not need - or benefit from - such a worthless method. Who is teaching this stuff? I have suffered these in client organisations over many years. I have yet to be convinced that multiplying one guess (how likely is this?) with another guess (how bad will / could it be?) makes for any kind of actual fact - coming up with a single 'risk' number lends the process instant but fake credibility. And then - so what? This method takes energy and attention from the real task - solving and managing actual safety problems. I know that managers manipulate these numbers to get the answer they want. In a recent company, when I queried why a 10 page risk assessment form was needed when the actual work instruction (also 10 pages) started with a (better!) summary of all the hazards and control measures anyway. The manager laughed and said he wrote the instructions when the plant was set up, but then 'had to fill in a form' so just made the RA form fit the existing instruction. Of course. The 'before' and 'after' numbers game is the worst example of silliness as science. No wonder H&S (and RA) makes people groan and raise eyebrows. Junk the scoring / numbers / matrices NOW and start doing proper decision-making and communication!

Ultimately all risk assessments are subjective and a crystal ball gazing exercise. Just some are more subjective and open to opinion than others/other issues. At best any form of 'scoring' gives a guide to whats important and hence should be tackled as part of risk reduction/mitigation. Some engineering QRAs are a little less subjective as frequency failure databases are available to give failure rates of items of equipment e.g. pressure equipment, level switches etc.

I couldn't agree more - the matrix is a flawed concept. A more serious outcome to an incident is possible but always less likely, likelihood V severity is inversely proportionate. A simple trip at work is quite likely, but in nearly all cases results in little or no injury (L = high, S = low). Alternatively a trip might lead to a serious injury, but this is quite rare (L = low, S = high). What a waste of time when we need to simply manage risks properly. Might be handy for individuals/teams to do some prioritisation but the focus on scores is otherwise distracting.

It’s the same difference isn’t it? If I think about a hazard and all the alternate outcomes with their individual severity and likelihoods in my mind, then decide overall the risk level is say Medium, then just write medium on the assessment. Or I do the above and assign a number to severity and Likelihood and overall level and write that down on the assessment as I go and the number 9 happens to equal medium. So what? Is there any significant difference? it is just as biased either way on the assessors training, knowledge, experiences, general attitude, if you’re a glass half full or half empty sort of person, etc, etc. It’s a bit like showing your working out in a maths test at school? Except you don’t get half marks for showing the correct process if you get the answer wrong. Perhaps some do not like showing their working out :o) The whole thing is flawed if you want to look at it that way. A Risk assessment is a tool and a flawed one at that, but it is the best we have. It at best is a structured way at looking at the issues surrounding an activity, but different people following the same process will end up with different answers, whether it is numbers or words, just as non-scientific, but at least methodical. Whether someone ends up with a Medium or a high or a 9 or a 16, we still look to see if things can be improved – so what difference really. Yes, the only possible advantages to scoring I can see is potentially the ability to rank risks easier and possibly when your assessing someone else’s assessment (who is not a H&S professional) to check they are not considering a simple trip in an office could result in death. Conversely without the numbers it is less cluttered, and possibly less daunting to those that have never seen an assessment. I would not say easier to understand as if you can’t get your head around the simple concept, then you’re going to struggle with the assessment anyway – What does Medium mean? Medium for who. One person’s medium is another’s high or low, it is all subjective.

I have in my previous post:- For example, when undertaking risk assessment that requires to make judgements regarding ALARP etc, even if it is not in one of the permissioning regimes, risk matrices do have a role, and to state that one can do without them is not " suitable & sufficient" risk assessment. While the HSE is not explicit in its guidance for the use of risk matrices, I caanot see how in specific cases one arrives at an ALARP judgement without it. The HSE References are implicit for the use of risk matrices for some aspects:- http://www.hse.gov.uk/risk/theory/alarpcheck.htm

To use the term "nonsense" even if without intent, is neither being constructive nor respectful of differing opinions. The HSE itself in its FAQs' on "Risk Management" informs:- What are risk matrices? http://www.hse.gov.uk/risk/faq.htm#q27 Most businesses will not need to use risk matrices. However, they can be used to help you work out the level of risk associated with a particular issue. They do this by categorising the likelihood of harm and the potential severity of the harm. This is then plotted in a matrix (please see below for an example). The risk level determines which risks should be tackled first. Using a matrix can be helpful for prioritising your actions to control a risk. It is suitable for many assessments but in particular to more complex situations. However, it does require expertise and experience to judge the likelihood of harm accurately. Getting this wrong could result in applying unnecessary control measures or failing to take important ones.

Bazzer The end game maybe but at what cost? In terms of effort, energy, and beaurocracy, why go to all that trouble to come up with the answers (risk control measures) you would probably have thought of anyway if you had all sat in a room and asked "what can cause harm here and what can we do about it?" But it is the pseudo-scientific impression of 'fact' which numerical techniques infer, especially 'before and after' that really bothers me. Well said Ray. Nobody is starting from scratch these days - we have been at this "risk assessment" malarkey for 25 years, and the HSWA for even longer.There are pretty standard rules and procedures for most common processes and activities, so the test could just as easily be "is it reasonably practicable to do this, this and this?". Risk assessment doesn't produce new solutions - just recycles the old ones. (nothing wrong with that either). Not sure what is meant by 'both systems': I have counted at least 4 variations in this thread. With / without scoring matrices. Matrices for both pre-controls / post controls. With matrices ranging from 3x3 to 10x10. Or words, or colours, instead. I go back to my question - how did the scoring system arise anyway? And if it's flawed, why won't it go away?