How long should one be, just had an event where a customer said they were bored after page 3 and it was way to long, find it odd a professional would not look through full content to see what was relevant or not in their opinion 3 pages or 30 depends what's needed

Generally, 2 sides of A4. Problems arise when the "Risk Assessment" aslo masquerades as the safe operating statement and method. Nothing wrong with a bit of cross-referencing and companion documentation. This most important question that any Risk Assessment must ask is often missed in these lengthy 'assessments', i.e. am I doing enough to mitigate risk, or do I need to do more?

Suitable and sufficient... listing all the major/serious hazards and the control measures needed to make them as safe as is reasonably practicable. If its takes three lines or three hundred it matters not a jot. As long as it is as stated.

Yup, that's what I meant by "generally"!

When Risk Assessment getting long and long, nobody will read it ..try to use other techniques such BOW-Tie diagram if practicable .. ( more understandable and can be summarized in one page) if not , just concentrate in more significant if practicable and at same time you have to comply with required legislation. SHV

Without seeing the contents of the RA it's difficult to say whether it's too long or not long enough. As many have said, it should be long enough but not overly elaborate. I think this thread is indicative of much of the documentation in our industry - paper safety. Reams of pretty useless paperwork which no one can be bothered to read or sometimes apply. I take the view less is more. However, in some worlds like consultancy it is often the opposite. I was once given a task to write 400 words on a subject, roughly an A4 page, and reduce it to 200 words without losing the key aspects of the topic. With a bit of trial and error it can be done. It's amazing how many adjectives, adverbs, prepositions, etc we use which are not necessary.

Much appreciate the feedback I always look to what needs to be covered and so it depends on the site and what's happening but was somewhat surprised to hear someone say bored after page 3 from quite a large busy site

Agree with the "it depends, but no longer than necessary" consensus. Trouble arises when you have no control over how risk assessments are used. For example, if your company uses the results of the RA to generate appropriate training materials, the assessments can be a lot better (shorter!) than if you use the risk assessment AS the training materials (as happens all too often).

Chris, from what I know about you I agree with what you say, not HSE. This is a case of "I don't know what I don't know".

When I wrote this I wasn't suggesting to copy the detail just to follow the method.

It's an interesting point that has been made about the HSE. Now if we think about it the risk assessment legal requirement is 'in essence' to ensure we are meeting statutory requirements and technically we could just write 'yes we are meeting our statutory requirements' and that could be the significant finding. However the difficulty is that the Health and Safety at Work Act 1974 sets out general requirements which can be twisted by lawyers and/or the HSE, when things go wrong, to cover just about anything they want it to, and there is our difficulty. I do not, for example, see any specific statutory requirement to assess each and every task and yet often we are either asked by the HSE for the 'task assessment' or else the same for a civil claim. The HSE and EU Management Directive have conveniently left things as general as they can so that they themselves cannot be held to account for missing something and instead can point he finger to the relevant company and person by just asking 'hey have you the assessment for this or that'. Now if you have the great, but if not then of course you/we are fault! So the Safety Advisor simply follows the same approach and does the old CYA. Those HSE RA's would often not stand up in court, in my opinion, but they are not tested in court because they are not actual risk assessments being used on the job and where something has gone seriously wrong. The governments have been continuously eroding the HSE's resources and so they are moving from being a guidance and enforcement agency to being more of an auditing and enforcement agency and in the blame culture which we operate more and more so everyone seeks to CYA. The responsibility for this starts with the government and public bodies. If you issue a RA and the 'customer' does not like it then it's their issue in my opinion because if you/we produce something less just to satisfy their 'liking' and something goes seriously wrong, then we can be sure they will not be standing in front of the judge taking their share of the blame, and instead they will be pointing the finger at the Safety Advisor and saying well 'their risk assessment did not really give us the full facts your honour' and the HSE would likely be saying 'it was not suitable and sufficient' bla bla bla. If the RA has my name on it then it will be as I decide, and taking into account how I see things, and if someone else wants to put their name on it then they can write as they want, and answer for it if something goes wrong. If someone says they are 'bored' when reading it then basically that is just a cop out from someone who has little respect for the work the Safety Advisor has done or else the responsibilities and vast amount of legal and moral duties which must be considered along with a taking into account also decisions made by courts over the years. The Safety Advisor could equally say I am bored having to write long risks assessments so 'Hey Mr Customer, get your act together and eliminate the hazards and control the risks properly and then my RA's will be shorter'. Also Mr Customer do take a trip down to Parliament and ask them to repeal the law with regards to RA and then you will not longer require an RA, oh by the way good luck with that one. :-) Governments have been eroding the HSE's resources for years, as they have with the Fire Brigade's, my question is what are IOSH saying about it? Regards.

Customers normally get what they want. You have assessed your risks and put in place from it what you need to put in place. You also need to provide information to allow any interaction between your people and theirs or their customers. What you tell them providing it is sufficient to do this, will not alter what you have put in place. So perhaps all they need is a summary of issues and controls (with a bit more for areas of interaction with their people / processes), you could even refer back to full assessment. You still have your assessment should things go pear shaped. Just a thought

I am concerned that safety practitioners may be doing, writing (!), defending and therefore must see themselves, professionally, as responsible for 'risk assessment'. No matter who picks up the pen or keyboard etc, the employer is responsible for RA adequacy. If those making safety decisions (or assessing risk) are required to be competent, it's hard to see how or why the SA should (ever) be the one person 'doing' and defending RAs, as surely they are not all-knowing, all-seeing experts in all the tasks, jobs or activities. Or am I missing something? There are so many debates on this forum about what RA is, isn't, should / shouldn't be, it would be funny if it wasn't so worrying. Why do we sit back and let the HSE set the only standard for what RA is or looks like?