Connect with us: (011) 532 8802 This email address is being protected from spambots. You need JavaScript enabled to view it. Find Us Subscribe to Newsletter

The Continuous Risk Assessment Process

on .

The liabilities of the employer are highlighted by the OHSAct:

Section 37.  Acts or omissions by employees or mandataries

37(1) Whenever an employee does or omits to do any act which it would be an offence in terms of this Act for the employer of such employee or a user to do or omit to do, then, unless it is proved that –

(a) in doing or omitting to do that act the employee was acting without the connivance (def: Shut the eyes to / the pretence of being unaware) or permission of the employer or any such user;
(b) it was not under any condition or in any circumstance within the scope of the authority of the employee to do or omit to do an act, whether lawful or unlawful, of the character of the act or omission charged; and
(c) all reasonable steps were taken by the employer or any such user to prevent any act or omission of the kind in question,

the employer or any such user himself shall be presumed to have done or omitted to do that act, and shall be liable to be convicted and sentenced in respect thereof; and the fact that he issued instructions forbidding any act or omission of the kind in question shall not, in itself, be accepted a sufficient proof that he took all reasonable steps to prevent the act or omission.

Section 37(2) The provisions of section (1) shall mutatis mutandis apply in the case of a mandatory of any employer or user, except if the parties have agreed in writing to the arrangement and procedures between them to ensure compliance by the mandatory with the provisions of this act.

[“Mandatary” includes an agent, a contractor or a subcontractor for work, but without derogating from his status in his own right as an employer or user.]

Anticipating the occurrence of incidents in the workplace and mitigating their impacts can only be managed effectively if a company is aware of the risks involved in all of its operations.  Leaving the safety and health of persons in the workplace to chance is not only poor business management it is also illegal.  But how is it possible to realistically anticipate all possible risks in a workplace?

The continuous risk assessment process is a vital tool in managing occupational health and safety as well as ensuring the protection of the environment.  Many different risk assessment methodologies exist and although the legislation does no stipulate which methodology to use it is advisable that the risk assessment documentation addresses as a minimum the following criteria:

Activity description
  • Identification of individual hazards (not grouped)
  • Mathematical calculation of the risks attached to those hazards (5 point scales give more accurate representations than 3 point scales)
  • Evaluation of the effectiveness of the control measures in place
  • Monitoring and Review Plan which stipulates how the continuous risk assessment process is going to be maintained.

Any company should strive towards continual improvement, not only in terms of productivity, quality and profit but also in terms of its safety, health and environmental standards.  This dedication to continual improvement should be clearly stated in the company policy which must be signed by the CEO.

In order to achieve the continual improvement of standards in the workplace, a cycle of Planning > Implementation > Evaluation > Review needs to be in place.

This cycle is best demonstrated by the “Plan-Do-Check-Act” Management System Model.  This model shows the different requirements needed at each stage of the cycle to effectively manage and continually improve the safety, health and environmental standards in the workplace.


At the planning stage, all the components of the SHE Management System must be identified.

The legal and technical requirements which need to be adhered to must be identified.  To facilitate this process, consultation with experts may need to be held in both the legal and technical aspects of the work being performed by the company.

Risk assessments of all activities being undertaken in the workplace need to be conducted.  All hazards and their related risks must be identified and the projected effectiveness of the existing control measures evaluated.

Based on the legal and technical requirements identified and on the results of the risk assessments, any potential risks in regard to the safety and health of the persons executing the company’s operations must be determined.  Once determined, the mitigation of these potential risks must become company objectives and must be prioritised in order of importance or urgency.  The implementation of these objectives must be detailed in an action plan with specified time frames.


At the implementation stage, control measures must be put in place:
Personnel must be trained on the procedures to be followed for all operations and made aware of the hazards and risks they will be in contact with as well as the correct application of all control measures.

Documentation procedures must be implemented, which will include the regular completion of checklists, registers, reports, etc.

Reporting structures must be established to ensure effective communication between the different levels of operation.  Personnel must know who to report to in any event.

Emergency procedures, with the accompanying facilities and equipment, must be established.


At the evaluation stage, all procedures introduced at the implementation stage must be monitored, assessed or measured to collect information on their effectiveness.  The monitoring of the risk assessment will also take place at this stage.

Reports of all incidents (including near misses) must be kept.  These reports will be generated by several key members of staff and include:

  • SHE Representative monthly inspections
  • SHE Committee reports and recommendations
  • Incident investigations
  • First aid records, etc.

Auditing reports, whether froman Internal or External Auditor, will give the company valuable information on the effectiveness of its procedures as audits are unbiased inspections conducted by persons who are generally not directly engaged in the operations of the workplace they are auditing.


At the review stage, top management will use the information gained from the evaluation stage to conduct a review of the effectiveness of the SHE management system.  The incident reports and inspection reports will show where control measures have proved inadequate to control the hazards and risks and where additional control measures need to be introduced.

After reviewing all the available data, top management needs to develop an action plan with specific time frames to address and improve the effectiveness of the control measures and SHE management system as a whole.
Continual Improvement

In order for the SHE Management System to work, it must be implemented from the top of the company down.  If top management does not lead the process, continual improvement in terms of SHE management will fail.  Employees conducting the operations where the majority of hazards are present, require their management team to support them in every way possible to ensure that the risks of incidents and accidents are minimised.

By showing real commitment to the SHE Management System, top management will inspire employees at every level to participate.  When all the cogs in the “SHE Management Machine” are working, the machine will run smoothly resulting in continual improvement.