Risk Assessment Guide Australia | WHS Best Practices

Master risk assessment for Australian workplaces. Proven WHS methodology to identify, evaluate and control hazards — from Sydney's trusted safety experts.

Risk Assessment Guide Australia | WHS Best Practices

Understanding Risk Assessment in the Australian Context

Risk assessment is the systematic process of identifying hazards, evaluating the risks they present, and determining appropriate control measures. In Australia, this process is guided by the Work Health and Safety Regulations 2017 and the Code of Practice: How to Manage Work Health and Safety Risks.

For businesses across Sydney and NSW, conducting thorough risk assessments is not just a legal obligation — it is the most reliable method for preventing workplace injuries, illnesses, and fatalities. As a WHS consultant working across NSW, Hendricks Australia conducts hundreds of risk assessments each year across diverse industries.

What Is a Hazard vs a Risk?

Before diving into the process, it is important to understand the distinction:

  • A hazard is anything that has the potential to cause harm (e.g., a wet floor, an unguarded machine, a hostile client)
  • A risk is the likelihood that the hazard will cause harm, combined with the severity of that harm

Effective risk assessment starts with thorough hazard identification before moving to risk evaluation and control.

The Four-Step Risk Management Process

Step 1: Identify the Hazards

A hazard is anything that has the potential to cause harm. Common workplace hazards include:

  • Physical hazards: manual handling, working at heights, machinery, vehicles, noise, vibration
  • Chemical hazards: hazardous substances, dusts, fumes, gases
  • Biological hazards: infectious agents, mould, sharps
  • Psychosocial hazards: work-related stress, fatigue, bullying, poor job design
  • Environmental hazards: extreme temperatures, UV radiation, outdoor work conditions

Hazard identification techniques include: workplace inspections, incident data review, consultation with workers, job safety analysis (JSA), and reviewing manufacturer/supplier information for plant and substances.

Step 2: Assess the Risks

For each identified hazard, assess the risk by considering three factors:

  • Likelihood: How probable is it that the hazard will cause harm given the existing controls?
  • Consequence: How severe would the harm be if it occurred?
  • Exposure: How often and how many workers are exposed to the hazard?

Many organisations use a risk matrix to systematically rate risks and prioritise them for treatment. Our online Risk Assessment Matrix tool provides a practical starting point for any industry.

Step 3: Control the Risks

Apply the Hierarchy of Controls in order of effectiveness:

  1. Elimination — Remove the hazard entirely (most effective)
  2. Substitution — Replace with something less hazardous
  3. Isolation — Separate the hazard from people using barriers, enclosures, or distance
  4. Engineering controls — Physical modifications to reduce risk (guards, ventilation, ergonomic equipment)
  5. Administrative controls — Safe work procedures, training, supervision, job rotation
  6. PPE — Last resort; protects the individual but does not eliminate the hazard

The most common mistake businesses make is jumping straight to PPE without first exhausting higher-order controls. PPE is the weakest control because it relies entirely on consistent human behaviour and equipment that can fail.

Step 4: Review the Controls

Controls must be regularly reviewed to ensure they remain effective. Trigger a formal review when:

  • There is a change in work processes, equipment, or substances
  • An incident, near miss, or dangerous occurrence occurs
  • Workers raise concerns about the effectiveness of current controls
  • New information becomes available about a hazard
  • Regulatory requirements change

Documenting Your Risk Assessments

Risk assessment documentation serves multiple purposes: it demonstrates due diligence, provides a baseline for future reviews, supports training and induction, and can be essential evidence in the event of a prosecution or workers compensation claim.

A well-documented risk assessment should include: - Date of assessment and next review date - Name and role of person(s) who conducted the assessment - Description of the work activity or process assessed - Hazards identified - Existing controls in place at time of assessment - Risk rating (before and after controls) - Additional controls recommended - Person responsible and target date for implementation

Risk Assessment for Specific High-Risk Industries

Some industries face particularly complex risk profiles that require specialist expertise:

Construction: Falls from heights, plant and vehicle movements, electrical hazards, and work in confined spaces are among the leading causes of serious injury and fatality. WHS compliance in construction requires detailed SWMS for all high-risk construction work.

Manufacturing: Machine guarding, manual handling, chemical exposure, and noise-induced hearing loss are priority risk areas. Regular workplace inspections and maintenance programs are critical.

Hospitality: Manual handling injuries, slips trips and falls, and psychosocial risks (shift work, customer aggression) are common. The fast-paced environment can make thorough risk assessment challenging but no less important.

Common Mistakes to Avoid

Many organisations make the error of treating risk assessment as a paperwork exercise. The document is only valuable if it reflects actual practice. Other common mistakes include:

  • Using generic templates without customising them to the actual workplace
  • Not involving workers who perform the task in the assessment process
  • Rating all risks as "low" to avoid action
  • Failing to implement identified control measures
  • Not reviewing assessments after incidents or process changes
  • Conducting assessments in isolation without consultation

When to Engage a WHS Consultant

While many risk assessments can be conducted internally, specialist support is valuable for:

  • Complex or novel hazards outside your organisation's experience
  • High-consequence activities (confined space entry, working at heights, hazardous chemicals)
  • Post-incident investigations requiring independent assessment
  • Preparing for regulatory audits or ISO certification
  • Building internal capability through training and mentoring

Hendricks Australia provides comprehensive risk assessment services across Sydney and NSW. Contact us to discuss your risk management needs.