24th May, 2023

Are Risk Assessments A Legal Requirement?

Risk assessments are a legal requirement at work. In fact, risk assessment is so important it has its own section under the Management of Health and Safety at Work Regulations. In this blog post, we look at risk assessment laws and regulations.

Are Risk Assessments A Legal Requirement? header image

Are risk assessments a legal requirement? If you are looking for a simple yes or no answer here, the answer is yes - risk assessments are a legal requirement.

At least, they are a legal requirement at work.

You might not realise it, but you assess risk every day. Is it safe to cross the road? Is that plate hot? Is it going to rain? Do I need to put sun cream on? It becomes second nature. Half the time, you might not realise you are doing it.

At home and in your personal life, no law tells you to assess risk. It is just self-protection. It's a skill you have been developing since you were a child. You don't want to get hurt or face the consequences of a bad decision.

At work, risk assessments are a legal requirement. So there needs to be a little more formality and structure around the risk assessment procedure. But it still follows the same idea - preventing you (and others) from getting hurt.

green traffic light

Risk assessment laws and regulations

At work, employers have responsibilities under health and safety laws to protect their workers and anyone who may be harmed by their work.

  1. It shall be the duty of every employer to ensure, so far as is reasonably practicable, the health, safety and welfare at work of all his employees

But the regulations that specifically make risk assessments a legal requirement are the Management of Health and Safety at Work Regulations (MHSWR).

It is the law under the Management of Health and Safety at Work Regulations (MHSWR) that every employer and self-employed shall carry out a risk assessment of any risks to the health and safety of employees or other persons.

Risk assessment is so important it has its own section under the MHSWR - section 3.

  1. Every employer shall make a suitable and sufficient assessment of—
    1. the risks to the health and safety of his employees to which they are exposed whilst they are at work; and
    2. the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking...
  2. Every self-employed person shall make a suitable and sufficient assessment of—
    1. the risks to his own health and safety to which he is exposed whilst he is at work; and
    2. the risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him of his undertaking...
The Management of Health and Safety at Work Regulations 1999 Risk assessment

The Management of Health and Safety at Work Regulation is the main regulation for risk assessments. It applies to all workplaces.

Depending on your activities, other regulations may also apply to specific risk assessments. See the "Additional laws" section at the end of this blog post for more information.

Risk assessment responsibilities

As you can see from the regulations, risk assessments are the responsibility of both employers and the self-employed.

Employers are responsible for assessing the risk to:

risk assessment paperwork

And the self-employed are responsible for assessing the risk to:

Anyone else could be occupants, other workers (working in the same area), visitors, clients or even members of the public.

So, risk assessments are a legal requirement for every employer and self-employed person, and they must assess the risks not only to those they employ but also the risks to anyone else who may be affected by the work activities.

This doesn't mean the employer needs to be the one to carry out the risk assessment. Just that they are responsible for making sure risk assessments are done. They may have a competent person, or a health and safety manager with the knowledge and skills to do a suitable and sufficient risk assessment.

The regulations go further in that any employer employing over 5 or more employees must record "the significant findings of the assessment". In other words, you need to have it written down.

(6) Where the employer employs five or more employees, he shall record—

  1. the significant findings of the assessment; and
  2. any group of his employees identified by it as being especially at risk. -- The Management of Health and Safety at Work Regulations 1999 - Risk assessment

Need help writing your risk assessments? Get access to over 200 risk assessment templates for your business activities.

What if you have less than 5 employees?

Even if you employ less than 5 employees you might need to have a written record of your risk assessment. Even though the law doesn't say you must write it down, you may need to supply it to clients or other stakeholders. And you may also need to communicate the findings to employees.

Having the risk assessment written down is the only way you can show you have done one (and remember, it's a legal requirement - even if you have no employees).

You will often get asked to provide evidence of your risk assessments for health and safety accreditations and pre-qualification questionnaires, especially in higher-risk industries.

construction risk assessment on site

Now you know when you need a risk assessment, by law. But what should your risk assessment contain? What format does your risk assessment need to follow to comply with the MHSWR?

While risk assessments are required by law, the MHSWR does not necessarily specify how to carry one out - just that the assessment of risks must be done, and it must be suitable and sufficient.

It is a good idea to follow the 5 steps to risk assessment to make sure your risk assessment is sufficient.

There are different ways to record your risk assessments and even different types of risk assessment. It doesn't have to look pretty, but your assessment should be clear, easy to read and understandable. After all, your team need to be able to read, understand, and follow it.

Don't know where to start? Here's how to complete a risk assessment in 5 minutes.

Additional Laws

We already mentioned that the MHSWR isn't the only set of regulations that require risk assessments - it is the main regulation and the basis of the law surrounding risk assessments. But there are other legal requirements to consider in certain circumstances.

For example, under the Control of Substances Hazardous to Health (COSHH) Regulations, a COSHH assessment is required. This is a risk assessment produced specifically for hazardous substances.

using a hazardous substance with gloves

Under the Display Screen Regulations, employers are required to "perform a suitable and sufficient analysis" of workstations. Also referred to as a DSE assessment.

An employer who carries out work which is liable to expose any of his employees to risk from vibration shall make a suitable and sufficient assessment of the risk created by that work to the health and safety of those employees and the risk assessment shall identify the measures that need to be taken to meet the requirements of these Regulations.

The Control of Vibration at Work Regulations 2005 Regulation 5

The Control of Vibration at Work Regulations require employers to assess the risk from vibration and the measures needed to control them and puts legal limits on vibration exposure.

So while the Management of Health and Safety at Work Regulations contain the fundamental requirement for all businesses to carry out risk assessments, other regulations also add additional legal requirements for specific hazards. These can specify some extra things that need to be included in your risk assessment, or legal limits that apply.

Need help with your risk assessments? We have a large library of risk assessment templates you can edit and use for your business activities.

share on twitter share on facebook share on linked in share by email

This article was written by Emma at HASpod. Emma has over 10 years experience in health and safety and BSc (Hons) Construction Management. She is NEBOSH qualified and Tech IOSH.

Need Health and Safety Documents?

Search hundreds of health and safety documents ready to edit and download for your business.

Health & Safety Documents

Recent posts like this...

How To Use (And Understand) A 5x5 Risk Matrix image

How To Use (And Understand) A 5x5 Risk Matrix

The 5x5 risk matrix might be something you've seen in health and safety documents, management systems, or something you've heard referred to in safety briefings. But what is the 5x5 matrix? What do the numbers mean? And what do the colours show? Here's how to use (and understand) a 5x5 risk matrix.

Read Post
RIDDOR Reporting Timescales Explained (When To Report) image

RIDDOR Reporting Timescales Explained (When To Report)

Under RIDDOR (the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations) there are duties to report certain types of injuries, diseases and dangerous occurrences. Some will need reporting without delay, and others within 10 or 15 days. So what are the RIDDOR reporting timescales?

Read Post
What Are RAMS Documents? image

What Are RAMS Documents?

If you are asked for your RAMS, what does it mean? And why would you need a ram on your project? RAMS is a term often used in construction and it refers to two types of health and safety documents. In this blog post, we look at what RAMS documents are, and how you can create them.

Read Post

Spend less time on paperwork.
Start with the free plan today.