Procedures

Occupational Health and Safety Risk Management - Procedure

Printer-friendly version
Body

1. Purpose and Scope

The purpose of this procedure is to outline the approach for managing occupational health and safety (OHS) risks at The University of Queensland (UQ).

Managing occupational health and safety risk is a mandatory legislative requirement. This procedure refers to ‘relevant legislation’ associated with managing OHS risks at the University. This primarily means the Work Health and Safety Act and Regulation 2011 (Queensland) and also includes (but not limited to) Electrical Safety, Gene Technology, Biosecurity, Radiation Safety, Marine Safety and Health Act. This procedure applies to all UQ staff, students, visitors, contractors and volunteers throughout all areas of its activities. It is applicable to all UQ work, activities and services being undertaken within recognised UQ workplaces and external workplace environments.

This procedure relates to the University’s OHS Policy and the commitment to establishing an OHS risk management process. The process requirements for OHS risk management at both the corporate and operational level within the University are covered in this procedure. Where more specific guidance is required for a hazard or activity, refer to the relevant OHS policies or procedures. For guidance on business planning which incorporates the risk management process refer to the Enterprise Risk Management Policy - PPL 1.80.01 Enterprise Risk Management.

The objectives of the procedure are:

  • Align the management of occupational health and safety risk with the UQ Enterprise Risk Management Framework and the OHS Policy.
  • Align OHS Risk Management with AS/NZS ISO 31000:2009 Risk management – Principles and guidelines.
  • Ensure legal compliance with the relevant legislation.
  • Provide an overview of OHS Risk Management and guidance on how it is applied at all levels within the organisation.
  • Provide all workers with guidance to discharge their work health and safety duties.

2. Process and Key Controls

The process involves the systematic application of the University's policies, procedures and the practices of consulting, planning, identifying, assessing, evaluating, controlling, monitoring and reviewing OHS risk. This process is applied at a corporate and operational level. Corporate level is considered as the whole of the organisation. Operational level is considered the day-to-day activities performed by organisational units.

The University has a focus on the prevention of high risks and considers managing OHS risk as an ongoing, continuously improving process. Qualitative techniques are used for the risk analysis to determine the level of risk and prioritise risk treatment according to risk evaluation criteria.
The OHS Risk Management process follows the standard risk management process represented in Figure 1.

Figure 1:

Figure 1: Risk Management Process sourced from AS/NZS ISO31000:2009

 

Each box in Figure 1 represents a key control of this procedure and are detailed in the following sections:

3.1 Establish the context
3.2 Risk Identification
3.3 Risk Analysis
3.4 Risk Evaluation
3.5 Risk Treatment
3.6 Communication and Consultation
5.0 Monitoring and Review

 

3. Key Requirements

3.1 Establishing the context

To establish the context is to define the parameters within which OHS risks must be managed. The context sets the scope for consultation, risk assessment, risk treatment and review. This includes internal factors e.g. governance, capabilities and external factors e.g. financial, industry and the community.

3.1.1 Corporate OHS Risk Management

Corporate OHS risk management is directed by the Enterprise Risk Management process, OHS governance arrangements and the OHS Policy. At the corporate level, the process and planning activities are informed by the Operational OHS Risk Management process reviews, OHS risk and incident data, audit and management review.

Application of OHS risk management at the corporate level includes:

  • Enterprise risk categories: Safety and Legal/Regulator Compliance.
  • Safety and Compliance risk appetite statements established by the Senate Risk Committee.
  • Non-academic risks are assessed within the Enterprise Risk Register.
  • Corporate OHS Risk Register maintained by the OHS Division.
  • UQ Health, Safety and Wellness strategic planning.
  • Monitoring and reporting organisational OHS performance by the OHS Division.

For further information regarding OHS Governance refer to PPL 2.10.02 Occupational Health and Safety Governance.

3.1.2 Operational OHS Risk Management

Operational OHS risk management is the day-to-day activity of identifying hazards/risks related to work activities, analysing the risks in terms of consequences and their likelihood, and evaluating the risks to prioritise action. Commonly referred to as “OHS Risk Assessment”.

Operational OHS risk management is directed by legal requirements and the OHS Policy. Organisational units perform oversight functions specific to the hazards and risks identified within the unit. These functions include:

  • Developing an organisational unit OHS Management Plan.
  • Maintaining an organisational unit OHS Risk Register.
  • Completing specific risk assessments e.g. PREM, ergonomics, chemical, procurement.
  • Maintaining the Contractor Management System (Property & Facilities Division).
  • Ensuring compliance with Gene Technology, Biosecurity and Radiation Safety Management.
  • Monitoring and reporting organisational unit OHS performance.

All workers are responsible for managing risks associated with their work and supervisory staff at every level have specific responsibilities to oversee implementation of effective OHS risk management.

 

3.2 OHS Risk Identification

OHS risk identification is an ongoing activity and involves identifying and describing the OHS risk factors associated with work. The description should clarify the source of the risk, potential hazards, level of exposure to the worker (time or quantity), possible consequences and the most likely consequence.

3.2.1 Corporate OHS Risk Identification


The corporate OHS risk register is the mechanism for maintaining identified organisational OHS risks. Risks are described in an organisational activity context and a preliminary assessment is performed. The identification of new OHS risks must be performed during organisational change events and may involve a range of people. Catastrophic and critical OHS risks are identified in the Business Continuity Plan and Critical Incident Management Plans.

3.2.2 Operational OHS Risk Identification

Organisational unit OHS risk registers are the mechanism for maintaining the specific OHS risks identified within organisational units. The risk factors are described in a general activity/task context and an assessment of risk is performed. The identification of new OHS risk factors must be performed during change events and should involve relevant supervisors and workers.

All workers must identify the OHS risk factors associated with the specific activities/tasks they perform. When required to formally document an OHS risk assessment, workers must identify and describe the OHS risk factors to determine what can go wrong when performing the work activity. A risk assessment should involve the people performing the work, those who designed the work activity and may involve people with specialist knowledge in technical aspects of OHS risks e.g. occupational hygienist.

 

3.3 OHS Risk Analysis

Qualitative risk analysis methodology is consistently applied to both corporate and operational OHS risk management. A risk-ranking matrix (Figure 2) combines qualitative scales for consequence and likelihood to analyse the level of risk.

Figure 2: UQSafe – Risk: OHS risk-ranking matrix

 

Descriptions for the scales are provided in Table 1.

The level of risk is identified from the intersection of consequence and likelihood in the matrix. The University analyses OHS risk in terms of Current Risk Level and Residual Risk Level (section 3.5.1).

Table 1: Descriptions of the qualitative scales for consequence and likelihood

CONSEQUENCE

INSIGNIFICANT

MINOR

MODERATE

MAJOR

CRITICAL

INJURY/ ILLNESS

Near miss event

No injury or illness 

First Aid injury/illness

Biological/Chemical spill

Moderate injury/illness

Reversible impairment

Biological exposure

 

Serious injury/illness

Temporary Impairment*

Lost Time Injury

Dangerous Incident

Fatality/Multiple Fatalities

Permanent Impairment

CONSEQUENCE DESCRIPTION (OUTCOME)

Near miss event is an incident which in slightly different circumstances could have resulted in injury or illness e.g. small gas leak, operating a machine without guarding.
Discomfort may be experienced including rash, headache or muscle spasm, however there is no injury or illness. No lost time.

Injury or illness requiring first aid treatment e.g. cuts, sprain/strain, burn or mental health first aid.
Worker returns to normal or suitable duties within the same day/shift, no lost time.
Biological / Chemical Spill which in slightly different circumstances could have resulted in loss of containment, injury or illness.

Injury or illness considered a reversible impairment requiring medical assessment or ongoing treatment / therapy by a health professional e.g. physiotherapist, EAP, infection specialist.
Biological exposure that requires medical assessment e.g.needle stick injury or animal bite.
Worker returns to normal duties the following day/shift, no lost time.

Injury or illness causing a temporary impairment which requires medical intervention, hospital admission and/ongoing medical treatment e.g compound fracture, knee reconstruction.
Worker may return to suitable duties.
Dangerous Incident is a serious near miss notifiable under WHS Act 2011.
*A permanent impairment where a worker has suffered an injury or impairment which is assessed at less than 20% degree of permanent impairment e.g. loss of fingertip.

Injury or illness requiring immediate hospitalisation resulting in permanent impairment e.g. emergency surgery, amputation, loss of bodily function. A permanent impairment where a worker has suffered an injury or impairment which is assessed at greater than 20% degree of permanent impairment e.g. limb amputation.
Worker may return to suitable duties.

LIKELIHOOD

ALMOST CERTAIN

LIKELY

POSSIBLE

UNLIKELY

RARE

CHANCE

Extremely likely

Will probably occur

Likely to happen but not certain

Possible but not likely

Conceivable but extremely unlikely

LIKELIHOOD DESCRIPTION (FREQUENCY)

Considering the routine nature of the activity (number of times performed / day), the most likely consequence is considered to have an incident occurrence rate of at least once per week.

Considering the routine nature of the activity (number of times performed / day), the most likely consequence is considered to have an incident occurrence rate of at least once per month.

Considering the routine nature of the activity (number of times performed / day), the most likely consequence is considered to have an incident occurrence rate of at least once per year.

Considering the routine nature of the activity (number of times performed / day), the most likely consequence is considered to have an incident occurrence rate of at least once every 3 years.

Considering the routine nature of the activity (number of times performed / day), the most likely consequence is considered to have an incident occurrence rate of at least once every 5 years.

3.3.1 Analysing Current Risk Level

The Current Risk Level is the analysed level of risk with existing controls implemented. It provides an input to OHS risk evaluation (section 3.4) for a decision on whether the level of risk is acceptable or requires further risk treatment (additional controls).

To analyse current risk level you must:

  1. Understand the risk factor identified in the context described (3.2 OHS Risk Identification).
  2. Consider the quality and effectiveness of the existing controls.
  3. Determine the most likely consequence/s from the range of possible consequences described.
  4. Select the relevant consequence descriptor from the matrix.
  5. Estimate the likelihood of occurrence of the most likely consequence.
  6. Select the relevant likelihood descriptor from the matrix.
  7. Identify the current level of risk from the intersection in the matrix.

To analyse residual risk level refer to section 3.5.1.

 

3.4. OHS Risk Evaluation

OHS risk evaluation is consistently applied to both corporate and operational OHS risks and involves comparing the analysed level of risk against OHS Risk Evaluation Criteria (Table 2). The criteria must be used in making a decision as to whether the risk level is acceptable and the immediate actions required. The risk level acceptability is applicable to both current risk and residual risk levels. The OHS risk treatment priority provides guidance on which risks must be treated first. The table provides the oversight or reporting level for approval of task relevant to the risk level.

If there is significant uncertainty about the acceptability of the risk during the evaluation process, a precautionary approach is recommended when approving a risk assessment and authorising the task. The formal review periods are based on the current risk level as detailed in section 5.


 Table 2:  OHS Risk Evaluation Criteria

Level of Risk

Risk Level Acceptability

Immediate action required

Risk Treatment Priority

Oversight / reporting level

Formal review period

Extreme

No

Task must not proceed. Appropriate and prompt action must be taken to reduce the risk to an acceptable level.

1st

Vice Chancellor, VCRCC, VCC & SR&AC Vice Chancellor, VCRCC, VCC & SR&AC

Operational: 2 days.
 

Corporate: Biannual.

High

No

Task can only proceed in extraordinary circumstances** and provided there is authorisation by relevant Head of Function* and a plan is in place to promptly reduce the risk to an acceptable level.

2nd

Relevant USMG member and Head of Function*
(the risk may be reported by ERS to Vice Chancellor, VCRCC, VCC and SR&AC)

Operational: Biannual.
 

Corporate: Annual.

Medium

Broadly acceptable

Task can proceed upon approval of the risk assessment by relevant Line Manager or Supervisor is received. 

It is recommended that a plan is developed to reduce the risk within a reasonable timeframe.

3rd

Relevant Line Manager or Supervisor

Operational: Annual.
 

Corporate: Biennial.

Low

Yes

Task can proceed upon approval of the risk assessment by relevant Line Manager or Supervisor is received. 

4th

Relevant Line Manager or Supervisor

Operational: 5 yearly.
 

Corporate:  5 yearly.

  * Relevant Head of Function; Head of school, Institute Deputy Director or Division Director

  ** Extraordinary circumstances are opportunities for the University that align with its strategic mission and RAS.

 

3.5 OHS Risk Treatment

OHS risk treatment is applied to both corporate and operational OHS risks. Risk treatment involves identifying and implementing ‘controls’ to eliminate the risk or reduce the consequence or likelihood of a risk being realised. Controls are either considered as ‘existing controls’ or proposed or ‘additional controls’.

Existing controls are those risk treatment measures that are already in place through organisational policies and procedures, prescribed by law, recommended by codes or standards and are inherent by design. Additional controls are those controls proposed and implemented after the analysis of the current risk level.

Corporate OHS risk treatment may involve implementing controls that treat risk as part of an overall plan, program or policy. Operational OHS risk treatment may involve implementing controls that treat the activity / task risks or an individual risk factor within the activity / task.


To prevent exposure to high and extreme risk, avoiding OHS Risks must be the first priority by eliminating the risk (or hazard) or ceasing the activity. If it is not possible or prudent to eliminate the risk, priority must be given to reduce risk to as low as reasonably practicable. Using the hierarchy of controls (Figure 3) select the next highest order control that is considered the most effective and practical.

 

 

 

 

 

 

 

 

 

 

 

 

 

Figure 3: Hierarchy of controls

 

3.5.1 Analysing Residual Risk Level

At the operational level, residual risk Level is the analysed level of risk remaining after risk treatment. Unless the risk is eliminated, some residual risk will remain after additional controls are implemented. The residual risk level provides an input to OHS risk evaluation (section 3.4) for a decision on whether the level of risk is tolerable. Where no additional controls have been implemented the residual risk level is equal to the current risk level.

To analyse the residual risk level you must:

  1. Consider the effectiveness of the additional controls and whether they reduce the likelihood by reducing frequency of exposure and the chance of the most likely consequence.
  2. Consider the level of protection the additional controls provide and whether they reduce the most likely consequence through prevention of exposure or mitigation measures that may reduce the severity of a consequence e.g. safety showers, fall-arrest equipment.
  3. Select the relevant consequence and likelihood descriptors from the matrix.
  4. Identify the residual level of risk from the intersection in the matrix.

 

3.6 Communication and Consultation

Communication and consultation efforts are consistently applied to both corporate and operational OHS risk management. The provision of information about OHS risks and controls, consultation, co-operation and coordination activities should involve giving and seeking information with all relevant stakeholders.

Communication and consultation activities may include (but not be limited to):

  • OHS Committees and Health and Safety Representatives.
  • Facilitating or participating in a group OHS risk assessment.
  • Other consultative arrangements e.g. toolbox / lab meetings, noticeboards, intranet.
  • Online training modules and staff development courses.
  • Contractual agreements i.e. student placement, contractor services.
  • Management review of OHS performance.

For further information regarding communication and consultation, refer to the PPL 2.10 Governance and Consultation.

 

4. Roles, Responsibilities and Accountabilities

The OHS Division, headed by a Director of OHS and supported by appropriate specialist occupational health and safety advisers administer the OHS risk management governance arrangement at UQ. OHS Managers and Work Health and Safety Coordinators (WHSC's) have specific OHS risk management responsibilities including providing assistance with operational OHS risk management processes and auditing. These specific responsibilities are outlined in PPL 2.10.06 Work Health and Safety Co-ordinator Role and Function and PPL 2.10.09 Occupational Health and Safety Manager Role and Function.

The OHS responsibilities of staff are dependent on their role within the University and are outlined in PPL 2.10.04 Staff Responsibilities for Occupational Health and Safety.

Specific OHS risk management responsibilities and accountabilities related to roles are:

4.1 Head of organisational unit

The Head of organisational unit shall:

  • Allocate sufficient resources to ensure OHS risk is managed and monitored.
  • Ensure the provision and maintenance of effective OHS risk controls.
  • Ensure the provision of risk management information, training and supervision.
  • Ensure appropriate records are formally documented.
  • Review the performance of OHS risk management within organisational unit.

4.2 Supervisors / Managers

Supervisors and Managers shall:

  • Ensure risk management process is undertaken and provide appropriate supervision, support and guidance for OHS risk management.
  • Ensure provision and maintenance of effective OHS risk controls.
  • Ensure the provision, maintenance, training and proper use of PPE.
  • Consult with workers, review and approve OHS risk assessments.
  • Ensure post-incident corrective actions are implemented and review OHS risk management documentation accordingly.
  • Review and update OHS risk management provisions in relation to change in the work activities.

4.3 Workers

All workers have a legal duty to co-operate with this procedure. Workers shall:

  • Participate in inductions, training, and OHS risk assessments as instructed by the supervisor.
  • Identify OHS risks and implement controls.
  • Complete and document or update OHS risk assessments as necessary.
  • Ensure emergency procedures and equipment are in place, as specified in the OHS risk assessment.
  • Wear PPE as provided by the University.
  • Report any incident, injury, illness or near miss event to the Supervisor.
  • Report all incidents via the online UQ Safe - Incident Database.

 

5. Monitoring and Review

Monitoring and review is applied to both corporate and operational OHS risk management processes. OHS risks are continuously monitored and reviewed by a number of different activities including inspection, audit, health surveillance, exposure monitoring and review of performance indicators.

Monitoring and review of OHS risk management performance is used to ensure continuous improvement. Results and actions arising from monitoring and review activities are communicated and consulted in accordance with PPL 2.10 Governance and Consultation.

5.1 Corporate Monitoring and Review

Corporate monitoring and review activities involve ensuring the effectiveness of controls at an organisational level. Priority for formal review of risk factors in the corporate risk register is based on the level of current risk is detailed in Table 2: OHS Risk Evaluation Criteria.

Corporate monitoring and review activities include (but not limited to):

  • Consultation with governance groups.
  • Review of the corporate OHS risk register.
  • Internal and external OHSMS auditing.
  • Critical Incident Management review.
  • Monitoring OHS key performance indicators.
  • OHS management reviews.

5.2 Operational Monitoring and Review

Operational monitoring and review activities involve confirming the effectiveness of controls implemented in the day-to-day activities to ensure they are working as planned. Priority for formal review is based on the level of current risk as detailed in Table 2: OHS Risk Evaluation Criteria.

Operational monitoring activities performed include:

  • Consultation with workers.
  • Observation of work processes and worker behaviour.
  • Monitoring the workplace environment e.g. swabs, air samples.
  • Health surveillance programs e.g. blood samples, hearing tests.
  • Regular workplace and hazard inspections to ensure all hazards have been identified, risk assessed and controlled.
  • Formal review of risk assessments.

 

6. Recording and Reporting

Electronic systems are utilised to document and record corporate and operational OHS risk management activities. Systems include:

  • UQ Policy Procedure Library (PPL).
  • UQ Safe – Incident (Hazard and incident register).
  • UQ Safe – Risk (Risk Assessment database).
  • Microsoft Office – for Risk registers, inspections, audits and reports.
  • OHS Division and organisational unit network drives and websites.

Corporate OHS risk management records and reporting is maintained by the OHS Division. Reports relating to OHS risk include (but are not limited to):

  • Monthly, quarterly and annual OHS performance reports.
  • Adhoc OHS risk reports relating to specific risk e.g. asbestos.

Operational OHS risk management records and reporting specific to the organisational unit should be maintained by the document owner or the OHS Manager / WHSC. This may include (but are not limited to); Work Off-campus plans, OHS Risk Assessments (hard copies) and inspections reports.

6.1 UQ Safe - Risk Database

UQ Safe - Risk is the preferred operational OHS risk management tool for conducting and performing an OHS risk assessment within the University. It is an online OHS risk management database that has been designed to assist in conducting an OHS risk assessment, managing and recording the process.

All staff and students have automatic access to the UQ Safe - Risk, which can be accessed via the OHS Division webpage: http://www.uq.edu.au/ohs/ohs-risk-management.

 

7. Appendix

For further information regarding OHS Risk Management please contact your local WHSC / OHS Manager or contact the OHS Division.


UQ OHS Division
Phone: 3365 2365
Email: ohs@uq.edu.au

Custodians
Director, Occupational Health and Safety
Mr Jim Carmichael
Custodians
Director, Occupational Health and Safety
Mr Jim Carmichael