What are the strategies for controlling risks?

Eliminating the risk is the best control. If you can’t, you must minimise the risk so far as is reasonably practicable. The hierarchy of control measures assists duty holders to select the highest control measures to effectively manage risk. 

A step-by-step approach 

To manage WHS risks you should: 

At each step you must consult with workers and their health and safety representatives. Workers have knowledge, experience and ideas that can help you manage WHS risks. 

Risk management should be used for both physical risks and psychological risks in the workplace. Psychological risks are risks to someone’s psychological health (mental health). 

Step 1 - Identify hazards 

Hazards are things and situations that could harm a person. Find out what could cause harm in your workplace.  

Step 2 - Assess risks 

Undertake a risk assessment to identify the hazards in your workplace, which may cause harm (death, injury, or illness).  A risk assessment involves looking at what could happen if someone is exposed to a hazard and the likelihood of it happening. 

A risk assessment can help you work out: 

• how severe a risk is  

• if your control measures are effective  

• what action you should take to control the risk  

• how urgently you need to take action. 

You may not need to undertake this step if the hazards, risks, and control measures are well-known. 

Step 3 - Control risks 

You should always aim to eliminate risks, as this is the best way to manage risks.  Where this is not possible, you must minimise risks so far as is reasonably practicable. 

To control risks, you can follow the hierarchy of control measures, which are ranked from the highest level of protection and reliability to the lowest.  

Step 4 - Review control measures 

Review your control measures to make sure they work as planned. 

Examples of the risk management process can be found in Appendix B of the model Code of Practice: How to manage work health and safety risks. 

Control measures 

You should always aim to eliminate risks, as this is the best way to manage risk. If you can’t eliminate risks, you must minimise risks so far as is reasonably practicable. 

Use the hierarchy of control measures to control risks and reduce exposure to hazards. The ways of controlling risk are ranked from the highest level of protection and reliability to the lowest.  Administrative controls and personal protective equipment (PPE) are the least effective. They do not control the hazard at the source and rely on human behaviour and supervision. 

The hierarchy of control measures can be applied to any risk and must be applied where it is not reasonably practicable to eliminate risks linked to: 

• remote or isolated work 

• hazardous atmospheres or chemicals 

• hazardous manual tasks 

• falls or falling objects 

• plant, electrical or construction work 

• hearing loss associated with noise 

• general diving work 

• confined spaces 

• naturally occurring asbestos   

Reasonably practicable 

What you must do to manage WHS risks depends on what is reasonably practicable. To decide if something is reasonably practicable you should think about all the relevant matters, for example: 

• the likelihood of the hazard or risk 

• the harm that could occur 

• knowledge about the hazard or risk 

• ways to minimise or eliminate the risk, and if these are available and suitable 

• cost, including whether the cost is grossly disproportionate to the risk. 

Further information about ‘reasonably practicable’ is available in our guide How to determine what is reasonably practicable to meet a health and safety duty. 

As people begin to age, they usually encounter more health risks. Managing pure risk entails the process of identifying, evaluating, and subjugating these risks—a defensive strategy to prepare for the unexpected. The basic methods for risk management—avoidance, retention, sharing, transferring, and loss prevention and reduction—can apply to all facets of an individual's life and can pay off in the long run. Here's a look at these five methods and how they can apply to the management of health risks.  

• Avoidance means not participating in activities that could harm you; in the case of health, smoking is a good example.
• Retention acknowledges the inevitability of certain risks, and in terms of health care, it could mean picking a less expensive health insurance plan that has a higher deductible rate.
• Sharing risk can be applied to how employer-based benefits are often more affordable than if an individual gets their own health insurance.
• Transferring risk relates to healthcare in that the cost of the care is transferred to the insurer from the individual, beyond the cost of premiums and a deductible.
• Loss prevention and reduction are used to minimize risk, not eliminate it—the same concept is used in healthcare with preventative care.

Avoidance is a method for mitigating risk by not participating in activities that may incur injury, sickness, or death. Smoking cigarettes is an example of one such activity because avoiding it may lessen both health and financial risks. 

According to the American Lung Association, smoking is the leading cause of preventable death in the U.S. and claims more than 480,000 lives per year. Additionally, the U.S. Centers for Disease Control and Prevention notes that smoking is the No. 1 risk factor for getting lung cancer, and the risk only increases the longer that people smoke.

Life insurance companies mitigate this risk on their end by raising premiums for smokers versus nonsmokers. Under the Affordable Health Care Act, also known as Obamacare, health insurers are able to increase premiums based on age, geography, family size, and smoking status. The law allows for up to a 50% surcharge on premiums for smokers.

Risk management strategies used in the financial world can also be applied to managing one's own health.

Retention is the acknowledgment and acceptance of a risk as a given. Usually, this accepted risk is a cost to help offset larger risks down the road, such as opting to select a lower premium health insurance plan that carries a higher deductible rate. The initial risk is the cost of having to pay more out-of-pocket medical expenses if health issues arise. If the issue becomes more serious or life-threatening, then the health insurance benefits are available to cover most of the costs beyond the deductible. If the individual has no serious health issues warranting any additional medical expenses for the year, then they avoid the out-of-pocket payments, mitigating the larger risk altogether.

Sharing risk is often implemented through employer-based benefits that allow the company to pay a portion of insurance premiums with the employee. In essence, this shares the risk with the company and all employees participating in the insurance benefits. The understanding is that with more participants sharing the risks, the costs of premiums should shrink proportionately. Individuals may find it in their best interest to participate in sharing the risk by choosing employer health care and life insurance plans when possible.

The use of health insurance is an example of transferring risk because the financial risks associated with health care are transferred from the individual to the insurer. Insurance companies assume the financial risk in exchange for a fee known as a premium and a documented contract between the insurer and individual. The contract states all the stipulations and conditions that must be met and maintained for the insurer to take on the financial responsibility of covering the risk.

By accepting the terms and conditions and paying the premiums, an individual has managed to transfer most, if not all, the risk to the insurer. The insurer carefully applies many statistics and algorithms to accurately determine the proper premium payments commensurate to the requested coverage. When claims are made, the insurer confirms whether the conditions are met to provide the contractual payout for the risk outcome.

This method of risk management attempts to minimize the loss, rather than completely eliminate it. While accepting the risk, it stays focused on keeping the loss contained and preventing it from spreading. An example of this in health insurance is preventative care.

Health insurers encourage preventative care visits, often free of co-pays, where members can receive annual checkups and physical examinations. Insurers understand that spotting potential health issues early on and administering preventative care can help minimize medical costs in the long run. Many health plans also provide discounts to gyms and health clubs as another means of prevention and reduction in order to keep members active and healthy.