Access information and data used to identify hazards, and to assess and control risks Contribute to identifying risk management requirements and compliance Contribute to workplace hazard identification Contribute to WHS risk assessment Contribute to developing and implementing risk controls Contribute to evaluating effectiveness of risk controls

1. Contribute to WHS Risk Management
BSBWHS414

2. Course Content
• Access information and data used to identify hazards, and to assess
and control risks
• Contribute to identifying risk management requirements and
compliance
• Contribute to workplace hazard identification
• Contribute to WHS risk assessment
• Contribute to developing and implementing risk controls
• Contribute to evaluating effectiveness of risk controls

3. Part 1: Knowledge Assessment
• Section 1: Complete the knowledge questionnaire contained
within the study guide – commencing on page 65.
• Section 2: Complete the short answer/research questions
contained within the study guide – page 83.
Part 2: Performance Assessment
• Section 3: Complete the Major Project as shown on page 85.
Unit Assessment

4. Access and review current WHS laws relevant to organisation
1.1 Access and review current WHS laws relevant to organisation’s hazard
identification and risk control processes
WHS legislation can be accessed from the following sources:
• Government and local government websites
• WHS/OHS regulators
• Safe Work Australia (the Government statutory body)
Work health and safety acts and regulations for the jurisdictions are:
 Commonwealth – Work Health and Safety Act 2011 (Cwth), Work Health and
Safety Regulations 2011 (Cwth)
 South Australia – Work Health and Safety Act 2012 (SA), Work Health
and Safety Regulation 2012 (SA)

5. Access and review current WHS laws relevant to organisation
WHS laws
 Organisations must comply with work health and safety laws to make sure they
operate a safe business that looks after its workers and environment
Acts, Regulations
 While acts provide a general overview of how to ensure a safe workplace and
outline the legal responsibilities of employers, regulations set out the standards
that need to be met for specific hazards and risks.
Codes of practice
 Are practical guides for achieving standards of health, safety and welfare as
required under the specific WHS act and regulations.

6. The model WHS laws
Although each state and territory is governed by its own WHS/OHS laws, the model
WHS laws were developed by Safe Work Australia to provide a consistent framework
and approach to how health and safety are carried out across Australia.
These model laws have been implemented into state/territory WHS laws in the
following states and territories; the Australian Capital Territory, New South Wales, the
Northern Territory, Queensland, South Australia, Tasmania and the Commonwealth.
The Model WHS Laws are maintained by Safe Work Australia; however, they do not
enforce these laws.
The Model Work Health and Safety (WHS) Act provides a balanced and nationally
consistent framework with the overall aim of securing the health and safety of workers
and workplaces.

7. WHS and risk management
Risk management activities are outlined in legislative texts and codes of practice.
Although there will be individual factors that apply to different types of businesses.
In relation to hazard identification and risk control processes, legislation will provide
information on:
Identifying hazards – including consultation with workers and workplace
observations
Assessing the risks – including risk categorisation and how to carry out a risk
assessment
Controlling the risks – including following the hierarchy of risk controls and how to
implement controls
Reviewing risk controls – including when to review and what to look for
Recordkeeping – including different requirements that need to be documented
and how records can be used in the risk management process
Question: 1

8. Accessing information in relation to hazards and risks
1.2 Access workplace sources of information and data to inform hazard
identification, risk assessment and risk controls
In order to identify hazards and to assess and control the risks, it helps to have
a strong understanding of the various work health and safety (WHS) issues that
apply – or could apply – to your workplace.
This means identifying and consulting a range of sources of information and
data on hazards and risks.
Information sources relevant to these needs may be found in various work
records and in your WHS information system.
You may seek this type of information from other work personnel or directly from
your work systems.
It may also be necessary to speak to different personnel with experience of
WHS and workplace hazards.

9. Accessing information in relation to hazards and risks
1.3 Access external sources of information and data to inform hazard
identification, risk assessment and risk controls
Sources of workplace information and data on hazards and risks include:
• Colleagues, managers and supervisors
• Organisational WHS policies and procedures
• Organisational standard operating procedures
• Organisational codes of conduct
• WHS legislative information
• Incident and hazard logbooks
• Hazard and risk assessment records
• In-house statistics and data
• Incident/accident records and data
• Personal accounts and observations from workers
You will need to be familiar with your organisation’s systems and technologies for
accessing this information.

10. Accessing information in relation to hazards and risks
You will need to be familiar with your organisation’s systems and technologies for
accessing this information.
Procedures to access internal sources of information
Internal workplace procedures to access information will exist to guide you. These
may vary depending on the organisation, its size and the type of business it is.
Accessing WHS information from external information sources
Equally, it may be necessary at times to seek up-to-date WHS information or further
guidance from external information sources. When doing so, you must access
information from sources that are recognised and trusted, such as your WHS or
occupational health and safety (OHS) regulator.
Procedures to access external sources of information
Obtaining information from an external source will follow a more formal approach;
requests may need to be logged in work records, and it will be more usual to
follow a specific procedure to obtain such information.
Question: 2

11. Analysing information and data
1.4 Analyse information and data and determine nature and scope of workplace
hazards, risk assessment and risk controls
You will need to discern the facts and points that are relevant, analysis includes:
• Critical thinking to determine value and meaning
• Logical thinking to methodically work through information
• Comparing and contrasting
• Checking that information is accurate
• Reasoning and decision-making
There are different analysis methods that you can use:
 Qualitative data/information is non-measurable
 Quantitative information will provide you with the facts and figures

12. Analysing information and data
Hazard and risk definition
Hazards are the elements within the workplace that can cause harm; risks are the
likelihood that the harm will happen and the outcome of these being experienced.
Workplace hazards, risk assessment and risk controls
Your analysis of information and data should enable you to determine the nature and
scope of your workplace hazards, risk assessment and risk controls
Workplace hazards
To identify the hazards, it is essential that you understand where hazards may arise
from. Other influences may also be a factor in whether an incident occurs; this can
include human factors, such as how a worker acts and behaves. It also includes
external factors, such as time constraints, the environment and the resources to do
the work.
Analysis methods include:
• Statistical analysis
• Scenario analysis
• S.W.O.T. analysis

13. Risk assessment & Risk controls
Risk assessment should also be done when:
• Expanding operations or acquiring an existing business
• Changing work practices, procedures or the work environment
• Changing organisational structure or job roles
• Introducing new workers or returning workers to the workplace
• Purchasing new and used equipment or using new substances
• Working with a new supplier or new commissioner of your services
• Planning to improve productivity or reduce costs
• New information about workplace risks becomes known
• Responding to workplace incidents
• Responding to concerns raised by workers, HSR’S or others at the workplace
• Required by WHS/OHS regulations in regard to specific hazards.
Risk controls need to either eliminate the risk or manage these at a safe level.
This is where following the hierarchy of risk control measures will help you to
decide appropriate controls; this will direct you to choose the most effective
type of control.
Question: 3

14. Confirm information and data
1.5 Confirm information and data with required stakeholders, seeking input from
technical and other advisors as required
Question: 4
Your information and data relating to workplace hazards and risks should be
discussed with the relevant personnel involved in risk management. The content and
results of this will inform risk management actions, and will need to be confirmed
before any activities can take place.
Confirmation will ensure that you let management know what you have determined; it
also means you can go through a decision-making process to agree on a suitable
course of action with the relevant people.

15. Contribute to identifying and complying with requirements
2.1 Contribute to identifying and complying with requirements of organisational
policies, procedures, processes and systems for hazard identification, risk
assessment and risk controls
When contributing and participating with others in work activities, it is important to
work collaboratively to achieve the end goal. Collaborating is about drawing on the
strengths and capabilities of different skilled workers, so work can be carried out
efficiently.
Cooperation is essential to ensure you get along with those you need to work with;
this is about agreeing on tasks to undertake, and knowing what each person or group
of persons will be responsible and accountable for.
Communication skills relevant to collaboration:
• Using positive body language that puts others at ease
• Using active listening
• Allowing for pauses and breaks, so others are able to think through on
things before they speak or contribute
• Asking questions to clarify points and perspectives

16. Contribute to identifying and complying with requirements
Question: 5
Identifying WHS policies, procedures, processes and systems
As part of risk management, you and others will need to follow organisational WHS
policies, procedures, processes and systems for hazard identification, risk
assessment and risk controls. Your organisation should have practices and guidance
in place to carry out these legislative requirements.
Complying with WHS policies, procedures, processes and systems
Policies, procedures, processes and systems ensure that you:
• Follow a consistent approach in your work
• Follow the required steps and actions to complete tasks
• Have the right tools and knowledge to carry out work
• Work according to organisational and legal requirements

17. Contribute to identifying and complying with policies, procedures and
processes
2.2 Contribute to identifying and complying with requirements of WHS laws and
guidelines for hazard identification, risk assessment and risk controls
A risk assessment should be carried out when:
• There is uncertainty about how a hazard may
result in injury or illness
• The work activity involves a number of different
hazards and there is an understanding about the
hazards and how they interact to form greater hazards
• Changes in the workplace that may impact on the
effectiveness of control measures
Risk assessments should not be necessary when:
• Legislation requires that specific hazards are
controlled in a special way
• A code of practice or other guidance sets out the control measures
applicable to your situation; and
• There are well-known and effective controls used in your industry and that
they are suited to the purposes set out in the workplace. These controls
can be simply implemented.

18. Contribute to identifying and complying with policies, procedures and
processes
Risk Rating Matrix
Many organisations develop a risk rating matrix that assists personnel in
assigning a priority to a hazard and will assist you in prioritising the order
in which hazards are resolved.
Question: 6

19. Identify duty holders and their range of duties
2.3 Identify duty holders, and their roles and responsibilities according to risk
management requirements
All duty holders must do everything that is “reasonably practicable” to protect the work
health and safety of everyone at the workplace.
This duty of care falls on all:
• Employers
• Company directors
• Managers
• Supervisors
• Employees
• WHS representatives and committees
• Contractors
The aim of regulations is to minimise risk of injury or illness at the workplace.
Question: 7

20. Tools for hazard identification
2.4 Identify tools used by organisational in current hazard identification and risk
control processes
Hazard identification tools may include:
• Hazard checklists (paper or electronic formats)
• Reference materials to inform about hazards
• The knowledge and experience of workers
• Hazard hunts
• Hazard, risk and incident records
• Job safety analysis
• Safe work method statements
• Manifests and registers
• Surveys and questionnaires
• Equipment to take readings (such as air quality or noise levels)
• Workplace inspections and walk-throughs.

21. Tools for risk control processes
Risk control process tools also include:
• Risk registers (to identify and categorise the risks)
• Risk matrix (to recognise which risks are most likely to occur)
• Analysis software to document, assess and understand risk control data
• Specific checklists, records and assessment forms to track risk controls
• The hierarchy of risk controls to identify suitable ways to manage risks
• Risk audit
Once tools have been identified, you should look at these to assess their relevance
and appropriateness for risk management
Question: 8

22. Selecting tools and techniques to identify hazards
3.1 – 3.2 Contribute to selecting hazard identification tools and techniques
according to WHS laws, and risk management requirements
To select the most appropriate hazard identification tools and techniques, you will
need to work with any relevant others to determine what these need to identify.
It will be necessary to know:
• How tools and techniques are used
• The advantages and disadvantages of using each one
• Which will be most effective
• Which you can afford
• Which are realistically workable
• Who will be using them and whether they are trained or instructed appropriately
• How information from hazard identification activities will be collated,
documented and communicated.

23. Selecting tools and techniques to identify hazards
Decision-making processes
A fair and impartial process to make decisions should be used in all activities and
collaborations. It will be required that all perspectives and opinions are discussed
fully, and that decisions are made after considering the views of others
A decision-making process will include:
• Determining why the decision needs to be made (what your goal is)
• Gathering the information that is needed to make the decision
• Identifying options and assessing information fully
• Choosing the most appropriate option
• Agreeing on the chosen option(s) and planning how to implement this.

24. Selecting tools and techniques to identify hazards
Using tools and techniques to identify hazards
Once you have used your knowledge to select the various tools and techniques for
identifying hazards, you will then need to ensure that you apply these methods
effectively.
To apply tools and techniques for identifying hazards effectively:
• Explain to others the importance of identifying hazards
• Train workers/colleagues in the execution of chosen tools and techniques for
identifying hazards
• Encourage all employees to look out for hazards and to report anything they
think could be a problem, no matter how trivial
• Choose the most appropriate time to use each technique:
• Ensure employees follow the correct protocol and procedures for identifying
hazards
• Remain observant throughout all shifts
Question: 9

25. Document hazard identification process and results
3.3 Contribute to documenting hazard identification processes and results
according to risk management requirements
When documenting hazards, you should include:
• Details of the hazard itself
• The time and date the hazard was identified
• The location of the hazard
• How the hazard was identified
• Who identified the hazard
• Whether the hazard has caused anyone harm
• An estimation of how long the hazard has existed
• A brief explanation of the reasons – or potential reasons – for the hazard
• The measures taken to minimise the risk posed by the hazard
• What else needs to be done in order to minimise the risk
• How similar hazards may be prevented in the future.

26. Document hazard identification process and results
Structure, layout and language
Your presentation and style of writing should be targeted to suit the audience-type.
This makes information more specific and relevant to the group or individual; it also
ensures you communicate using appropriate words and phrases that have meaning to
the audience.
It is important to know the level of detail required in documentation and identifying the
document’s purpose will help you to do this.
For example, you can ask yourself questions such as:
• What does this document need to do?
• What does this need to include?
• How will this be accessed?
• Who will be reading this information?
• What will they want to know?
Question: 10

27. Advise others of workplace hazards
3.4 Apply knowledge of hazards to advise individuals and/or parties about
workplace hazards and the harms they may cause
In your role to contribute to risk management activities, you may need to let others
know about the hazards that exist in the workplace. It will not be expected that you
identify each and every hazard on your own; this may not be possible or feasible to
do.
For example, hazards may be associated with:
• Machine operating and processing tasks
• Chemicals and hazardous substances
• Manual handling tasks
• Sterile environments
• Noisy environments
• Working at height or in confined spaces
• Stressful work environments
• Working with animals
• Working in outside environments

28. Advise others of workplace hazards
Communication
Workplace communications will need to be carried out according to organisational
requirements.
This includes both formal and informal processes. A formal process tracks and records
a communication and is useful when evidence of the communication is needed.
Informal processes are when colleagues discuss work and messages are passed in
order to maintain the flow and progress of work.
They tend not to be documented in organisational recordkeeping .
You can advise individuals of workplace hazards via:
• Training days and workshops
• Meetings
• Email
• Newsletters
• Noticeboards and posters Question: 11

29. Individuals and parties at risk of hazards
4.1 Identify individuals and/or parties at risk of exposure to hazards and
determine the nature, severity and likelihood of potential harm
Those persons who are exposed to hazards at your place of work should be identified;
this is so the appropriate risk measures can be put in place to ensure their safety.
Persons at risk may include:
• Staff
• Managers/supervisors
• Visitors to the workplace
• Customers and clients
• Transport service personnel/delivery persons
• Neighbouring businesses or residences.
The risk assessment
Part of the risk assessment process, involves determining the nature of the
risk, how severe this could be, and how likely there will be for potential
harm.

30. Risk categorisation
Risk categorisation must be relevant to you and your organisation. You may start with
a set categorisation chart, but invariably to make this work accurately, you should
adapt this to suit your needs every time you come to need a risk categorisation, adding
as many levels as needed.
Risk categorisation may include:
Likelihood of risks:
 almost certain
 likely
 possible
 unlikely
 Rare
Consequences of risks:
 insignificant
 minor
 moderate
 major
 catastrophic
 current control measures

31. Risk matrix
A risk matrix categorisation provides an overview of the potential risks within a table
format to show areas of concern and any priorities that need to be worked on.
Example risk matrix template:
Key:
L – low risk
LM – low/moderate risk
M – moderate risk
MH – moderate/high risk
H – high risk
Question: 12

32. Contribute to applying tools, techniques and processes
4.2 Contribute to applying tools, techniques and processes to identified hazards
to assess risk, according to risk management requirements
This may be for your own application, or you may be involved in planning and
coordinating activities for, and with others.
Plans should recognise:
• The overall objective
• A list of the tasks that need to be carried out
• The tools, techniques and processes that need to be used
• The resources that will be needed
• The roles and responsibilities for tasks
• The schedule for task activities, including task order, timelines and completions
It is essential that all risk assessments are undertaken only by competent staff
members with a strong understanding of the workplace and that management
is informed whenever risk assessments are underway.

33. Applying risk management tools, techniques and processes
A risk assessment involves analysing and evaluating the risks associated with a
particular hazard, with a view to then eradicating the hazard or controlling it.
Tools, techniques and processes for risk assessment include:
• Qualitative analysis
• Quantitative analysis
• Speaking with colleagues, managers and supervisors
• Assessing in-house statistics and data relating to incidents, hazards and risks
• Examining equipment, materials and substances
• Conducting a ‘Hazard and Operability’ (HAZOP) study
• Conducting a ‘Failure Mode and Effects Analysis’ (FMEA)
• The ‘Structured What-If Technique’ (SWIFT)
Question: 13

34. Document risk assessment results
4.3 Contribute to documenting risk assessment results according to risk
management requirements
When documenting the results of risk assessments, you should include:
• Details of the hazard itself: Why the risk assessment had to be carried out
• The time and date the risk assessment was conducted
• Who conducted the risk assessment
• A quantitative and qualitative evaluation of how likely an injury or illness will
occur as a result of the hazard
• A brief explanation of the reasons – or potential reasons – for the hazard’s
existence
• The measures taken to minimise the risk posed by the hazard
• What else needs to be done in order to minimise the risk
• How similar hazards may be prevented in the future.
Question: 14

35. Communicating risk assessment outcomes
4.4 Contribute to communicating risk assessment outcomes with workers,
contract workers, managers and technical specialists according to risk
management requirements
Communication to share the outcomes of risk assessment should be undertaken
with the relevant persons.
Consultation must take place when:
• Identifying hazards and assessing the risks to health and safety from the work
that is carried out or planned to be carried out
• Making decisions on eliminating or minimising those risks
• Making decisions on the adequacy of facilities for workers
• Proposing changes that may affect the health and safety of workers
• Making decisions about procedures for consulting with workers, resolving
health or safety issues, monitoring the health of workers and the conditions
at the workplace, and providing information and training for workers.

36. Technical specialist communications
When speaking with technical specialists, this may include persons who work at
your organisation and persons who work for other organisations and businesses.
It will include all the persons who provide you with specific expertise
Develop working relationships
Skills to build rapport include:
• Being friendly in communications
• Being socially and culturally appropriate
• Taking the time to remember details about the other person
• Having common ground
• Being prepared to take time to build a relationship
• Having empathy for others’ situations.
Question: 15

37. Select and document risk controls
5.1 – 5.2 Contribute to selecting risk controls for identified hazards based on the
risk assessment
The information in your risk assessments will form the basis for developing risk
controls. You should select risk control measures that are based on the nature of your
work, the working practices you follow, the equipment and processes you use, and the
skills and experience of employees. You should also consider factors such as time,
finances and workability.
Risk management requirements
To manage risks, it can help to identify the approach that is needed to do this. It allows
you to understand why risk controls will be required and helps to determine risk control
actions.
There are different approaches to manage risk, and these include:
 Risk avoidance
 Risk assumption
 Risk retention
 Risk transfer

38. Documenting risk controls
Risk controls can be documented in work records and plans. It will be important to
ensure that everyone has access to the information on the risk controls that are to be
used.
To help determine how risk controls will be implemented, a risk control plan should be
created. This will provide a focus for what needs to be done and when.
To develop a risk control plan, you should consider:
• Hazard identification measures
• Risk assessment methods
• All identified hazards and their associated risks
• How likely it is that hazards and risks will cause harm to employees and property
• Which risk control measures are affordable, workable and effective
• Short-term and long-term goals for reducing the potential harm of hazards
• Which employees should take responsibility for elements of the plan
• Methods of documentation
• Risk triggers
Question: 16

39. The hierarchy of risk controls
5.3 Contribute to developing risk controls according to the hierarchy of control
measures and WHS laws
The WHS hierarchy of risk controls (in order of preference):
• Level one – eliminate
• Level two – substitute
• Level three – reduce exposure
The hierarchy of risk controls are:
 Eliminating the hazard
 Substituting the hazard with a lesser risk
 Isolating the hazard
 Using engineering controls
 Using administrative controls
 Using personal protective equipment
Question: 17

40. Assist with implementing risk controls
5.4 Contribute to implementing risk controls and seek supervisory advice as
required by the circumstances
Question: 18
Assisting in implementation may include:
• Arranging resources for risk controls
• Speaking and liaising with other persons to organise and manage risk controls
• Producing communications and documentation
• Attending meetings to make risk control plans
• Advising workers and others about how to carry out risk controls
• Providing information on risk controls at WHS meetings and consultations
• Updating risk management records.
Seeking further advice
Advice may be sought:
• In person, such as a work meeting or informal work discussion
• In writing, such as an email or text message.

41. Support communication of information
5.5 Support communication of information on risk controls and actions to
required individuals and/or parties
Question: 19
Supporting others in communications on the chosen risk controls can take different
forms. You may only need to provide assistance in preparations, such as arranging
meetings or sending notifications or you may have a more prominent role to assist in
the delivery of information.
Communicating risk controls will include providing:
• Details about the controls and what they set out to do
• Information on the application of risk controls
• Instructions on how to carry out actions and maintain controls.
Your organisation must allow questions to be asked by its workers; they must be
given every opportunity to discuss and clarify their roles in relation to
implementing risk controls.

42. Evaluating implemented risk controls
6.1 – 6.2 Identify requirements for ensuring ongoing effectiveness of risk controls
You will need to identify the requirements for the ongoing effectiveness of risk controls.
This may include introducing a new control or adjusting existing controls.
You should evaluate implemented risk controls:
• At the outset of new projects
• Whenever there is a change in working practice
• Whenever there is a change or addition to the types of equipment, systems and
processes you use
• Whenever you move to new premises, or when new work areas are opened
• Whenever new chemicals or substances are introduced.
Remember, it is simply good practice to regularly evaluate your risk controls.
Set specific times to do so and be sure to conduct all evaluations thoroughly,
informing management at all times of the process and results of each
assessment.

43. Setting evaluation goals
Question: 20
To determine evaluation goals, your organisation will need to identify what is most
relevant and important in regards to its health and safety.
Goals should be SMART:
Specific – a clearly defined goal
Measurable – with clear dates and targets
Attainable – that is possible to achieve in the given time
Relevant – that will enable you to reach your goal
Time-bound – that is given a feasible timeline
Other measures to think of are:
 Establishing measures for evaluations
 Problem-solving

44. Risk monitoring plans
6.3 – 6.4 Document plan for monitoring effectiveness of risk controls according to
organisational policies and procedures
A plan sets out the agenda for maintaining work health and safety; it identifies:
• The activities that will be carried out
• The persons involved and responsibilities for monitoring and reporting
• The schedule and timelines for monitoring
A regular review process ensures that ineffective controls are quickly recognised and
improved upon and can include:
 Documenting the risk monitoring plan
 Communicating the risk monitoring plan
Question: 21

45. QUESTIONS