Risk Assessment in SteadyOn
Risk assessment is the process of evaluating the likelihood and severity of harm from a hazard. SteadyOn uses a standard 5×5 risk matrix to calculate a risk level from two inputs: likelihood and consequence.
The risk matrix
Section titled “The risk matrix”SteadyOn uses a 5×5 matrix. The risk level is determined by the intersection of likelihood and consequence:
| Insignificant | Minor | Moderate | Major | Catastrophic | |
|---|---|---|---|---|---|
| Almost Certain | Medium | High | High | Very High | Very High |
| Likely | Low | Medium | High | High | Very High |
| Possible | Low | Medium | Medium | High | High |
| Unlikely | Low | Low | Medium | Medium | High |
| Rare | Low | Low | Low | Medium | Medium |
Likelihood definitions
Section titled “Likelihood definitions”| Rating | Meaning | Example |
|---|---|---|
| Almost Certain | Expected to happen — has happened before and will again | Daily manual handling task with poor technique |
| Likely | Will probably happen in most circumstances | Wet floor near a busy sink |
| Possible | Might happen sometime | Loose handrail on a seldom-used staircase |
| Unlikely | Could happen but not expected | Electrical fault in new, well-maintained equipment |
| Rare | May only occur in exceptional circumstances | Lightning strike at outdoor worksite |
Consequence definitions
Section titled “Consequence definitions”| Rating | Meaning | Example |
|---|---|---|
| Catastrophic | Death, permanent total disability | Fatal fall from height |
| Major | Permanent partial disability, long-term illness | Loss of finger, back injury requiring surgery |
| Moderate | Medical treatment, temporary disability | Sprained ankle, laceration needing stitches |
| Minor | First aid required | Bruise, small cut |
| Insignificant | No injury or negligible harm | Near-miss with no harm |
Risk level meanings
Section titled “Risk level meanings”| Level | Meaning | Action required |
|---|---|---|
| Very High | Unacceptable risk — immediate action required | Stop the work until controlled; notify management |
| High | Significant risk — priority action needed | Implement controls within days |
| Medium | Moderate risk — manage and monitor | Implement controls within weeks |
| Low | Acceptable risk with controls in place | Monitor; review at scheduled intervals |
Residual risk
Section titled “Residual risk”When you add control measures to a hazard, the risk changes. SteadyOn lets you record both:
- Initial risk — the risk before any controls are applied
- Residual risk — the risk that remains after controls are applied
For example, a Very High risk hazard might be reduced to Medium after engineering controls are installed. Recording both gives you a before/after picture and demonstrates that your controls are effective.
What risk assessment is NOT
Section titled “What risk assessment is NOT”Risk assessment is a tool to support decision-making, not a compliance checkbox. Common pitfalls to avoid:
- Rating everything as Low — if your register is full of Low risks, it loses credibility in an audit or investigation
- Copying from another organisation — your risk register should reflect your actual workplace
- Never reviewing — risks change when processes, staff, or equipment change. Set review dates and honour them
- Completing without worker input — workers often know the actual likelihood of harm better than managers. Include them in the assessment
A good risk assessment creates a shared understanding of what the real risks are in your workplace and what you are doing about them.
Legal context (NZ)
Section titled “Legal context (NZ)”Under the Health and Safety at Work Act 2015, you must manage risks so far as is reasonably practicable. “Reasonably practicable” is a legal test that weighs:
- The likelihood of the hazard resulting in harm
- The degree of harm that could result
- What the person concerned knows (or ought to know) about the hazard
- The availability and suitability of ways to eliminate or minimise the risk
- After assessing the above, the cost of eliminating or minimising the risk
SteadyOn’s risk matrix captures the first two factors. Your control measures capture the rest. Together, they build the documented case that you have met your duty of care.