Risk Assessment And Management Policy Template for England and Wales

Generate a bespoke document

Trusted by 200k+ teams

4.7 Capterra
4.8 Product Hunt
4.6 Trustpilot

What is a Risk Assessment And Management Policy?

The Risk Assessment and Management Policy is essential for organizations operating under English and Welsh jurisdiction to meet their legal obligations and protect against various operational risks. This document is required under the Health and Safety at Work Act 1974 and subsequent regulations, providing a systematic approach to risk management. The policy outlines procedures for identifying hazards, assessing their impact, implementing control measures, and maintaining ongoing risk monitoring. It serves as a cornerstone document for organizational safety and compliance.

Reviewed by

Swetha Meenal

Legal Engineer, GenieAI

Swetha Meenal profile photo

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

Reviewed by

Imad Mohammed Nazar

Legal Engineer, GenieAI

Imad Mohammed Nazar profile photo

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

Jurisdiction

England and Wales

Publisher

GenieAI

Sector

Business

Cost

Free to use

Last updated

About the Risk Assessment And Management Policy

A Risk Assessment And Management Policy is a comprehensive document that establishes your organization's framework for identifying, evaluating, and controlling workplace hazards. This policy is not just good practice—it's a legal requirement that demonstrates your commitment to protecting employees, visitors, and contractors while ensuring compliance with England and Wales health and safety legislation.

When do you need this document?

You need a Risk Assessment And Management Policy if you employ five or more people, as required by the Management of Health and Safety at Work Regulations 1999. However, even smaller organizations benefit from having formal risk management procedures in place. This policy is essential when establishing new business premises, introducing new work processes, or following significant workplace incidents. Organizations working with hazardous substances, manual handling operations, or high-risk activities particularly need robust risk assessment frameworks. The policy also becomes crucial during regulatory inspections, insurance assessments, or when demonstrating corporate responsibility to stakeholders.

Key legal considerations

Your policy must address several critical legal requirements to ensure full compliance. The document should clearly define roles and responsibilities, ensuring that competent persons are appointed to conduct risk assessments as required by the Management Regulations. You must establish procedures for regular review and updating of risk assessments, particularly when work activities change or following accidents. The policy should integrate requirements from specific regulations such as COSHH for hazardous substances and Manual Handling Regulations for lifting operations. Additionally, you must consider the Corporate Manslaughter and Corporate Homicide Act 2007, which places criminal liability on organizations for gross breaches of duty resulting in death. Your policy should demonstrate that senior management takes active responsibility for risk management decisions and that adequate resources are allocated to risk control measures.

Legal requirements in England and Wales

Under the Health and Safety at Work etc. Act 1974, employers have a general duty to ensure the health, safety, and welfare of all employees so far as is reasonably practicable. The Management of Health and Safety at Work Regulations 1999 specifically mandate that employers must make suitable and sufficient assessments of workplace risks and implement necessary preventive and protective measures. Your policy must comply with the hierarchy of risk control, prioritizing elimination and reduction of risks at source before relying on personal protective equipment. For organizations handling hazardous substances, compliance with COSHH Regulations 2002 requires specific risk assessment procedures and exposure monitoring. The policy must also address consultation requirements with employees and their representatives, as well as provision of adequate information, instruction, and training. Documentation requirements under English and Welsh law specify that risk assessments must be recorded and made available to relevant authorities upon request.

GOVERNING LAW

Applicable law

This Risk Assessment And Management Policy is drafted to comply with England and Wales law. Key legislation includes:

Health and Safety at Work etc. Act 1974 (HSWA): The foundational legislation for workplace health and safety that sets general duties for employers, employees, and self-employed persons

Management of Health and Safety at Work Regulations 1999: Key regulations that specifically mandate risk assessments and detail requirements for risk management systems

Corporate Manslaughter and Corporate Homicide Act 2007: Legislation addressing criminal liability for organizations in cases of serious risk management failures leading to fatalities

Control of Substances Hazardous to Health Regulations 2002 (COSHH): Regulations governing the control and management of hazardous substances in the workplace

Manual Handling Operations Regulations 1992: Specific regulations addressing risks associated with lifting, carrying, and moving loads in the workplace

Display Screen Equipment Regulations 1992: Regulations covering health and safety requirements for work with display screen equipment

Personal Protective Equipment at Work Regulations 1992: Legislation governing the provision and use of personal protective equipment in the workplace

Regulatory Reform (Fire Safety) Order 2005: Regulations specifying fire safety requirements and risk assessments for non-domestic premises

Data Protection Act 2018 and UK GDPR: Legislation governing the handling and protection of personal data in risk assessments and general operations

Equality Act 2010: Legislation ensuring risk assessments and management practices do not discriminate against protected characteristics

Environmental Protection Act 1990: Legislation covering environmental risk considerations and management requirements

Companies Act 2006: Act defining directors' duties and responsibilities regarding risk management and corporate governance

HSE Guidelines: Official guidance and codes of practice from the Health and Safety Executive for implementing health and safety legislation

ISO 31000: International standard providing principles and guidelines for effective risk management practices

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it