As an ISO Consultant, we deal with identifying risks and hazards with our clients when building their ISO Management Systems. During this phase, there are often questions about risk vs hazard and what the differences are.
As ISO certifications have evolved over time, it seems like the main emphasis of the newer standards is on identifying the risks and doesn’t focus on the hazards as much.
If you would like some support on identifying the risks and hazards within your organisation for ISO compliance, then contact our team of isologists today.
Risk vs Hazard
From an ISO consultancy perspective, it’s essential to distinguish clearly between hazards and risks, as the two are often confused. A hazard is anything with the inherent potential to cause harm, for example, a process, substance, activity, or condition. In contrast, risk reflects the likelihood that the harm will actually occur, combined with the severity of its potential impact.
When we work with clients, we help them not only identify hazards within their operations but also evaluate and prioritise the associated risks. This ensures resources are directed where they can make the most meaningful difference. Understanding this distinction underpins effective risk-based thinking, a core expectation across modern ISO management system standards.
ISO 45001 – More emphasis on Risk, rather than Hazard?
ISO 45001 is the Occupational Health and Safety Management; within this standard, risks and hazards are particularly prevalent. Following the update in 2018, this standard has more emphasis on risks than hazards. This can be seen as more proactive. The requirements and structure of ISO 45001 require risks to be evaluated and remedied, rather than being hazard control.
With the inclusion of identifying OH&S (and other) opportunities, addressing the need to act to enhance or improve the management system comes out of the risk identification, hazard identification and other activities within the organisation.
Risks in ISO Standards
Risk is ‘the effect of uncertainty’, and by reducing the effect of uncertainty, we will reduce our organisation’s risk exposure. ISO 45001 sets out to do this by requiring organisations to be clear on and understand:
- What they have to do (legal requirements).
- What they chose to do (other requirements).
- How they will do it (planning, support, and operations).
- It is being done (performance evaluation).
- How to do it better (Improvement).
Risk-based thinking starts at the very beginning, when organisations are considering their context, the relevant requirements of their interested parties and the scope that the OH&S management system is to cover. Considerations should be made for both internal and external issues, and the potential impact they can have on the systems and processes.
Internal Risk Examples
These originate within the organisation and are influenced by internal processes, culture, or resources. Examples include:
- Inadequate training or competence gaps leading to unsafe work practices.
- Poor safety culture, such as low incident reporting or weak leadership engagement.
- Ageing or poorly maintained equipment increasing the likelihood of failure.
- High staff turnover resulting in inexperienced workers on critical tasks.
- Ineffective communication causing misunderstandings about safety procedures.
- Process changes introduced without proper risk assessment.
External Risk Examples
These arise from outside the organisation and are often less directly controllable, but still need to be considered and assessed.
- Supply chain disruptions, impacting the availability of safe equipment or PPE.
- Changes in legislation requiring rapid adjustment to safety controls.
- Extreme weather events affecting site safety or access.
- Contractor performance issues, where third-party practices don’t meet required standards.
- Economic pressures, leading to reduced budgets for maintenance or safety improvements.
- Technological changes requiring new competencies or introducing new hazards.
When identifying external and internal issues, and needs and expectations of interested parties, there may be a risk source that will require assessment and action as required.
As with all risk-related areas, planning to address should be proportionate to the perceived level of risk identified and the objectives of the organisation.
Hazards in ISO Standards
Whilst considering all potential risks (to OH&S performance), focus should be on those hazards that are most likely to occur or have the most impact.
Hazard Examples include;
Physical Hazards
- Working at height (ladders, scaffolds, roofs)
- Moving or rotating machinery
- Noise, vibration, or extreme temperatures
- Slips, trips, and falls from poor housekeeping or wet floors
- Electrical hazards from damaged cables or faulty equipment
Chemical and Biological Hazards
- Exposure to hazardous substances, fumes, dusts, or solvents
- Poor storage, handling, or mixing of chemicals
- Bacteria, viruses, moulds, or other biological agents
- Contact with waste, bodily fluids, or contaminated materials
Other Hazards
- Excessive workloads, stress, bullying, or poor organisational culture
These examples support a thorough hazard identification process aligned with ISO 45001’s proactive, risk-based approach.
Reduction and/or prevention of undesired effects will help the organisation achieve its goals and objectives and continual improvement.
Risks and Hazards in ISO Certifications
Awareness of these sources of risk, which have the potential to occur or are known actual events and consequences, can lead to both risk and opportunity. Identifying and determining the risks and opportunities can support the organisation at both its strategic and operational levels.
Contact Blackmores today for more information.
Beyond certification, we take great pride in delivering ISO consultancy and support solutions. These solutions help our clients improve their productivity and profitability in a risk-controlled way.
We are your dedicated ISO consultants for all compliance matters from internal audits to updating Health, Safety and Environmental Legal compliance.
No matter what ISO certification you are hoping to achieve, we have a specialist ISO consultant ready to work with you and your organisation. Contact our team today to get started.
Our 7 Steps to Success
The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.
Whether you choose to work with one of our ISO Consultants, our isologists®, or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!
We have a proven step by step process that our ISO Consultants implement as soon as our working relationship begins. We use our specialist skills and industry knowledge to determine what is already on track and where improvements can be made. We live and breathe ISO standards, we know the standards inside out so you don’t have to.
Our ISO Consultants can help you implement systems for any ISO Standard. See the full list for specialised standards here.
What our clients have to say
We engaged Blackmores to develop our ISO 9001, 14001, and 45001 management system from scratch. Throughout the creation and development stages of our ISO journey, Anju Punetha demonstrated remarkable patience, knowledge, and understanding as our dedicated consultant.
During our internal audit preparations, Ian Battersby’s meticulous attention to detail and thorough approach ensured we were well-prepared for our external audit, which we passed with flying colours. His guidance during the external audit was invaluable.
Based on our engagement and experience, I highly recommend the entire Blackmores team. If you’re considering pursuing ISO accreditations, Blackmores should be your first choice.
Graeme Adam
The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.
Kalil Vandi
“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”
David Gibson
“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year. We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”
Mandy Welsby
“We have been extremely impressed with the service and support provided by Blackmores. There knowledge and assistance through out our ISO journey has been amazing!”
Philip Hannabuss
“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”
Phil Geens
“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”
Trusted by leading organisations across all sectors, we support companies of all sizes in any location.
Listen to our Podcast
Welcome to the ISO Show podcast, dispelling myths and sharing tips for success to improve your business with ISO Standards. Join us to hear interviews with successful business leaders as they share their ISO journey with you.
Get top tips via audio master classes “ISO Steps to Success” on the most popular ISO Standards.
