Eskom Hira Procedure 32-520

Procedure
Title: Occupational Health & Safety Risk Document Identifier: 32-520

Assessment Procedure
Alternative Reference N/A

Number:
Area of Applicability: Eskom Holdings SOC

Limited
Functional Area: Occupational Health and

Safety
Revision: 2
Total Pages: 21
Next Review Date: January 2019
Disclosure Controlled Disclosure

Classification:
Compiled by Functional Responsibility Authorized by
Ntokozo Ngubane Kerseri Pather Steve Lennon

Senior Advisor General Manager Group Executive
Sustainability Systems Sustainability Division
Sustainability Systems
Date: Date: Date:
EDC TR formatted 16.01.2014 32-4

Rev 6 Document Template
Occupational Health & Safety Risk Assessment Procedure Unique Identifier: 32-520
Revision: 2
Page: 2 of 21
Content
Page
1. Introduction .................................................................................................................................................. 3
2. Supporting Clauses ..................................................................................................................................... 3
2.1 Scope ................................................................................................................................................. 3
2.1.1 Purpose .................................................................................................................................. 3
2.1.2 Applicability ............................................................................................................................ 3
2.2 Normative/Informative References..................................................................................................... 3
2.2.1 Normative ............................................................................................................................... 3
2.2.2 Informative ............................................................................................................................. 4
2.3 Definitions ........................................................................................................................................... 4
2.4 Abbreviations ...................................................................................................................................... 8
2.5 Roles and Responsibilities ................................................................................................................. 8
2.5.1 Group Executive (Strategy and Risk Management) .............................................................. 8
2.5.2 Responsible managers .......................................................................................................... 9
2.5.3 Project and contract managers .............................................................................................. 9
2.5.4 Sustainability Division ............................................................................................................ 9
2.5.5 On-site SHE personnel ........................................................................................................10
2.5.6 Joint ventures .......................................................................................................................10
2.6 Process for Monitoring .....................................................................................................................10
2.7 Related/Supporting Documents .......................................................................................................10
3. OCCUPATIONAL HEALTH AND SAFETY RISK ASSESSMENT PROCEDURE ....................................11
3.1 Types of Occupational Health and Safety Risk assessments..........................................................11
3.1.1 Baseline risk assessment ....................................................................................................11
3.1.2 Issue-based risk assessments .............................................................................................12
3.1.3 Continuous risk assessment ................................................................................................14
3.1.4 Health risk assessment (HRA) .............................................................................................14
4. Acceptance ................................................................................................................................................20
5. Revisions ...................................................................................................................................................20
6. Development Team ...................................................................................................................................21
7. Acknowledgements ...................................................................................................................................21
CONTROLLED DISCLOSURE
When downloaded from the document management system, this document is uncontrolled and the responsibility rests with the
user to ensure it is in line with the authorised version on the system.
No part of this document may be reproduced without the expressed consent of the copyright holder, Eskom Holdings SOC
Limited, Reg No 2002/015527/06.
Hard copy printed on: 2 July 2014
Occupational Health and Safety Risk Assessment Procedure Unique Identifier: 32-520
Revision: 2
Page: 3 of 21
1. Introduction
Eskom has adopted a value of Zero Harm. This requires all business to be conducted with respect
and care for people and the environment. Safety, health, environment, and quality (SHEQ)
management is an important part of all operations within Eskom and exists to prevent harm to both
people and the environment.
Occupational Health and Safety (OHS) risk assessment ensures that Eskom can identify, predict,
evaluate, and control the actual and potential impact it’s operations may have on the health, safety,
environment, socio-economic conditions, and cultural heritage of the country. The risk assessment
process allows for the risks, causes, and consequences to be identified and controlled. In turn, this
will minimise the negative impact and maximise the benefits of its activities. This promotes
compliance with legal requirements and the principles of occupational health and safety.
2. Supporting Clauses
2.1 Scope
2.1.1 Purpose
This document describes the mandatory processes, requirements, and advisory guidance for
managing occupational health and safety hazards and risks. The aim of this procedure is to
ensure and facilitate the effective management of hazards and risks.
Compliance with this procedure is mandatory in its area of applicability.
2.1.2 Applicability
This document shall apply throughout Eskom Holdings SOC Limited, its divisions, subsidiaries, and
entities in which Eskom has a controlling interest. In cases where Eskom does not have a
controlling interest, this procedure shall apply if no such similar document exists.
2.2 Normative/Informative References
Parties using this document shall apply the most recent edition of the documents listed in the
following paragraphs.
2.2.1 Normative
[1] 240- 49308149: Process Control Manual for Occupational Health and Safety Management
[2] 32-136: Contractor Health and Safety Requirements Standard
[3] 240-62582234: OHS Roles and Responsibilities and Statutory Appointments
[4] 32-391: Integrated Risk Management Frameworks and Standards
[5] 32-727: Safety, Health, Environment, and Quality (SHEQ) Policy
[6] 32-86: Enterprise Risk and Resilience Policy
[7] ISO 31000:2009: International Risk Management Standard
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 4 of 21
[8] ISO/IEC Guide 73:2009: Vocabulary for Risk Management

[9] MHS Act: Mine Health and Safety Act, Act 29 of 1996
[10] OHS Act: Occupational Health and Safety Act, Act 85 of 1993
[11] OHSAS 18001: Occupational Health and Safety Management Systems, Requirements.
2.2.2 Informative
[12] ISO 9001: Quality Management Systems.
2.3 Definitions
2.3.1 Assurance
Assurance is a process that provides confidence that objectives will be achieved with a tolerable
level of residual risk.
2.3.2 Communication and consultation
Continual or iterative process that an organisation conducts to provide, share, and/or obtain
information and to engage in dialogue with stakeholders regarding the management of risk.
2.3.3 Consequence
Outcome of an event/exposure affecting objectives.
2.3.4 Control
Measure that is modifying risk.

Note 1: controls include any process, policy, device, practice, or other actions which modify risk.
Note 2: controls may not always exert the intended or assumed modifying effect.
2.3.5 Control owner
Person nominated as accountable for the assurance of the control to ensure that both the design
and the operation of the control are effective. The names of control owners are recorded in risk
registers.
2.3.6 Event
Occurrence of, or change in, a particular set of circumstances.
2.3.7 Exposure
Extent to which an organisation is subjected to an event.
2.3.8 External context
External environment in which the organisation seeks to achieve its objectives.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 5 of 21
2.3.9 Frequency
Measure of the likelihood of an event, expressed as a number of events or outcomes per defined
unit of time.
2.3.10 Hazard
Potential source of harm.
2.3.11 Hazard identification
Process of finding, recognising, and describing hazards.
2.3.12 Internal context
Internal environment in which the organisation seeks to achieve its objectives.
2.3.13 Level of risk
Magnitude of a risk expressed in terms of the combination of consequences and their likelihood.
2.3.14 Likelihood
Chance of something happening.
2.3.15 Monitoring
Continuous checking, supervising, critically observing, or determining the status in order to identify
change from the required or expected level of performance.
2.3.16 Probability
Measure of the chance of occurrence expressed as a number between 0 and 1, where 0 is

impossibility, and 1 is absolute certainty.
2.3.17 Residual risk
Risk remaining after risk treatment.
2.3.18 Review
Activity undertaken to determine the suitability, adequacy, and effectiveness of the subject matter
to achieve established objectives.
2.3.19 Risk
Effect of uncertainty on objectives.

A risk with a negative consequence can be the result of human interaction with a hazard.
Note 1: an effect is a deviation from the expected – positive and/or negative.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 6 of 21
Note 2: objectives can have different aspects such as financial, health and safety, and
environmental goals and can apply at different levels such as strategic, organisation-wide, project,
and product and process levels.
Note 3: risk is often characterised by reference to potential events, a consequence or a
combination of these, and how they can affect the achievement of objectives.
Note 4: risk is often expressed in terms of a combination of the consequences of an event or a
change in circumstances and the associated likelihood of an occurrence of the risk.
2.3.20 Risk acceptance
Informed decision to take a particular risk.
2.3.21 Risk analysis
Process to comprehend the nature of risk and to determine the level of risk.
2.3.22 Risk assessment
Overall process of hazard and identification, risk analysis, and risk evaluation.
2.3.23 Risk evaluation
Process of comparing the results of the risk analysis to risk criteria to determine whether the level
of risk is acceptable or tolerable.
2.3.24 Risk management
Coordinated activities to direct and control an organisation with regard to risk.
2.3.25 Risk management framework
Set of components that provide the foundations and organisational arrangements for designing,
implementing, monitoring, reviewing, and continuously improving the risk management processes
throughout the organisation.
2.3.26 Risk management information system
The database operated by Eskom that holds all risk management information, including all risk
registers, risk treatment plans, and risk management plans.
2.3.27 Risk management plan
Document in the risk management framework, specifying the approach to, the management
elements of, and resources to be applied to, the management of risk.
2.3.28 Risk management process
Systematic application of management policies, procedures, and practices to the tasks of

communicating, consulting, establishing the context, identifying, analysing, evaluating, treating,
monitoring, and reviewing risk.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 7 of 21
2.3.29 Risk matrix
Tool for ranking and displaying risks by defining ranges for the consequences and likelihood.
2.3.30 Risk owner
Person with the accountability and authority for managing the risk and any associated risk
treatment. With regard to Occupational Health and Safety; and in line with the OHS Act,
designated 16.1 and 16.2 appointees have this accountability. This includes the Responsible
Manager as defined in 240-62582234.
2.3.31 Risk profile
Description of a set of risks.
2.3.32 Risk register
Record of information about identified risks.
2.3.33 Risk reporting
Form of communication intended for particular internal or external stakeholders to provide

information about the current state of risk and its management.
2.3.34 Risk sharing
Form of risk treatment involving the agreed distribution of risk with other parties.
2.3.35 Risk tolerance
Organisation’s readiness to bear the risk after risk treatment in order to achieve its objectives.
2.3.36 Risk treatment
Process of developing, selecting, and implementing measures to modify risk.
2.3.37 Stakeholders
The people and organisations that may affect, be affected by, or perceive themselves to be
affected by, a decision or activity.
2.3.38 Task owner
The person nominated as accountable for the completion of a risk treatment action.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 8 of 21
2.4 Abbreviations
Abbreviation Explanation
AIA Approved inspection authority
BU Business unit
CBRA Contractor baseline risk assessment
COID Act Compensation for Occupational Injuries and Diseases Act, 1993 (Act No. 130
of 1993)
HAZOP Hazards of operations
HRA Health risk assessment
IRM Integrated risk management
LTIR Lost-time injury rate
OHS Occupational health and safety
OHS Act Occupational Health and Safety Act 85 of 1993
OHS RAWG Occupational Health and Safety Risk Assessment Working Group
OHSSC Occupational Health and Safety Steering Committee
ORHVS Operating Regulations for High Voltage Systems
OU Operating unit
PSR Plant Safety Regulations
RACI Responsible, accountable, consulted, and informed
SHE Safety, health, and environment
SHEQ Safety, health, environmental, and quality
SMAT Safety management audit technique
2.5 Roles and Responsibilities
Eskom and its subsidiaries shall take all reasonably practicable steps to manage risks to an
acceptable level.
2.5.1 Group Executive (Strategy and Risk Management)
The Group Executive (Strategy and Risk Management) is accountable for the overall direction and
function of Eskom’s risk management programme and reports back directly to the Holdings Board,
through the Board Risk Management Committee.
The Risk and Resilience Strategic Function has developed a common Eskom Enterprise Risk &
Resilience framework, supported by appropriate methodologies, one common language, and an
executive sponsor (GE – Strategy and Risk Management).
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 9 of 21
2.5.2 Responsible managers
The Responsible managers of the various operating units, service functions, and strategic
functions in Eskom are responsible for, and committed to, the implementation of the OHS risk
management standards; including the Occupational Health and Safety Risk Assessment
Procedure. These aspects include coordinating the risk management strategy, ensuring
compliance with these standards, and the planning and implementation of the procedure in their
operating units, service functions, and strategic functions, as well as projects.
Responsible managers are responsible for the development of baseline OHS risk assessments
and all other associated risk assessments for all activities and processes in their operating units,
the implementation of risk treatment plans, and for ensuring that risk registers are kept up to date.
The Responsible managers are accountable for the monitoring and reviewing of OHS risks, for the
assurance of controls, and for the completion of risk treatment tasks.
Risk owners (16.1 and 16.2 appointees and those delegated with authority, for example,
OU/BU responsible managers) are responsible for ensuring that the assessment of that risk is up
to date and is properly recorded in risk registers.
Control owners should ensure that appropriate and periodic assurance takes place to check
that the controls on which the organisation relies are in place, are effective, and cannot be cost-
effectively improved.
Task owners will have treatment actions to complete by an agreed date. Of course, these
tasks can be delegated, but the accountable manager will remain fully responsible for their
completion.
2.5.3 Project and contract managers
Project managers and contract managers are responsible for ensuring that OHS risk assessments
are conducted during the design phases of the project and for ensuring that baseline risk
assessments are conducted for all project and construction activities in their operating units.
Project managers should ensure that all contractors working on the projects are informed of, and
comply with, Eskom’s risk assessment requirements prior to the commencement of construction as
well as during construction.
2.5.4 Sustainability Division
Sustainability Division’s Sustainability Systems and Climate Change Department is responsible for
providing support to divisions in terms of the interpretation and understanding of the legal and
procedural requirements of this procedure.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 10 of 21
2.5.5 On-site SHE personnel
SHE personnel on site are responsible for providing support within their operating units, service
functions, and strategic functions in terms of the interpretation and understanding of the
requirements of this procedure for their specific processes and activities. They will have to ensure
assurance through the periodic verification of control measures and their effectiveness. SHE
personnel are also responsible for assisting and supporting Responsible managers in fulfilling their
duties by providing necessary advice, expertise, and administrative support where required and
agreed to by both parties.
2.5.6 Joint ventures
There may be occasions when Eskom and other organisations combine resources to carry out a
joint venture. Unless otherwise stipulated, where the work is to be managed jointly with a joint-
venture partner, the requirements imposed on the responsible manager in this procedure will also
apply to the joint venture and will also be indicated in the memorandum of understanding as such,
unless the joint venture contractual agreement specifies, in writing, the health and safety
arrangements as required in terms of section 37.2 (if applicable) of the OHS Act.
2.6 Process for Monitoring
The Occupational Hygiene and Safety Steering Committee(OHSSC) and Occupational Health and
Safety Risk Assessment Workgroup members are responsible for providing guidance on the risk
management process. Responsible managers and OHS personnel are responsible for the day-to-
day coordination of risk management activities and information sharing between operating unit,
service, and strategic functions.
Compliance with the requirements of this procedure has to be reviewed internally by the operating
unit, service function, and/or strategic function at least annually as part of an internal review
process.
Records shall be audited by the Assurance and Forensic Department or any person appointed on
its behalf at planned intervals. The focus areas of such monitoring process will include training in
OHS risk assessment, previous risk assessment reviews, general adherence to the OHS risk
assessment process, and determining the adequacy of risk assessment.
2.7 Related/Supporting Documents
240-70044602 Occupational health and safety risks assessment template.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 11 of 21
3. OCCUPATIONAL HEALTH AND SAFETY RISK ASSESSMENT PROCEDURE
3.1 Types of Occupational Health and Safety Risk assessments
3.1.1 Baseline risk assessment
Baseline risk assessment refers to the OHS hazards and risks that are identified and
assessed before the inception of a new project and commencement of operations. The
baseline risk assessment shall include both routine and non-routine tasks.
The output of baseline risk assessments is a set of OHS risk profiles, per operation and/or
process and/or activity, which is used to prioritise action programmes.
The OHS baseline risk assessments template 240-70044602 shall be the tool used to
perform baseline risk assessments within Eskom Holdings.
a) Project baseline risk assessments
i. Client risk assessment
- The OHS Act, Construction Regulations 5.1, and Mine Health and Safety Act
(section 11) require the client to provide the principal contractor or his or her agent
with any information that might affect their health and safety while performing work
on behalf of the client.
- The baseline risk assessment should be submitted as part of the tender documents
or during negotiations, so that the potential contractor can make provision for the
cost of health and safety measures during construction.
- A multidisciplinary risk assessment needs to be performed during the planning or
design phase of the project, so as to eliminate hazards and implement OHS
engineering controls before the project is executed amongst other controls that will
enhance our ability to achieve the desired objectives.
- Baseline risk assessments should take into consideration hazards and risks that
could have an impact beyond the site borders as well as external factors that could
affect the health and well-being of persons on site and employees off site (for
example, roads).
- The baseline risk assessment must be periodically reviewed based on, for example,
project life-cycle changes, incident trend analysis or changes to scope of work, and
newly introduced risks due to residual risks.
ii. Contractor baseline risk assessment (CBRA)
- The contractor shall, based on the client risk assessment, develop a baseline risk
assessment for all planned activities, which shall form part of the OHS plan
submitted to the client.
- The contractor baseline risk assessment will be an essential consideration during
the tender evaluation/ adjudication/negotiation and/or clarification processes prior to
contract award.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 12 of 21
- A contractor baseline risk assessment must be carried out for all planned project
elements/activities/tasks regardless of the frequency and duration with which those
tasks are expected to be carried out.
- The contractor baseline risk assessment must be periodically reviewed based on,
for example, changes to scope of work, changes to work
methods/procedures/equipment, organisational changes (including personnel),
incident trend analysis, or new/revised technology.
- The CBRA shall be submitted to the client at the agreed times.
b) Baseline risk assessments for routine tasks
- Baseline risk assessments need to be developed for routine activities that the
business performs on a daily basis. These will assist the business in developing
treatment measures such as standard operating procedures or work instructions to
reduce the hazards and risk attached to these activities.
- Occupational exposures with potential health effects must be identified, assessed,
documented, treated, and communicated.
- The hazards and control measures from this baseline risk assessment shall be
communicated to all affected employees, so as to inform them of hazards attached
to the work they are to perform.
- The hazards identified from this baseline shall be incorporated in employee man-job
specifications, so that proper medicals can be conducted.
- This baseline risk assessment shall be reviewed periodically based on, for example,
changes in the scope of work, new technology, etc.
3.1.2 Issue-based risk assessments
Although most standard activities should already be covered by a baseline risk

assessment, the circumstances surrounding the activities may vary from day to day;
therefore, each task or activity needs to be assessed and analysed before work starts.
Issue-based risk assessment can also be conducted for a specific hazard, for example, fire
risk assessment.
All relevant stakeholders need to be involved when an issue-based risk assessment is
conducted.
Issue-based risk assessment looks at assessing the risks attached to each activity and
hazard; for instance, if chemicals were identified as part of the baseline risk assessment,
the task-specific risk assessment needs to assess and analyse each chemical individually.
If there is no baseline risk assessment, the issue-based risk assessment must cover all
aspects of the job, the core activity, as well as circumstances.
Issue-based risk assessment needs to be performed prior to every activity or task, and it
shall be informed by the baseline risk assessment.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 13 of 21
The issue-based risk assessment is essential for the development/review of SOPs/SWPs,

method statements, emergency plans, and so forth, as it addresses work-specific hazards
and risks.
On construction projects, the contractor shall conduct the issue-based risk assessments
and submit them to the client prior to the commencement of work.
The client shall sign acknowledgement that risk assessments have been reviewed;
however, this does not absolve the contractor of his/her duties in terms of the OHS Act.
a) Pre-task (daily) risk assessment
- As part of the issue-based risk assessment, there is a requirement that a pre-
task risk assessment be conducted before any task, as circumstances may
change, for example, the weather and site location.
- The pre-task risk assessment is also required as part of the work permit,
required by the Life-saving Rules, ORHVS, and PSR.
- The pre-task risk assessment shall be completed as part of the pre-job
planning processes by the responsible and authorised person(s), together with
all the people who will perform the task.
- The pre-task risk assessment shall be conducted at the location where the
activity takes place to ensure that all circumstances can be evaluated properly.
- All people who participate in the activity must be trained on the contents of the
risk assessment to ensure that they understand the hazards associated with
the task.
- A qualitative, simple checklist method is advisable for a pre-task risk
assessment, as staff at all levels in the organisation should be able to perform
this task with quality. As a minimum, the checklist should consider the
following areas:
o Work area
o Unsafe conditions
o Environmental conditions
o Health conditions
o Condition of PPE, tools, and equipment
o Ergonomics risks
o Personal risks
o Emergency response risks
o Work permit (ORHVS, PSR)
- When circumstances change during the course of the activity, activities must
be stopped, and risk assessments must be again updated and discussed with
all involved in the task.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 14 of 21
3.1.3 Continuous risk assessment
Occupational health and safety risk assessments should take place continuously, as an integral
part of day-to-day health and safety management. This form of risk assessment is an important
tool for ensuring the reduction of OHS hazards and risks in the workplace, as it addresses day-to-
day changes in the activity.
It is the duty of all supervisors to ensure that effective continuous risk assessment actually takes
place in the workplace. The employer must ensure that all employees are competent to perform
continuous risk assessments.
3.1.4 Health risk assessment (HRA)
The health risk assessment shall be conducted for all activities, and the process shall be led by
Occupational Hygiene (OH) professionals.
The HRA shall consider, but not be limited to, the type, health effects, physical form, and route of
entry of the stressor(s), exposure patterns, and the effectiveness of the existing controls.
The outcome of the HRA shall inform the OH monitoring programme, medical surveillance
programme, training, and PPE matrix.
3.2. Occupational Health and Safety Risk Assessment Process

Note: before conducting risk assessments, proper planning and preparation shall be done.
3.2.1. Communication and consultation
Conduct a stakeholder analysis to define the relevant stakeholders, their roles, and
communication needs.
Identify who is exposed to risks, who is responsible and accountable for the management
of risk (risk owner), who needs to be included in the risk analysis process, and who needs
to be consulted and informed.
Communicate information on OHS risks to management, the employees, and other
affected stakeholders.
3.2.2. Hazard identification and context setting
Determine the scope, purpose, or objective of risk assessment.
List all the activities that are to be performed by the business, taking into account third-
party stakeholders such as the community.
Identify hazards or stress factors that have an impact on the health and safety of
employees, the environment, and third-party stakeholders. Note: hazards are generally
tangible and can be seen, heard, felt, measured, smelt, or determined through the use of
one’s senses.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 15 of 21
Classify the OHS hazards into one of these broad areas (but not limited to them):
o Physical, for example, light, heat and cold, or vibration
o Chemical, for example, hazardous substances, poisons, vapours, or dust
o Biological, for example, plants, bacteria, parasites, or viruses
o Mechanical/electrical, for example, working from heights or plant and
equipment
o Ergonomic, for example, posture, weight, or repetition
o Psychological, for example, stress, boring/repetitive work, or
violence/aggression
3.2.3. Risk identification
Identify risks attached to listed hazards, and list the implications and causes of such risks.
Describe the risks in terms of an event, changes in a situation, circumstances, and how
these lead to consequences.
Record the identified risks in the risk registers, with the following information:
o A description of the risk, its possible cause, and consequence
o The risk owner (typically a responsible manager)
o The risk category (safety or health)
3.2.4. Assess and Analyse risk
This is a step where risks are analysed in order to determine the effectiveness of existing
control measures and implement further control measures to minimise the consequences
of those risks for the health and safety of employees and the environment.
Both qualitative and quantitative techniques can be used to assess and analyse risks, for
example, qualitative incident investigation reports or quantitative data/measurements.
3.2.4.1. Determine existing controls
- Through walk-throughs, inspections, records, interviews, and observations, existing
controls are recorded.
- Controls will include systematic controls and elimination, engineering,
administrative, or personal protective equipment controls.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 16 of 21
3.2.4.2. Determine consequence rating

When determining the consequences of the risk, take into account existing controls and their
adequacy and effectiveness.
Consequence Description
rating
Health and safety
6 Multiple fatalities
5 Fatality or life-threatening health effects
4 Lost-time injury; Irreversible health effects/occupational disease with

permanent consequence
3 Medical treatment case; occupational disease with reversible/non-

permanent effect
2 First-aid treatment case and temporary discomfort case
1 No injuries or health effects (near misses)
3.2.4.3. Determine likelihood rating of risk

The likelihood considers the probability that the consequences will be experienced will occur as
well as the frequency of exposure to the hazard.
This is determined by using the likelihood table below:
Score Descriptor Safety Occupational hygiene
Exposure Probability of
exceeding OEL
1 Highly < 5% probability, or Rare (once a No exposure (or

unlikely year) exposure < 10% of
occurrence requires
OEL)
exceptional
circumstances, or
exceptionally unlikely,
even in the long-term
future, or
only occurs as a “100-
year event”
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 17 of 21
2 Unlikely > 5% probability, or

Short periods of Low exposure (<
time, a few times 50% of OEL)
may occur, but not
per day/
anticipated, or
intermittent
occur in “years to (once in six
decades” months, three
could months, or a
month)
3 Possible > 20% probability, or Continuous for Moderate exposure

between one and (chronic exposure >
may occur shortly, but
two hours (often/ 50% of OEL or acute
a distinct probability it
weekly) exposure ≥ OEL)
will not, or
could occur within
“months to year(s)”
4 Likely > 50% probability, or Continuous for High exposure

between two and (chronic exposure >
balance of probability
four hours OEL, or exposure
it will occur, or
(frequent/daily) exceeding OEL-
could occur within STEL)
“weeks to months”
5 Unavoidable 99% probability, or Continuous for Very high exposure

eight-hour shift (chronic exposure >
impact is occurring
2 x OEL or exposure
now, or
exceeding OEL-C)
could occur within
“days to weeks”
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 18 of 21
3.2.4.4. Determine risk rating

Plot the consequence and the likelihood on the risk matrix below to determine the risk priority level.
6 III II I I I
5 III II II I I
4 IV III II I I
3 IV III II II I
Consequences
2 IV IV III II II
1 IV IV III III III
1 2 3 4 5
Likelihood
3.2.5. Evaluate risk

Rank the risks in different categories based on the level of risk that has been determined
as well as the effectiveness of the current risk controls, that is, very high, high, medium, or
low, using the qualitative method below:
Priority Risk Action required

ranking
I Very Immediate action required

high
II High Strong mandatory action

required
III Medium Action required, possibly

at administrative level
IV Low Minor or no action

required
Test the identified risk against safe limits, internal requirements, and external requirements,
including legislation and other requirements, limits and conditions of authorisations issued
for that activity, and any other possible requirements to ascertain whether the risk exists or
not.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 19 of 21
Depending on the risk ranking, determine the degree of control and tolerance against the
defined limits.
Determine whether the risk is acceptable; if acceptable, no further assessment is required.
3.2.6. Eliminate and reduce risk
Develop a risk management strategy to treat the impact, consequence and/or
likelihood/exposure of assessed risks.
Establish the actions to be taken, where the highest-order type of preventive measure will
be the most effective and sustainable, using the hierarchy of control.
Different approaches can be taken that are aligned with the agreed risk-tolerance level.
Consider treatment/ hierarchy of control measures in terms of the following priorities:
o Risk elimination or avoidance totally removing the risk.
o Risk reduction: involves methods that minimise either the impact or the
likelihood of a risk, or a combination of both.
o Risk sharing/transfer: means causing another party to accept the risk fully, for
example, by transferring the risk to a contractor who is better equipped to
deal with the risk.
o Risk tolerance or risk retention: involves accepting the risk as it occurs. This
is a viable option for minor risks where the total “cost” of treatment exceeds
the expected benefits in terms of loss reduction.
3.2.7. Monitor risk
On a continuous basis, review/re-analyse the identified risks and control measures at
intervals determined by the applicable legislative requirements or if there is a change in the
risk.
Where a frequency of review is not prescribed by specific regulations or standards, the risk
assessment shall be reviewed every two years.
3.2.8. Report risk
Document all assessment results irrespective of the risk rating.
Risk assessments shall be discussed with all employees, and implementation of control
measures is to be supervised.
The risk assessment shall be reported to all affected stakeholders to ensure that corrective
measures are implemented.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 20 of 21
3.3. Training and Support

A major component of implementation is the awareness and training of all staff members in the
OHS risk management processes in Eskom. Divisions and projects should have a training plan
that covers the following:
Awareness briefings for all staff members
Training for OHS personnel, line managers, project managers, and contractor managers in the
principles of OHS risk management, line management responsibilities, and the use of risk
assessment tools.
4. Acceptance
This document has been seen and accepted by:
Name Designation
Alex Stramrood Senior Manager OHS (Operational)
Jace Naidoo Senior Manager OHS (Contractor and Skills Development)

Occupational Health Safety Steering Committee
Distribution SHEQS Managers Committee
Generation SHE Managers Forum
5. Revisions
Date Rev. Compiler Remarks

September 2009 0 Sandile Seme New procedure
August 2011 1 Pulane Raophala This document was compiled to
address the PCM in line with the
objectives of the Back to Basics
project. Changes to the document
include alignment with the mapped
business process.
January 2014 2 Ntokozo Ngubane The document was due for revision
and was developed to standardise the
OHS risk assessment processes in
Eskom and to align them with IRM.
Limited, Reg No 2002/015527/06.
Revision: 2
Page: 21 of 21
6. Development Team
The following people were involved in the development of this document:
• Ntokozo Ngubane
• Pulane Raophala
• Fiona Moletsane
• Linda Maqashalala
• Kgosi Modiole
• Dave Seleme
• Eric Mohlodine
• Thulani Cekwani
• Xolile Myoyo
• Punky Mhlongo
• Mathula Thulare
7. Acknowledgements
• Lwazi Mbhele
• Mxolisi Thanjekwayo
• Keith Rodseth
• Phindi Shabalala.
Limited, Reg No 2002/015527/06.

Eskom Hira Procedure 32-520

Uploaded by

Copyright:

Available Formats

Eskom Hira Procedure 32-520

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Eskom Hira Procedure 32-520

Uploaded by

Copyright:

Available Formats

Procedure

Title: Occupational Health & Safety Risk Document Identifier: 32-520

Alternative Reference N/A

Area of Applicability: Eskom Holdings SOC

Functional Area: Occupational Health and

Next Review Date: January 2019

Disclosure Controlled Disclosure

Compiled by Functional Responsibility Authorized by

Ntokozo Ngubane Kerseri Pather Steve Lennon

Date: Date: Date:

EDC TR formatted 16.01.2014 32-4

2.2 Normative/Informative References

[8] ISO/IEC Guide 73:2009: Vocabulary for Risk Management

[12] ISO 9001: Quality Management Systems.

2.3.2 Communication and consultation

Outcome of an event/exposure affecting objectives.

Measure that is modifying risk.

2.3.5 Control owner

Occurrence of, or change in, a particular set of circumstances.

Extent to which an organisation is subjected to an event.

2.3.8 External context

External environment in which the organisation seeks to achieve its objectives.

Potential source of harm.

2.3.11 Hazard identification

Process of finding, recognising, and describing hazards.

2.3.12 Internal context

Internal environment in which the organisation seeks to achieve its objectives.

2.3.13 Level of risk

Chance of something happening.

Measure of the chance of occurrence expressed as a number between 0 and 1, where 0 is

2.3.17 Residual risk

Risk remaining after risk treatment.

Effect of uncertainty on objectives.

2.3.20 Risk acceptance

Informed decision to take a particular risk.

2.3.21 Risk analysis

2.3.22 Risk assessment

2.3.23 Risk evaluation

2.3.24 Risk management

Coordinated activities to direct and control an organisation with regard to risk.

2.3.25 Risk management framework

2.3.26 Risk management information system

2.3.27 Risk management plan

2.3.28 Risk management process

Systematic application of management policies, procedures, and practices to the tasks of

2.3.29 Risk matrix

2.3.30 Risk owner

2.3.31 Risk profile

Description of a set of risks.

2.3.32 Risk register

Record of information about identified risks.

2.3.33 Risk reporting

Form of communication intended for particular internal or external stakeholders to provide

2.3.34 Risk sharing

2.3.35 Risk tolerance

2.3.36 Risk treatment

Process of developing, selecting, and implementing measures to modify risk.

2.3.38 Task owner

2.5 Roles and Responsibilities