STP-guide to Risk Assessment 1.0

STP GUIDE TO RISK ASSESSMEN ASSESSMENTT 1.0

RISK ASSESSMENT Conducting risk assessments forms an important part of the STP Suppliers will be evaluated on their risk assessment as part of the ‘Key Criteria’ for each Pillar The same team/personnel should be used to conduct a risk assessment of all of the Criteria within a single Pillar, to ensure that risk prioritisation has been approached in the same way Where a Criteria is considered as ‘not applicable’ the risk assessment should be used to help

demonstrate why this may be the case

This guide details the 5 step process that should be used to carry out a risk assessment of Criteria within the STP:

1) Identify all risks that may arise from each Criteria, assuming no controls/remedial actions have been applied: Risks associated with each Criteria in each Pillar need to be included The Criteria and Guidance within each Criteria should be considered when identifying potential risks What are the hazards? Who or what might be affected and how?

2) Estimate the risks identified: Score the probability of the risk occurring, assuming no controls/remedial actions were in place, on a 1-5 scale Score the severity if the risk occurs, assuming no controls/remedial actions were in place, on a 1-5 scale

Probability: 5- Very Likely 4 – Likely 3 – Fairly Likely 2 – Unlikely 1 – Very unlikely

   Y    T    I    E    E    S    I    S    E    I

INCREASING PROBABILITY

Severity: 5 – Catastrophic 4 – Major 3 – Moderate 2 – Minor 1 – Insignificant

RISK ASSESSMENT 3) Evaluate the risks identified: Multiply together: Probability x Severity = Priority Score The priority score will enable a risk category to be identified (i.e. Unacceptable, Tolerable, Adequate, Acceptable), assuming that no controls/remedial actions were in place. Please note: while ‘Unacceptable’ and ‘Tolerable’ risks are referred to in the indicators under each Risk Assessment Criteria, the wording may be interchangeable, provided the same principle and the 5x5 matrix have been applied Describe the remedial actions for each risk (prioritised by probability and severity)

   Y    T    I    E    E    S    I    S    E    I

INCREASING PROBABILITY

4) Implement and record remedial actions: Make an individual accountable and set a deadline (remedial actions may be an ongoing process)

5) Review the assessment regularly and update if necessary. The Company should commit to review Risk Assessments annually or when a change occurs to ensure that they continue to effectively address all current and new issues – evidence of this commitment should be available Make sure all revisions of risk assessments are dated

RISK ASSESSMENT To ensure these 5 steps have been covered, a supplier may consider formatting their risk assessment in a tabulated format. An example of headings that should be included are detailed in the example below:  Assuming no controls/remedial actions were in place

The assessments below are examples only to explain the methodology: Example: F2.2 Dust in the Workplace Date of Risk Assessment: 07/06/16 Pillar

Facility

G.P

F2. Emissions in the Work Place

Criteria

F2.2 Dust in the Workplace

Date of Review: 07/12/16 Risk

Affected Parties

Probability

Severity

Risk Level

PPE is not used

Employees

4

5

20 UNACCEPTABLE 

Not complying with regulatory requirements

Business & Employees

4

5

20 UNACCEPTABLE 

Poor engineering causing dust exposure

Facility Engineers & Employees

3

4

12 TOLERABLE 

No dust capturing or suppression techniques

Facility Engineers & Employees

3

4

12 TOLERABLE 

Remedial Action

Target Completion

Responsible

Probability

Severity

Risk Level

Employee training on PPE use (monthly sessions)

Ongoing, every month

H&S Manager

1

5

5  ADEQUATE 

Implement improvements to meet regulatory requirements

1 week

Facility Manager

1

5

5  ADEQUATE 

Ongoing Engineering maintenance. All mechanical improvements selected to reduce dust emissions

6 months

Facility Manager

2

4

8  ADEQUATE 

Introduce water suppression practices & install dust extractors

3 months

H&S Manager

2

4

8  ADEQUATE 

 Assuming controls/remedial actions are in place

RISK ASSESSMENT  Assuming no controls/remedial actions were in place

Example: P2.1 Employment of Children on Farm Date of Risk Assessment: 07/06/16

Date of Review: 07/12/16

Pillar

G.P

Criteria

Risk

Affected Parties

Probability

Severity

Risk Level

People

P2. Child Labour on Farms

P2.1. Employment of Children on Farm

Farmers do not know the age of employees

Farmer, Children

4

5

20 UNACCEPTABLE 

Farmers are not aware of the law

Farmer, Children

4

5

20 UNACCEPTABLE 

Farmers are using child labour

Farmer, Children

4

5

20 UNACCEPTABLE

Remedial Action

Target Completion

Responsible

Probability

Severity

Risk Level

Age Verification – checking of employee ID

1 month

Field Technician

2

5

10 TOLERABLE 

Farmer Training

1 month

Field Technician

1

5

5  ADEQUATE 

Farmer Training, followed by Sanctions (if no improvement)

1 month (Training) 3 months (Sanctions)

Field Technician

1

5

5  ADEQUATE 

 Assuming controls/remedial actions are in place

In both of these examples, a supplier can demonstrate firstly what the risk would be if they were not applying any controls/ remedial actions, then how any remedial actions can be applied to reduce the risk level.