Risk assessments

A risk assessment is a systematic review of what can go wrong in the workplace. Risk assessments are used to assess whether existing measures are good enough, or if the unit has to implement and carry out new measures to reduce the risk.

Norsk versjon - Risikovurdering

Topic page about HSE | Pages labelled with HSE | Pages labelled with risk assessment

Risk assessments and RiskManager

04.03.2020 - IMPORTANT INFORMATION:The HSE Section receives feedback on serious errors in RiskManager risk assessment. The errors are that data can be lost even if one has clicked "save" or navigated between tabs (where auto storage should take place).

The errors are of such a nature that until further notice we discourage the use of RiskManager risk assessment for new risk assessments.

Until we have found a solution, we recommend you to use Excel, paper forms or the like for risk assessment.

NTNU's digital system for risk assessments:

The line manager's responsibilities

The line manager must ensure that the unit conducts risk assessments. The line manager must be familiar with important risk factors. Based on the risk assessments, the line manager must ensure that plans of action are prepared and that measures are carried out to minimise the risk.

What should be risk assessed within health, safety and environment (HSE)?

Anything that can cause injury or damage to humans, equipment or the environment must be risk assessed. Remember that risks do not only include physical and immediate dangers. The most frequent causes of absences from work are ergonomic and psychosocial factors like muscle and skeleton pain, stress and conflicts. Based on this, risk assessments must also include these factors.

Which answers should a risk assessment provide?

  • What can go wrong (unwanted incident)?
  • How probable is it that it will go wrong?
  • Which are the consequences if it does go wrong?
  • Which measures are initiated? Should new measures be initiated?
  • Who are responsible for carrying out these measures, and how?

When should the risk assessment be conducted?

Tasks and work processes should be risk assessed:

  • before a new task or work process is initiated
  • if the task or work process is changed to the point where the risk is significantly changed
  • if the unit is buying new equipment that might cause injury or damage to humans, equipment or the environment
  • periodically, e.g. every other year

Areas that might belong in a risk assessment

The list of areas that might belong in a risk assessment is not complete. In each case, it is necessary to find out which laws and regulations that apply to different work processes.

Working at height

  • Is there any danger of falling from roofs, stairs, scaffolds, poles, etc.?
  • Can items fall down and hit someone?

Support material for risk assessment of work at height:

Fire and electrical safety

  • Is the electrical system in order? Bad cords?
  • Are there adequate emergency exits? Are the emergency exits open?
  • Is there any work with or storage of substances that represent fire or explosion hazards?
  • Are there any pressure systems, e.g. steam boilers, air bottles, etc.?
  • Is there a danger of dust explosions?

Support material for risk assessment of fire and electrical safety:


  • Is there any danger of acute back injuries?
  • Is there any danger of repetitive strain injury, stress-induced headaches, tendinitis, etc.?
  • Is there any danger of vibration injuries from tools?
  • Is there a high level of noise?
  • Is there adequate lighting for different tasks? (Remember that the need for proper lighting increases with age)
  • Is work performed in particularly low or high temperatures?

The working position, strain and the duration of the work is particularly important aspects for assessment. Decide whether to risk assess acute health effects and long-term effects. Consider ergonomic aspects related to work equipment before purchasing the equipment.

Support material for risk assessment of ergonomics:


Risk assessments of the inherent properties of chemicals and the use of individual chemicals should be performed in NTNU's substance database, ECO Archive.

Work processes where chemicals are used should be risk assessed in RiskManager:

  • Is there any danger of chemical squirts?
  • Is there any danger of skin damage: eczema, chemical burns, etc.?
  • Are some of the substances allergenic? Carcinogenic? Are there reproductive health hazards?
  • Are there any solvents involved?

Support material for risk assessment of work with chemicals:

Biological factors

The employer must assess the risk of exposure to biological factors for the employees. Danger of infection and other health risk factors must be assessed.

Reproductive hazards

The employer must assess whether occupational exposures can cause damage to the capacity to reproduce in employees. Chemical, physical, biological and psychosocial factors in the occupational environment may be reproductive hazards. Regulation on the performance of work § 7-1 with comments  (in Norwegian) provides a list of risks that must be assessed, particularly in the occupational environment of employees who are pregnant, have recently given birth or are breastfeeding.

Noise and vibrations

The employer must assess the risk of the employees being exposed to noise and mechanical vibrations that may cause health hazards. 

Radiation sources

Risk assessment of radiation sources must be ensured by academic supervisors


  • Is there any danger of cuts or crushing injuries?
  • Is there any danger of vehicles tipping over or running off the road?
  • Is there any danger of individuals being injured by machines, forklifts, etc.?

Support material for risk assessment of work with machines:

Psychosocial working environment

  • Are the deadlines, working hours, workload, etc. reasonable?
  • Do conflicts, victimisation, etc. occur, and are there procedures in place to manage this?
  • Can the employees affect their own working situation with regard to responsibility, tempo, contribution?
  • Is there any danger of being attacked or threatened?
  • Does anyone work alone, perhaps with responsibility for money or other values?
  • Does any work take place outside of regular working hours?

Sources of information

The following can be good sources of information for the risk assessment:

  • HSE nonconformities
  • HSE processes
  • Targeted medical examinations – Have any common features been identified in the results?
  • Medical absence statistics – Which are the most frequent reasons?
  • Working environment study – Which findings are made at the unit?
  • Safety data sheets / chemical and gas inventory – Which are the substance's health effects? How large are the quantities used? Are fume hoods / personal protective equipment used?
  • Occupation hygienic reports – How great is the exposure? Which health effects can be caused by this exposure?
  • Equipment user manuals – Can the use of equipment cause health effects and/or environmentally harmful effects?

Roles and read access

Roles in the risk assessment system

  • The person responsible for the risk assessment creates a new risk assessment and has full editing access to the risk assessment. They can also assign the following roles to applicable persons; "participant" and "reader".
  • Participants have full editing access to the risk assessment, and can assign/edit read and/or editing access to the risk assessment.
  • Readers only have read access to the risk assessment. They cannot edit the risk assessment, nor grant access to others.

Read access

  • All roles described above have read access to the applicable risk assessment.
  • The Dean, Head of Department, nonconformity system administrator and safety representative have read access to risk assessments belonging to their unit, e.g. faculty/department, incl. subordinate units.

Risk assessment system test area

If you want to test the risk assessment system without risk assessments being stored in NTNU's regular risk assessment system (production), a test area is available for this purpose. The test area enables you to test anything you want, and has the same functionalities as the regular system.

Test area login (in Norwegian)

You should be aware of the following when working in the test area:

  • You should not enter any risk assessments that you want to store.
  • Risk assessments cannot be copied from the test area to the regular risk assessment system.
  • E-mail alerts are deactivated – alerts are not sent like in the regular risk assessment system.
  • The system speed can be lower than in the regular risk assessment system.


Source of danger: Acts or circumstances that may lead to an unwanted incident 

Unwanted incident: Incident that may lead to the loss of values (life, health, material, environmental) 

Risk: The product of the probability and the consequence of an unwanted incident 

ProbabilityAn expression of the likelihood of the occurrence of an incident 

Consequence: The possible result of an unwanted incident 

Risk assessment: A process consisting of planning, mapping of risk, risk analysis and risk evaluation 

Mapping of risk: A process which gives an overview of activities in the business/in a room/in a work process that must be assessed, considering the risk of unwanted incidents 

Risk analysisA systematic way to describe and/or estimate risk, using values for probability and consequence 

Risk evaluation: A way to compare the described or estimated risk, using given criteria for acceptable risk 

Acceptable risk: A risk that may be accepted in a given context, based on specific criteria for the business and the society. Criteria for acceptable risk may be based on legislation, standards, experience and theoretical knowledge 

Remaining risk: The risk/risk level that is acceptable for the business, after the implementation of measures to reduce the risk as much as possible. Procedures for work must describe how to control the remaining risk   

Preliminary risk analysis: The method of risk assessment that we use at NTNU 

Safe work analysis: A short, systematic review and assessment of danger before starting an activity during which unwanted incidents may occur. The purpose is to assess if the safety is ensured by previous risk assessments and existing work procedures, or if complementary measures must be applied 

Plan of action: A list of measures that must be implemented to reduce risk, including a responsible person and a deadline for the measures 


NTNU regulations




Approved by the Director of HSE – 3 December 2013 – HMSRV2608E – ePhorte 2013/11326