What is the process of hazard analysis

Risk assessment, risk analysis and risk assessment

The manufacturer of a machine may only bring it into circulation in the EU if he has anticipated and minimized as far as possible all hazards and health consequences that may arise during operation of the machine. This identification, analysis and evaluation of risks has been the duty of the manufacturer for decades and the basis for the steps derived from it to protect machine operators and other people. The procedure, formerly also known as hazard analysis, comprises a multi-stage process for which the terms risk assessment, consisting of risk analysis and risk assessment, have become established.

Legal basis of the risk assessment

The obligation of the machine manufacturer to carry out a risk assessment is based on the European Machinery Directive 2006/42 / EC. It is implemented in national law with the 9th Ordinance on the Equipment and Product Safety Act (Machinery Ordinance). These legal texts explicitly provide for a risk assessment as to how this should be structured in detail, but remains open.

The body of standards is more relevant for the designer's practice. Since 2010, the EN ISO 12100 "Safety of machines - general design principles for risk assessment and risk reduction". It combines the previously relevant standards EN ISO 12100-1: 2003, EN ISO 12100-2: 2003 and EN ISO 14121-1: 2007 in a single document. EN ISO 12100 is a type A machine safety standard (basic safety standard). It not only defines the terminology and thus the use of technical terms, but also deals with the basic requirements for risk assessment and risk reduction for machines.

Graphic: Risk assessment - guidelines and standards

Directives as the legal basis, standards for orientation

Many other standards are used in the risk assessment process, depending on the product or machine type. For example, EN ISO 13849-1 provides recommendations for risk reduction for safety-related controls and protective devices on machines. Part 2 of DIN ISO / TR 14121 "Safety of machines - risk assessment" describes some of the methods and instruments for the individual process steps of a risk assessment with examples. The standard also provides instructions for risk assessment for machines, including process examples, which conform to the requirements of EN ISO 12100.

No CE marking without a risk assessment

In machine safety law, the risk analysis and assessment procedure is integrated into the higher-level conformity assessment procedure. The risk assessment is therefore a central element in the CE process. Without a risk analysis and risk assessment, neither a legally binding declaration of conformity is possible, nor is a CE mark permitted.

The objectives of the risk assessment

The aim of a risk assessment is always to determine and implement all safety and health protection requirements for the product or machine. For this it is necessary

  • determine the hazards and health risks emanating from the machine,
  • determine safe conditions of use and limits of use of the machine,
  • to find the optimal protective measures and
  • to define all residual risks for the machine operator or other people that cannot be eliminated by design.

This process should by no means be understood as a step that between Construction and placing on the market would be. On the contrary; the risk assessment should systematically and from the first planning be integrated into all development processes. This means that the risk assessment already starts in front of construction.

The risk assessment process

According to EN ISO 12100, a risk assessment is carried out in the following steps:

  • Define usage limits (Section 5.3)
  • Identify hazards (Section 5.4)
  • Assess risk (Section 5.5)
  • Assess the risk (Section 5.6) and
  • if necessary ensure a risk reduction (section 6).

Graphic: Risk assessment process

Steps of risk assessment according to EN ISO 12100

The manufacturer first determines the guidelines under which the planned machine falls. In addition to the machinery directive, this can also be other European directives, e.g. the EMC directive. This shows which standards and guidelines apply to the machine.

It is crucial that not only consider the obvious risk of accidents and injuries on a machine, but also all kinds of hazards identified, such as mechanical, thermal or electrical hazards. The further procedure must for each hazard separately respectively. The process is always the same:

  1. First will be a constructive solution sought that would avoid the identified hazard.
  2. If there is no constructive solution in sight, the planning of the construction is changed technical protective measures expanded.
  3. If this is not possible either, the user will be contacted via a Labelling with warning symbols and notices as well as in the operating instructions about those that are still available Residual risks informed.

Graphic: process of risk reduction

Risk reduction in three stages

This means that the designer can come up with different solutions for different types of hazard. The noise hazard may lead to a decision in favor of encapsulation, a mechanical hazard - such as the risk of being crushed by moving machine parts - may be minimized by a protective grille, while an electrical hazard due to incorrect connection or insufficient grounding must be pointed out in the operating instructions.


Process of risk assessment, risk analysis and risk reduction according to EN ISO 12100 (Image source: WEKA Business Portal, comments on the Machinery Directive, author: Jürgen Bialek)

A complete Evidence documentation for risk assessment includes not only the operating instructions, but also all documents used to assess the risks such as measurement data, test reports, circuit diagrams or detailed drawings. In contrast to the operating instructions, there is no obligation for the entire verification documentation to be made available to the customer or operator of the machine.

Note: The risk assessment is an essential basis for operating instructions. However, carrying out and creating a risk assessment is not the job of a technical writer.

Risk and the human factor

A simplified but well-established definition of the term risk, especially in technical contexts, is: Risk is the product of the probability of occurrence and the extent of damage. When assessing risks, there are already two different aspects for the designer: the degree of danger in terms of the severity of an injury or the health relevance of a machine emission as well as the assessment of the frequency with which a hazardous situation occurs.

Graphic: Classic risk definition

Risk = amount of damage x probability of occurrence

Despite all the rules, guidelines and standards, the legal requirements for these assessments reach their limits and the designer is required with all his experience, statistical knowledge and, last but not least, common sense. Because not every hazard aspect and every risk can be defined using limit values ​​or looked up in tables. At the machine-human interface, even with perfect safety technology, the human factor will always be a risk factor that can never be fully mapped.

Risk analysis, risk assessment, risk assessment ... This is how you differentiate the technical terms

According to DIN EN ISO 12100, the risk assessment comprises the following steps - as already indicated above:

  • Establishing the limits of use of the machine
  • Determination of the existing hazards
  • Assess the risks posed by the machine
  • Assess the risks
  • Minimizing the risks

The first three steps are also summarized as a risk analysis. The following figure shows the entire process schematically.

The process for risk reduction according to EN ISO 12100
(Image source: WEKA Business Portal, comments on the Machinery Directive, author: Jürgen Bialek)

The application limits concern spatial and temporal limits when using a machine (e.g. the service life of wear parts), the environmental parameters (e.g. temperature or outdoor use) and the use of the machine by the operator. This aspect is described in terms such as “reasonably foreseeable”, “intended use” or “foreseeable misuse” of a machine or other product.

Note the distinction between evaluation and assessment and use these terms as precisely as possible to avoid misunderstandings. According to EN ISO 12100, the risk assessment determines the probable extent of damage and the probability of its occurrence. The subsequent risk assessment is about assessing whether a risk is acceptable or whether the goals of the last step, risk reduction, have been achieved. The following overview summarizes the terminology.

risk assessmentDetermination of the likely extent of damage and the likelihood of its occurrence
Risk analysisCombination of defining the limits of the machine, identification of the hazards and risk assessment
Risk assessmentAssessment based on the risk analysis as to whether the objectives for risk reduction have been achieved
Risk assessmentThe entirety of the process, which includes a risk analysis and risk assessment
Protective measureMeans to reduce the risk
Intended UseUse of a machine in accordance with the information provided in the user information

Extract from the overview of standardized terms (Source: Chapter "Risk assessment according to EN ISO 12100: 2011-03 Section 5" of the work "sP Machinery Directive", author: Elisabeth Wirthmüller

That is why there is a difference between risk assessment and hazard assessment

Risk assessment and risk assessment are very similar-sounding terms, but they should by no means be used synonymously. Because these are fundamentally different processes, each affecting different actors and their responsibilities. Unfortunately, this difference is sometimes blurred - e.g. in translations from English-language specialist texts, which can then easily lead to misunderstandings.

The term “risk assessment” does not come from machine or product safety law, but from occupational safety law. A risk assessment is required, for example, in the Occupational Health and Safety Act and in the Maternity Protection Act. According to this, the employer is obliged to determine and evaluate all hazards and health risks that exist at a workplace or that are triggered by an activity. From this, he - or the company security officer commissioned by him - derives the necessary measures to protect employees. If the activity to be assessed is operating a machine, then - similar to the manufacturer's risk analysis - the risks emanating from the machine are also assessed in this process. The operating instructions are an important source of information. However, this risk assessment refers to Machines already placed on the market at the operator's location or employer.

The risk assessment, on the other hand, starts much earlier and is aimed at the planning, construction and manufacture one machine.

Graphic: risk assessment versus hazard assessment

Actors and legal bases of risk assessment and risk assessment

Both processes have in common that they should be carefully recorded in writing. In legal disputes, such as product recalls, liability issues or accidents at work, documentation is essential for both the manufacturer's risk assessments and the employer's and operator's risk assessments. This is because it can be used to prove that the company has complied with the mandatory requirements for the safe construction and safe operation of the machine. The careful documentation of all steps of the risk analysis and risk assessment significantly increases the legal certainty of all those involved.

The methods of risk analysis and assessment

Despite all the standards and guidelines, there are no methodological specifications for risk assessment and risk assessment the an optimal method. Depending on the product type and industry, different procedures and approaches have developed in risk management. In the mechanical engineering industry - according to a list of the BAuA - the following methods and procedures, among others, are considered appropriate.

  • Hazard tree analysis
  • Risk assessment using a risk graph in accordance with DIN V 19250
  • Risk assessment using a risk graph according to DIN EN 954-1
  • Risk assessment using a risk graph according to DIN EN ISO 13849-1
  • Risk assessment according to DIN EN 62061
  • Risk assessment using the Nohl risk matrix
  • Risk assessment according to MILSTD 882D 2000
  • Risk assessment using risk figures according to Reudenbach
  • Risk assessment according to E DIN EN ISO 14798
  • Risk assessment according to the RAPEX procedure
  • Risk assessment using the Raafat nomogram
  • Risk assessment using the Kinney method
  • FMEA (Failure Mode and Effects Analysis) = failure mode and effects analysis

It is not prescribed who uses which process for which machine type. The machine manufacturer and his designers have a free choice among the methods for risk assessment.

Depending on the method, different graphical representations are used to represent risks. It is simple, but proven Risk matrix, which compares the potential for damage and the probability of occurrence in two dimensions:

Probability of occurrence of the damageExtent of damage
most likelyhighhighhighmedium
remotely imaginablelowlownegligiblenegligible

Risk matrix as a graphic overview for risk assessment
(Image source: ISO TR 14121-2 / WEKA-Business-Portal, risk assessments for machines, author: Jürgen Bialek)

Another form of presentation as an assessment aid with differentiated options is provided by the Risk graph (see illustration).

Software-supported determination of risk indices in accordance with DIN ISO / TR 14121-2
(Image source: WEKA Software CE-Manager)

Download note: Risk assessment in mechanical engineering

The Federal Institute for Occupational Safety and Health has published an interesting report on the methods of risk assessment for machines. The document compares the individual phases of risk assessment and risk reduction with the phases of the design process. Some methods of risk assessment that are particularly relevant for machine builders are also presented and explained.

The benefits of risk analysis and assessment of machines

Machine manufacturers and designers would do well not to see the execution and documentation of risk assessments as a chore. Because a careful and well-documented risk analysis and assessment

  • is a central and indispensable part of the conformity assessment and CE marking process,
  • becomes the working basis for the technical writer when drafting operating instructions for machines and thus indirectly
  • on the basis of risk assessments and safety instructions in the machine operator's company.

In addition, a risk assessment, which - as planned - is naturally integrated into the planning and construction process from the start, for the manufacturer as well as the subsequent operator Save costs can. Because it helps to avoid unnecessary security measures. Getting a grip on hazards and risks that are recognized too late by making changes or adding protective measures can be significantly more expensive than with an inherently safe design from the start avoid unnecessary security measures.

Eight dangerous misjudgments in the risk assessment of machines

Despite all the legal requirements that have been known for years and the diverse information options through specialist literature (see below) and online portals, dangerous errors and misconceptions still occur when it comes to risk assessment, risk analysis and risk assessment, e.g .:

  • Our machine is not particularly dangerous, so we can save ourselves the hassle of a risk assessment.
    It's a mistake, risk assessments are not voluntary services by the machine manufacturer, but rather required by law.
  • We have to design the machine first, then we can carry out a risk assessment.“
    Wrong, the risk assessment must be integrated into all planning and construction processes from the start
  • The dangers posed by the machine can only be assessed on site; this is therefore the responsibility of the operator or his specialist for occupational safety.
    This is also wrong. It is true that the operator must carry out a risk assessment on site under the specific operating conditions, define necessary protective measures for his employees, instruct his machine operators in the use of the machine and instruct them on the safety rules. These However, under no circumstances does a risk assessment replace the obligation of the machine manufacturer, which begins much earlier.
  • We have assessed all the risks that arise when operating the machine.“
    Good, but not good enough. Because a risk assessment should all phases in the life cycle of a machine include. This includes not only normal operation, but also many other processes and situations such as transport, assembly, commissioning, maintenance, cleaning, malfunctions, dismantling, decommissioning and disposal.
  • Our technical writer takes on the risk assessment. Because he writes the operating instructions.
    This statement shows that the risk assessment process was not understood. Because it's not about creating a document, it's about creating one demanding process. This requires specialist knowledge that usually only the designers and developers have. Hence the risk assessment and its operational implementation Task of the designers and not the technical editing.
  • In our risk assessment, we considered the potential for damage and its probability, that must be enough.“
    This is also only partially positive. Because depending on the machine type and technical process, other factors must be taken into account, e.g. to what extent certain Requirements for the qualification of machine operators consist.
  • The risk assessment must be carried out by our CE officer, who is responsible for this.
    A questionable assessment. Because there are no legally binding requirements for a CE representative or CE coordinator, this position is not provided for in the Machinery Directive or the laws and regulations on machine safety. Each company can theoretically determine its tasks according to its own taste, but generally has one CE representative the task of coordinating, controlling projects, organizing processes, etc. Not responsible!
  • We have pointed out all hazards in the operating instructions, everything else is now up to the machine operator“.
    Attention! Warning notices in the operating instructions are not there to undermine your own obligations to an inherently safe construction. In the case of an operating manual that lists warning notices and signal words over many pages, the question arises whether some of these hazards could not have been minimized much earlier - constructively or through technical protective devices - with a legally secure and correct risk assessment.

Further documents

  • Jürgen Bialek "Inherently Safe Construction". Specialist book with 656 pages including CD ROM, price: 129 euros plus VAT and shipping, order no .: CD4477, ISBN: 978-3-8111-4477-4
  • BAuA, risk assessment in mechanical engineering (PDF file, as of 2012)
  • Examples of risk assessment (closing edge safety device, driverless transport vehicle, weaving machine, rotary printing machine) in Appendix A of the IFA report 2-2017 "Functional safety of machine controls"