FAQs - Risk Assessments

Risk assessments must be completed by the person or people performing the tasks. Managers and supervisors are responsible for making sure this is done. See the R2 - Create a Risk Assessment guide for detailed instrcutions. 

For help with:

• passwords, logging onto the UQSafe system or other technical problems, contact the ITS Service Desk
• specialist advice, contact Health, Safety and Wellness Divison
• completing or approving a risk assessment, contact your area’s safety manager or Work Health and Safety Coordinator

A risk assessment can be created by all system users. This includes all UQ workers (staff, higher degree by research (HDR) students, contractors) and others (coursework students) across all UQ sites that have a UQ log in. 

The following roles describe users participating in the risk assessment process: 

Risk owner – person undertaking work, tasks or activities that require a risk assessment. 

Risk author (risk logger) – person entering a risk assessment into the system on behalf of the risk owner. 

Risk assessment team – If multiple persons are undertaking the work and are involved in the development of the risk assessment, they can be listed as part of the risk assessment team.

Risk approver – the person responsible for approving the risk assessment. 

Risk peer reviewer – a person invited by risk owner to provide feedback on their risk assessment prior to submission to the risk approver. Suitable reviewers include subject matter experts, other work group members, persons involved in implementing controls, Safety Coordinators (WHSC), Safety Managers. All system users can be invited to peer review. 

Log in to UQSafe system R2 and navigate to the 'WHS Risk Register'. 

This is where you can access the register of risk assessments:

Until all modules are available in the new riskware version R3, UQSafe versions R2 and R3 will run in parallel.

These modules will remain in UQSafe R2:    
•    Risk Assessments  
•    Work Off-campus and Fieldwork Plans  
•    Laboratory Activity Applications (Biosafety, Certifications, Facilities)  
•    All historical data is still in R2 and will not be moved over for hazards and incidents. 

These modules are in UQSafe R3 as of January 2025:
•    All new hazard and incident reports
•    All new HSW Workplace Inspections 

If a risk assessment has never been approved before, the Risk Author/ Owner can recall it.

Step 1: Navigate to the 'WHS Risk Register'
Step 2: Click on "Draft Risks" to see your drafts.
Step 3: Locate the risk assessment you want to recall and click on the commands menu (the little 3 dots)
Step 4: Click 'Recall"

If a risk assessment has been approved before, and it is now being reviewed/ updated, then the Risk Author/ Owner cannot recall it. The Risk Approver will need to approve or reject the risk assessment. 

If the Risk Approver has left UQ, contact your area’s safety manager or Work Health and Safety Coordinator for assistance. 

Staff in a safety role have access to UQSafe analytics. They can run a report to find out if risk assessments across the org unit are 'stuck' and unable to be recalled, approved, or rejected.

Run the report titled "KPI - Risk Assessments waiting for approval" within the list of custom reports in the R2 'Analyse Data' tab. 

Filter on the Risk Assessment Status within this report. Status Explanation:

WaitingC – These risk assessments have never been approved before. These risk assessments can be recalled to draft by the Risk Author/ Owner or members of the local Safety Team, even if the Risk Owner and/or Risk Approver have left UQ. 

WaitingU/UT – These risk assessments have been approved before and they are now being reviewed/updated. These cannot be recalled to draft by the author or members of the local Safety Team. These can only be approved or rejected by the Risk Approver.

If the Risk Approver has left your org unit, but they are still at UQ with a valid UQ Log in, they still need to approve or reject the risk assessment.

If the status is "WaitingU/UT" and the Risk Approver has also left UQ, contact the UQSafe System Administrators for help:  uqsafe@uq.edu.au

Yes, you can clone a Risk Assessment that already exists within the system. 

The new risk assessment will be an exact copy of the original risk assessment content, except there will be a new risk reference number. 
All fields and content from the original risk assessment will appear and these can be edited to reflect the context and details of your new activity. 
This includes renaming the activity, editing the description, adding or deleting risk factors, existing controls, changing risk ratings and adding new proposed controls.

To clone an existing risk assessment:

Step 1: Find the appropriate risk assessment in the WHS Risk Register
Step 2: Click on the commands menu (the little 3 dots) and select 'Clone'
Step 3: Change the name to your organisational units preferred nomenclature (e.g. UQCCR-Group name-risk assessment title)
Step 4: Ensure your name now appears in the 'risk owner' field
Step 5: Enter your supervisor’s name in the “supervisor” field
Step 6: Change the ‘Effect’ details from 'organisational wide' to your specific location (unless it is organisational wide)
Step 7: Ensure all risk factors and existing controls are correct (change as required)
Step 8: Once you have completed modifying the cloned risk assessment, submit to your supervisor for approval

Yes, the Risk Owner can invite others to peer review their draft risk assessment. Peer review can only be conducted on a draft risk assessment.

Peer Reviewers can provide feedback on risk assessments prior to submission for approval. Suitable Peer Reviewers include subject matter experts, other work group members, persons involved in implementing controls, Safety Coordinators (WHSC), Safety Managers. All system users can be invited to peer review. Any risk assessment already submitted for approval cannot be peer reviewed.

Refer to R2 - Risk Assessment Peer Review Guide for detailed instructions.

After the risk assessment has been approved, anyone can view it in the WHS Risk Register. 

The hierarchy of controls ranks types of control methods from the highest level of protection and reliability to the lowest. It’s a step-by-step approach to eliminating or reducing risks. 

You must work through the hierarchy of controls when managing risks, with the aim of eliminating the hazard, which is the most effective control.

Level 1 - Controls eliminate the hazard, removing the risk completely. For example, you can eliminate the risk of a fall from height by doing the work at ground level.

Level 2 - Controls eliminate as many of the risks associated with the hazard as possible. These controls include:

• substituting the hazard for something safer, like replacing solvent-based paints with water-based ones
• isolating the hazard by physically separating people, like installing rails around exposed edges
• using engineering controls, like trolleys, hoists and safety switches.

Level 3 - controls rely on human behaviour and supervision and are the least effective way to reduce risk. You should only use level 3 controls as a last resort, or in addition to other control measures. They could include:

• setting up administrative processes, like procedures, rules and warning signs
• using personal protective equipment, like ear muffs, respirators or protective eye wear.

Refer to the advice in the How to manage work health and safety risks Code of Practice 2021 for further information on how to develop effective controls in your work area.

Risk assessments completed before April 2017 may be located in the old UQ Risk Management Database. You can access these risk assessments in ‘read-only’ format. You can't create new risk assessments in this system.