Risk Assessment
A documented process for identifying hazards, evaluating likelihood and severity, and determining appropriate controls.
Definition
Risk assessment is the systematic process of identifying what could go wrong, how likely it is to happen, and how bad the consequences would be — then deciding what controls to put in place. Risk assessments underpin ISO 9001 (clause 6.1, risk-based thinking), ISO 31000 (risk management framework), ISO 45001 (occupational health and safety), HACCP (hazard analysis), FMEA (Failure Mode and Effects Analysis in manufacturing), and OSHA's general duty clause. Most frameworks express risk as Likelihood × Severity, plotted on a risk matrix to prioritize action.
Why it matters
Modern quality and safety frameworks have moved decisively toward risk-based thinking. ISO 9001:2015 explicitly requires organizations to consider risks and opportunities as part of their management system. Risk assessments are expected documentation in any audited environment. A risk assessment SOP defines when assessments are required, who must participate, what methodology to use (FMEA, HAZOP, bowtie, etc.), and how often to review them.
Related terms
The international standard for quality management systems, requiring documented procedures, continuous improvement, and risk-based thinking.
A food safety management system that identifies biological, chemical, and physical hazards and defines controls to prevent them.