ISO 45001 defines the term “risk” as “the effect of uncertainty”. The standard further explains that the effect is a deviation from the expected. This effect can be positive or negative.
Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of, an event, its consequence, or likelihood. Risk is often characterized by reference to potential “events” and “consequences” or a combination of these.
See if it is necessary to maintain documented information on risk in ISO 45001.
Risk is often expressed in terms of a combination of the severity and consequences of an event (including changes in realities) and the related likelihood or occurrence. Therefore risk is commonly a multiple of severity and occurrence and given by;
Risk = Severity x Occurrence
The joint terminology of “risks and opportunities” is utilized in ISO 45001, which means OH&S risks, OH&S opportunities and other risks and other opportunities for the management system.