The main concern that I have with OH&S hazard identification is the potential for overwhelming the ability to address the hazards identified. In other words, if we were to generate a list of identified hazards that’s 800 items long, the typical process I would use to then prioritize that list would be an FMEA approach. At that point, we would address the hazards on a risk-based approach, with the high and significant risk items being at the top of the list.
Would you have any suggestions for those of us that are good at this process above, but have run into situations where the ROI or big/easy methodologies are not enough justification for certain capital investments to address the more elaborate engineering or substitutive mitigation efforts?
I can understand how it can be time consuming to identify which hazards need to be addressed, but this can help to ensure that you are at the right level of the hierarchy of controls identified in clause 8 of ISO 45001. What I mean is, if you have a hazard that does not pose that big of a risk, it is not required to address this at the top of the hierarchy by elimination or engineering control. However, for hazards that pose the biggest risk will want to have more than just PPE control (the lowest level) to address this risk. While an FMEA type approach is not required, it is one way to come to these risk assessments.
As for convincing when the higher levels of control are needed, this should be justified by the risk assessment. If the assessment shows a high level of risk, and the assessment method is accepted (which can be a big problem), then the decision should be obvious as to why you need to use the control level identified. The biggest problem is overcoming this questioning of the method; get it agreed first and then the high risk assessment should lead to high levels of control.