ISOscribe

"Membuat Kualitas melalui Kata-kata: Perjalanan Seorang Blogger ke Dunia Sistem Manajemen ISO"

  April 14, 2026    

Unified Risk Assessment: One Methodology for ISO 14001 & ISO 45001

By Bambang Riyadi | Professional Columnist & Editor, effiqiso.com | Updated: April 2026 | Part 3 of 7

In our previous article, we identified the gaps in your management system. Now comes the most critical step of building an Integrated Management System (IMS): Unified Risk Assessment.

Under both ISO 14001:2015 and ISO 45001:2018, Clause 6.1 is the beating heart of the management system. It requires organizations to determine risks and opportunities that need to be addressed. Traditionally, companies run two separate processes: an Environmental Aspect & Impact Assessment for ISO 14001 and a Hazard Identification & Risk Assessment (HIRA) for ISO 45001.

But think about a chemical spill. Is it a safety issue? Yes, it can injure workers. Is it an environmental issue? Yes, it contaminates the soil. Why assess it twice?

In this guide, we will show you how to merge these two processes into a single, robust methodology that saves time, reduces duplication, and provides a holistic view of organizational risk.

🔍 The Synergy Advantage: A unified risk assessment doesn't just save administrative time. It reveals hidden risks. For example, a safety control (like increased ventilation) might increase energy consumption (an environmental risk). An integrated view helps you balance trade-offs effectively.

🆚 Traditional vs. Integrated Risk Assessment

Before we dive into the methodology, let's look at why the "siloed" approach often fails:

Feature Siloed Approach (Traditional) Integrated Approach (IMS)
Methodology Separate tools (Aspect/Impact vs. Risk Matrix) Unified Risk Register with combined criteria
Team Involvement EHS team split by discipline Cross-functional team (Safety + Environment + Ops)
Controls Conflicting controls (e.g., safety gear generating waste) Optimized controls addressing both safety & environment
Outcome Blind spots where risks overlap Comprehensive risk profile & efficient resource use

📝 The 4-Step Unified Risk Assessment Methodology

To successfully integrate ISO 14001 and ISO 45001 risk assessments, follow this proven four-step framework.

Step 1: Joint Hazard & Aspect Identification

Instead of separate brainstorming sessions, conduct a Walk-the-Process exercise with both safety and environmental experts.

  • ISO 45001 Focus: Identify hazards (sources of injury/ill health). Examples: Noise, ergonomic strain, chemical exposure, machinery entanglement.
  • ISO 14001 Focus: Identify environmental aspects (elements of activities interacting with the environment). Examples: Air emissions, wastewater discharge, raw material consumption, waste generation.
  • Integration Point: List them side-by-side. For a "Painting Operation," you might identify:
    • Hazard: Inhalation of toxic fumes (Safety).
    • Aspect: Release of VOCs to atmosphere (Environment).

Step 2: Unified Risk Scoring Matrix

Develop a single risk matrix that accounts for both human impact and environmental impact. You don't need two different scales.

Integrated Risk Assessment Matrix

Proposed Scoring Criteria (Example):

  • Severity (S):
    • High (5): Fatality / Major environmental spill requiring external cleanup.
    • Medium (3): Lost-time injury / Localized contamination cleaned internally.
    • Low (1): First aid / Minor waste generation.
  • Likelihood (L): Frequency of occurrence based on historical data and exposure levels.
  • Risk Score (R = S x L): Use this score to prioritize actions across both domains.

Step 3: Integrated Control Hierarchy

Apply the Hierarchy of Controls to determine the best mitigation strategy. The key is to ensure your controls don't create new problems.

Hierarchy of Controls Pyramid
💡 Case Example:

Scenario: A solvent-based cleaning process.
Siloed Solution: Mandate heavy-duty respirators (PPE) for safety. Result: Workers are protected, but spent filters become hazardous waste (Environmental impact).

Integrated Solution: Switch to a water-based, biodegradable cleaning agent (Substitution). Result: Eliminates inhalation hazard AND eliminates hazardous waste. Win-Win.

Step 4: The Integrated Risk Register (IRR)

Your final output should be a single document (or digital database) that tracks everything. Columns in your IRR should include:

  1. Activity / Process
  2. Hazard (Safety) / Aspect (Environment)
  3. Potential Impact (e.g., Injury, Pollution)
  4. Existing Controls
  5. Risk Score (Pre-mitigation)
  6. Additional Controls Needed
  7. Risk Score (Post-mitigation)
  8. Responsible Person

🛠️ Practical Tool: The "Dual-Impact" Checklist

When reviewing a new process or change (Management of Change), use this quick checklist to ensure you haven't missed cross-impacts:

Does this change introduce new chemical exposures?

If yes, assess toxicity (Safety) and disposal requirements (Environment).

Does this change increase energy or water consumption?

If yes, assess cost/resource impact (Environment) and potential equipment overheating/maintenance issues (Safety).

Does this change generate more waste?

If yes, assess handling risks (Safety - sharp objects, heavy lifting) and landfill impact (Environment).

🤖 Future-Proofing: Digital Risk Assessment

In the next installment (Part 4), we will explore how IIoT sensors and AI are revolutionizing risk assessment. Imagine a system that automatically updates your risk register when air quality sensors detect a spike in VOCs, or when a near-miss is reported via a mobile app.

For now, ensure your manual or spreadsheet-based register is clean, accessible, and reviewed regularly.

❓ Frequently Asked Questions (FAQ)

Q: Can we still keep separate registers if we want?

You *can*, but it defeats the purpose of integration. You will likely end up with duplicated data and conflicting controls. A single register is the gold standard for IMS efficiency.

Q: How often should we review the Integrated Risk Register?

At least annually, or whenever there is a significant change in operations, legislation, or after an incident. ISO standards require "continual improvement," so regular review is mandatory.

Q: Who should lead the unified risk assessment?

Ideally, a joint committee led by the IMS Coordinator, involving representatives from Operations, Safety, Environment, and Maintenance. Input from frontline workers is crucial for accuracy.

🔗 What's Next in the Series?

Now that your risks are mapped, how do you monitor them efficiently? In Part 4, we dive into Digital Tools for Integrated Monitoring, including IIoT, real-time dashboards, and AI analytics.

👉 Read Part 4: Digital Tools for Integrated Monitoring (IIoT & AI)

🔗 Full Series Navigation:

  1. Why Integrate ISO 14001 and ISO 45001? The Business Case
  2. Gap Analysis Framework for IMS Implementation
  3. ✓ You are here: Unified Risk Assessment Methodology
  4. Part 4: Digital Tools for Integrated Monitoring (IIoT & AI)
  5. Part 5: Training & Competency Development for Cross-Functional Teams
  6. Part 6: Preparing for Integrated Certification Audits
  7. Part 7: Measuring ROI and Continual Improvement

© 2026 effiqiso.com | Empowering Smart Energy, Quality & Integrated Management Systems

About the Author: Bambang Riyadi is a professional columnist and editor specializing in ISO management systems, sustainability strategy, and operational excellence. With over 15 years of experience advising organizations across Southeast Asia, he helps bridge the gap between compliance and competitive advantage.

   / /

  No Comments

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)