Know Your Vocabulary

The use of commonly accepted terminology for key components of the OSH risk assessment process enhances communications on risk at all levels. Unfortunately many practitioners in the field may use conflicting terminology in describing parts of the risk assessment process, creating confusion across worksites and inhibiting successful management of risk.

To address these concerns, the Risk Assessment Institute developed the following set of vocabulary to establish a “common language” for OSH risk assessment and management:

Acceptable Risk

That risk for which the probability of an incident or exposure occurring and the severity of harm or damage that may result are as low as reasonably practicable (ALARP) in the setting considered.


That level of risk which can be further lowered only by an increase in resource expenditures that is disproportionate in relation to the resulting decrease in risk.


Injury or damage to the health of people, or damage to property or the environment.


Potential source of harm.

Hierarchy of Control

A systematic approach to avoiding, eliminating, controlling, and reducing risks, considering steps in a ranked and sequential order, beginning with avoidance, elimination, and substitution. Residual risks are controlled using engineering controls, warning systems, administrative controls, and personal protective equipment.


An estimate of the likelihood of an incident or exposure occurring that could result in harm or damage for a selected unit of time, events, population, items or activity being considered.

Prevention through Design

Addressing hazards and risks in the design and redesign processes to prevent injuries and illnesses in the construction, manufacture, use, maintenance, retrofitting and disposal of facilities, processes, materials, and equipment.

Residual Risk

Risk remaining after risk reduction measures (protective measures) have been implemented.


Combination of the probability of occurrence of harm and the severity of that harm.

Risk Assessment

A process that commences with hazard identification and analysis through which the severity of harm or damage is established, followed by an estimate of the probability of the incident severity or exposure occurring, an evaluation of controls, and concluding with a statement of risk.

Risk Management

A holistic business process the commences with risk assessment followed by the implementation of a plan to manage the identified risks by hazard elimination and/or the application of relevant controls, and includes ongoing monitoring and periodic review of the risks and the effectiveness of the controls framework.


Freedom from unacceptable (not acceptable) risk.


An estimate of the magnitude of harm or damage that could reasonably result from a hazard-related incident or exposure.