Risk Assessments Are Not Countermeasures

Written By Brian King

Have you ever seen “Carry out risk assessment” listed as a corrective action after an incident?
Ninety-nine times out of a hundred, I hate it.

Not because risk assessments don’t matter. They do.
I dislike it because this phrase confuses the document with the control.
Paper doesn’t protect anyone. Controls do.

A risk assessment is not the countermeasure.

Here’s the truth: a risk assessment is not an outcome. It’s part of the investigation.

When something goes wrong, an incident should trigger multiple things:

  • A search for immediate and root causes.

  • A review of barriers and resilience.

  • And yes — a review of the existing risk assessment.

That review tells us:

  • Was the hazard identified?

  • What controls were supposed to be in place?

  • If it was identified, what failed — the barrier, the resilience, or both?

This is where the investigation often leads you to the real source:

  • Identification failure: the hazard wasn’t seen.

  • Barrier failure: the control was present but didn’t hold.

  • Resilience failure: the control degraded over time because verification, maintenance, or culture was weak.

Sometimes, it’s all three.

The controls inside the RA are the countermeasures

The true countermeasures are not “carrying out a risk assessment.”
They are the controls documented inside the risk assessment.

  • Energy barriers: guards, interlocks, insulation, design specs.

  • Event barriers: permits, procedures, safe systems of work.

  • Exposure barriers: include distance, segregation, and choreography.

  • Harm barriers: PPE, airbags, sprinklers — the last line, not the first.

  • Resilience measures: include supervision, maintenance, calibration, training, and culture.

These are what change the outcome.
These are what keep energy from turning into harm.

When those controls are strengthened, introduced, or verified, you have a real countermeasure. The risk assessment is then updated as a mirror of the strengthened system — not as the fix itself.

The EHR Lens: Energy → Event → Exposure → Harm

The EHR Model reminds us that every incident is a story of energy.

  • Energy: Mechanical, chemical, thermal, electrical, or human.

  • Event: The trigger that releases or misdirects that energy.

  • Exposure: The person, asset, or system that gets in the way.

  • Harm: The consequence when exposure and energy meet.

Overlay your risk assessment review onto this chain, and the weak spots appear.
You see exactly where your barriers are thin, and whether resilience was strong enough to hold them over time.

This is leadership. Seeing energy before harm forces you to.

A quick story

A bruised finger in a prototype shop.
The report looked routine: “Retrain team. Update work instruction. Carry out risk assessment.”

But reviewing the existing RA told a different story.
The hazard was identified: “pinch points during removal.”
The barrier on paper: “Use approved fixture.”
The reality: an improvised fixture had crept into use.
The resilience gap: no verification process to catch substitutes, and no pause when the approved fixture wasn’t available.

The real countermeasures weren’t “new RA.” They were:

  • Engineering: redesign the interface so that only the approved fixture could fit.

  • Event barrier: add a go/no-go trigger — no approved fixture, no job.

  • Resilience: regular tooling verification and kit checks, with authority to stop when equipment didn’t meet spec.

The RA was updated — but as a record of a stronger system, not as the countermeasure itself.

The trap of “new RA”

Writing “carry out risk assessment” as a corrective action creates the illusion of safety. It changes the form, not the work.

The only time I welcome a “new RA” after an incident is when it sparks a Living Risk Assessment (LRA) process.

  • Dynamic: reviewed at the pace of change.

  • Field-based: used in pre-task briefs, toolbox talks, and line walks.

  • Verified: controls tested, not just written.

  • Resilient: jobs can pause without penalty when conditions change.

That’s when a risk assessment becomes a tool of leadership, not bureaucracy.

A leader’s test

Before approving any corrective action, ask:

  1. Does this change the work, or just the paper?

  2. Would this have prevented the incident from happening?

  3. How will we know it still works in six months?

If the answer is “no” or “we don’t know”, it’s not a countermeasure.

This week’s reflection

👉 Stop treating “carry out risk assessment” as the fix.
👉 Start using the RA as part of your investigation, not the outcome.
👉 Make the controls inside the RA the countermeasures.
👉 Update the RA to reflect a stronger system, not to hide behind paper.

Luck isn’t a strategy.
Controls are.
And leadership is making sure they hold.

Brian King
Next

The Evolution of Respect and Its Role in Leadership