It is important, once risk assessments have been properly documented, that these are communicated to all employees and anyone else who might be affected, such as employees, volunteers, contractors and visitors.

Many churches are allowing or making provisions for community-led enterprises, activities and church-led initiatives which have introduced additional hazards and risks into what would be considered a relatively low-risk church environment. These include foodbanks, woodworking classes, arts and crafts, childcare facilities and organised sales, food fairs, sports and recreation and bouncy castles.

The Charity Trustees must ensure that the activities are suitably risk assessed and that they are fully aware of any hazardous activities, materials, equipment, tools, chemicals or gases introduced into the buildings by others. They must consider the safety implications for fire and general building safety for others and seek approval from the General Trustees and COSIS Insurance.

Please seek further advice and guidance from the presbytery or General Trustees health and safety team if you need any assistance with hazardous activities or planned church-led initiatives that may need specific considerations for health and safety planning.

The requirement for employers to undertake a risk assessment is outlined in the Management Regulations 1999. However, a number of other specific requirements relate to health and safety risk assessments covering subject-specific risks referred to in other legislation.

Further advice regarding subject-specific risk assessments can be obtained from the Church of Scotland General Trustees.

Legal regulations regarding the basic commonly identified risk assessments that should be produced and reviewed within church buildings are detailed below.

Note: Congregations that have introduced or allow other activities and equipment into the church buildings may have to further consider additional regulations and risk assessments pertaining to the hazards presented by them, e.g machinery, tools and woodworking facilities, hoisting or lifting equipment etc. Please seek further advice and guidance from presbytery and the General Trustees for any activities or equipment introduced to the church which may be considered to be outwith the normal and expected low-risk activities taking place in a church buildings.

Asbestos

The first step in an asbestos risk assessment is to identify if you have any asbestos or suspected Asbestos Containing Materials (ACM) in the building(s). This should include the manse property. If you do have asbestos, you should produce an asbestos register if this has not been provided by a professional asbestos contractor. This register should detail the location, type and amount of ACM at each location and should be shared with any contractors or staff likely to come into contact with the ACM. Please see the asbestos section for guidance and advice.

Control of substances hazardous to health

The church remains a low-risk environment with not much more than relatively safe cleaning and sanitation chemicals to consider, but in some cases where woodworking, arts, crafts and other activities have introduced glues, gases, solvents, wood dust etc, the Charity Trustees must make a suitable and sufficient risk assessment of all work activities which might expose someone to any substance hazardous to health. This includes the use of some paints and coatings, cleaning materials and chemicals, glues, gases, fuels, dust and some pesticides etc. It also includes biohazards such as moulds, bird or dog waste, human waste, vermin and viruses such as COVID-19.

Presbytery and the General Trustees health and safety advisors will provide guidance and advice on any substances or biohazards that you may consider to be harmful or volatile. (See templates section below for COSHH assessment template if you must consider COSHH at your church buildings.)

Display screen equipment

Employers must undertake a suitable and sufficient analysis of all workstations used by display screen equipment (DSE) users (employees/volunteers). This includes persons carrying out DSE activities as permanent homeworkers.

Fire safety

All relevant operational premises are required to carry out a fire safety risk assessment. The fire safety risk assessment must identify the people at risk, the fire hazards within the building(s), an evaluation of the existing fire safety measures and high-risk areas within the buildings. It must also include a fire evacuation plan.

The content of the fire safety risk assessment should be proportionate to the risk, the complexity of the building and the number and type of persons occupying the building. Any remedial actions required, where identified by the assessment process, should be acted upon in a timely manner with respect to the cost and risk to life. More information is available in our fire safety section.

Gas safety

The regulations require that employers and property duty holders ensure that any gas appliances and pipework installed in properties for which they are responsible are maintained in a safe condition. Gas appliances (including ovens, hobs, fires and boilers) must be inspected at least every twelve months by an approved Gas Safe registered engineer who can certify the safety of the gas services and installed appliances.

A gas safety risk assessment may identify issues such as lapsed safety certification, insufficient carbon monoxide detection, faulty controls on appliances and lack of ventilation and stored consumable materials located in boiler rooms and cupboards.

Records must be kept for each appliance to include dates of inspection, any identified defects and action taken. These records should be kept in the congregation's property register.

Manual handling operations

You must undertake a suitable and sufficient assessment of all manual handling operations. This should consider the tasks, loads, working environment, individual capability and any other factors that might affect manual handling operations and the safe movement of equipment, furniture and any stored items. It should also consider any activities that require repetitive movements by employees or volunteers, e.g. unloading deliveries, filling bags or boxes for a foodbank or other similar church-based activities. (See Manual Handling Assessment Template.)

Personal Protection Equipment (PPE)

PPE should only be used as a last resort when all other risk-control alternatives are unsuitable, including elimination, engineering controls or safe systems of work. It can be included in the risk assessment as an additional control measure but not singularly as the only protection for employees or volunteers carrying out any identified hazardous activities or tasks. Any PPE supplied to employees or volunteers must be suitable and sufficient for the identified tasks and conform to the BS or EN standards.

Wiring and electricity

A risk assessment for electrical safety within your buildings is a visual non-contact assessment based on identifying broken sockets, switches bared, exposed wiring and any reports of failed or malfunctioning electrical equipment or installations. This assessment may also help identify dated, unsafe wiring on equipment such as portable heaters and other historically used appliances, e.g organ, lighting, lamps etc.

A legal duty exists to ensure that only an appropriately trained and competent electrician inspects and tests fixed electrical systems. It is strongly advised to instruct an independent electrical engineer who can demonstrate certified competency and suitable insurance provision for any inspection and electrical work being carried out in church buildings. It is recommended that the contractors belong to the NIC/EIC or SELECT trade membership bodies that seek to ensure the professional competency and compliance of their members.

Working at height

A risk assessment should identify all working-at-height activities undertaken at the church building(s). This includes working on a ladder or platform to change lightbulbs, carry out inspections or perform any external maintenance activities such as gutter cleaning. The risk assessment should consider the competency and ability of the person carrying out the task, the stability and condition of the ladder or working platforms and any controls including suitable PPE and a prescribed safe system of work for carrying out the activity. Any hazards and risks to the general public and other building users that may be affected by someone working at height should also be suitably considered.

If you are employing external contractors to carry out these types of activities, they should provide their own risk assessments which should be reviewed to ensure that they have considered all the hazards and risks for carrying out the work at your buildings. They should produce any certification for the use of elevated platforms and a written safe system of work for how the task will be carried out. Any hazards and risks that have not been suitably controlled should be discussed and suitably mitigated against before they commence the work (see working at height section).

The Management Regulations 1999 identify two particular types of workers that employers must pay special attention to whilst carrying out risk assessments: children and young persons, and new and expectant mothers.

Children and young persons

A child is defined as a person not over compulsory school age, in accordance with the Education (Scotland) Act 1980 as amended. In practice, a child is defined as anyone under 16 years old. A young person is defined as anyone under the age of 18 but older than 16 years old.

The Management Regulations 1999 require employers to consider several factors in their risk assessments when employing young persons (i.e. anyone under 18 years old). These include the inexperience, lack of awareness of risks, and immaturity of young persons as well as workplace and workstation layout; exposure to physical, chemical and biological agents; use and handling of work equipment; work processes and activities; and health and safety training.

The Health and Safety (Training for Employment) Regulations 1990 give students on work experience programmes and trainees on training for employment programmes the legal status of "employee", therefore protecting them under health and safety legislation. Similarly, young people in work experience placements arranged by schools, colleges or local authorities in most cases undertake relevant training and are therefore protected.

New and expectant mothers

The Management Regulations 1999 require that employers carry out risk assessments for any specific risks to female employees or volunteers of childbearing age, and new or expectant mothers and their babies. The risk assessment does not have to be a separate risk assessment; it can be undertaken as part of an overall risk assessment of the workplace.

Congregations employing young persons or new or expectant mothers should seek additional advice on health and safety from the Church of Scotland General Trustees, and on employment law from the Church of Scotland Law Department or other suitable resource.

The Health and Safety at Work Act 1974 requires that employers and duty holders ensure, as far as is reasonably practicable, the health, safety, and welfare at work of all employees, volunteers and the general public. A similar requirement also extends to those who are not employed but may be affected by the employer's activities.

The risk assessment process is a statutory obligation covered under the Management of Health and Safety at Work Regulations 1999 (MHSWR 1999). MHSWR 1999 reinforces the Health and Safety at Work Act 1974 by placing a further legal duty on employers to assess and manage the risks to employees and others to prevent work-related illness and accidents. The regulations state that every employer shall make a suitable and sufficient assessment of the risks to health and safety to which their employees are exposed at work. Every employer must also make a suitable and sufficient assessment of the risks to the health and safety of anyone not in their employment arising from, or in connection with, the employer's conduct.

Risk assessment records provide a demonstrable assessment of the hazards and risks and the controls taken for minimising or eliminating the identified hazards. The Health and Safety Executive (HSE) and the local authority may request to see physical evidence of these following any accidents or reports of ill health on your premises or during spot checks, which have become more common following the COVID-19 outbreak.

As far as reasonably practicable

Employers must make a balanced decision about the hazard and the likely severity of risk and the consequences or outcome of doing nothing balanced against the time, inconvenience and financial costs of controlling or removing the risk.

A reasonable and considered decision taken by employers can be demonstrated by undertaking a suitable and sufficient risk assessment and considering the relevant legislation, approved codes of practice (ACOP), guidance notes and any concerns raised by employees, volunteers or others who may be affected.

Safe Systems of Work (SSOW)

Sometimes referred to as Method Statements, Safe Systems of Work is a requirement of the Health and Safety at Work Act 1974 and is intended to provide those who are carrying out the work with the necessary information to undertake the job safely.

Providing a safe system of work with the risk assessment and sharing it with employees and volunteers prior to any work seen as significantly hazardous, such as working at height, provides a prescriptive method in which a task or activity should be safely carried out to further mitigate against injury and accidents. A SSOW is provided in the templates and documents section below.

Significant risk

Any hazards or activities that are considered to still have a residual risk element that cannot be fully eliminated or guarded against in the risk assessment process is capable of leading to a significant injury or risk to health and safety.

A common example of this in a church environment might be working at height to carry out building maintenance, inspections, or simply changing lightbulbs.

Suitable and sufficient

The legislation does not provide a definition of a suitable and sufficient risk assessment. The HSE suggests that a risk assessment is suitable and sufficient if:

• You have properly identified all the current and likely hazards in the workplace
• You have identified, consulted with and confirmed who might be affected
• Your risk assessment deals with all the obvious significant risks, considers all the persons likely to be affected, and considers if a SSOW is required for the task or activity to further mitigate against injury or accidents to employees, volunteers and the general public
• The control measures and mitigations identified are suitable and proportionate and can be implemented to either eliminate or significantly reduce the identified risk
• You have involved your employees/volunteers and anyone else who might be affected in the risk-assessment process.

The level of detail in a risk assessment should be proportionate to the risk and appropriate to the nature of the work and activities being assessed. Insignificant risks can often be ignored, as can risks arising from routine activities associated with life in general, unless the work activity significantly alters those risks. (Source: HSE 2017).

Some congregations share their properties with other organisations on a permanent basis. For example, a congregation might have a long-term tenancy agreement to let office space to an external organisation. It is important to consider how your work and other activities affects them and how their work activities affect you and your employees.

It is useful to have regular conversations to ensure that adequate controls are in place and that any risk-based controls are working. Sharing risk assessments and notifying each other of any planned works and activities that may affect the other party is strongly recommended. In cases where shared access is required, it’s also recommended that the parties collaborate on fire safety and emergency evacuation planning to ensure that each party can suitably ensure evacuation of the buildings.

The Charity Trustees of the congregation are responsible for ensuring that suitable and sufficient risk assessments are carried out, documented, actioned, and reviewed. Where they have appointed a Health and Safety Administrator, they should ensure that this person liaises with presbytery and the General Trustees for any professional advice, guidance and training aimed at increasing competency and confidence in the role.

The Charity Trustees remain responsible for ensuring that risk assessments are suitable and sufficiently carried out within their buildings. They should become familiar with and encourage the use of this toolkit.

All Charity Trustees must be assured that risk assessments have been carried out and that the risk assessments reflect the hazards and risks within their properties and the activities undertaken within.

The HSE recommends that risk assessments should not be carried out by just one person, as this is likely to result in significant hazards being missed or incorrectly evaluated. A minimum of 1 person should accompany the health and safety-appointed person on carrying out the risk assessments. The fabric convenor, in most cases, may be the obvious choice as they are familiar with the building layout and may be best placed to advise on safety control measures for any hazards and risks identified.

It is also important to speak to all employees and volunteers when carrying out a risk assessment, as they will be familiar with hazards and risks in the activities and work that they already undertake.

The Health and Safety Administrator will be responsible for reporting the outcome of risk assessments to the Charity Trustees. They will also be responsible for ensuring that the control measures and actions have been taken, reviewing the risk assessments and storing them safely at the church location where they can be easily accessed by the Charity Trustees and made available to any visiting local authority enforcement or HSE officials.

Risk assessments should be carried out for all properties for which the Charity Trustees are responsible and all the activities occurring within these properties. This does not include the Manse, unless the Manse is used as a place of work by employees or volunteers.

It is good practice to ask employees and volunteers what they think the hazards are in their workplace and how they could be affected. They might notice hazards and risks in their daily tasks and activities that are not obvious to the person(s) carrying out the risk assessment. Any practical ideas of how to control risk without affecting their ability to perform the task or activity should also be discussed and fully considered. Remember, a control measure that introduces another hazard is not a suitable control.

It is useful to speak to representatives from specific groups who use your properties regularly. For example, if halls are used by dancing or keep-fit groups, it is important to speak to the group organisers to ensure that all potential hazards have been identified in their risk assessment process. You may assess their risk assessment to ensure that it is suitable for the activities being undertaken at the premises and evaluate any hazards and risks posed to employees, volunteers and other visitors and building users.

The following groups of people in particular should be considered:

• Employees and volunteers, both permanent and temporary (this includes cleaners, organists, administrators etc.)
• Children and young people
• People with disabilities
• Contractors
• Maintenance workers
• Home workers
• Lone workers
• Members of the public
• Neighbouring occupants
• The minister

When all potential workplace hazards have been identified, the next step is to evaluate the risk of these hazards actually causing harm.

To do this, it is necessary to consider the points listed below:

• The likelihood that harm will occur
• The potential severity of the harm
• How many and how often people will be exposed to the hazard
• The existing control measures in place

Risk matrix

It is not compulsory to use a risk matrix when undertaking a risk assessment. It is acceptable to use personal judgement to decide which hazards are significant and when additional controls may be required.

It is important that those carrying out the risk assessment fully understand the risks associated with the activities or the use of the buildings being assessed. Individual experiences, knowledge, attitudes and competence can result in hazards being allocated higher or lower risk scores than are suitable for the situation.

When risk scoring, it is also important to focus on the hazards and risk and not on the actual final risk score. Remember, risk scoring is a useful tool to help you evaluate risk; it is not a tool used to control hazards.

Worker example - Risk scoring

1. A member of your congregation is putting up some shelving in the boiler room when he accidentally drills through a piece of board labelled Asbestos Insulating Board (AIB). Before this work was started, a risk assessment should have been carried out as the congregational asbestos risk management register indicated that AIB was present in the boiler room. The risk score for this activity is therefore:
   
   Likelihood (Likely) X Severity (Extremely Harmful)
   
   3 x 3 = 9 This is an intolerable risk
   
   If a suitable risk assessment was carried out before the task was started, it would have been apparent that this represented an intolerable risk and the activity should not have started until the risk (asbestos) was removed.

2. You keep the outside of your church building tidy and, before each worship, the paths are checked to ensure safe access to the building. In the winter, all paths are treated with salt and church elders are on hand to help elderly members of the congregation to and from the church. The risk score for this activity is therefore:
   
   Likelihood (Unlikely) X Severity (Slightly Harmful)
   
   2X1 = 2 This is a tolerable risk
   
   The congregation have reasonable and practical control measures in place to make sure that members of the congregation are not at risk of slips, trips and falls when entering or leaving the church.
3. Your halls are let to a youth group, which allows children aged between 8 and 16 years old to meet and play computer games twice a week. All of the electrical equipment, computers, and monitors are owned by the youth group. You have spoken to the youth group leader and observed what takes place when members of the youth group occupy the halls. You notice that there are metres of cables lying across different areas of the halls, which people walk past when rotating around the game stations. You are concerned about tripping hazards. The risk score for this activity is therefore:
   
   Electrical Safety: Likelihood (Likely) X Severity (Slightly Harmful)
   
   3 X 2 = 6 This is a substantial risk
   
   Appropriate action must immediately be taken to reduce the risk of tripping so far as is reasonably practicable. This might include the use of cable covers or cable mats to sit over the cables when in use.

Hierarchy of controls

Once you have scored the risk, you now need to make a suitable and informed choice about the control methods that you are going to adopt based on the risk score. You must consider the likelihood and severity of the hazard identified. This is known as the hierarchy of controls.

Elimination

Removing the hazard is always the preferred method of control. For example, removing stored items from the walkways will fully eliminate any hazard presented by the stored items.

Substitution

Reduce level of risk by substituting the hazard with a less hazardous alternative. For example, replace a cleaning chemical which is an irritant with a non-irritant variety.

Engineering control

Engineered controls are innovative controls, such as cut off valves, isolation switches, automated doorways, spring-loaded doors, safety guards on tools and equipment or anything else that uses engineering to isolate people from the hazard identified. You can introduce basic engineering controls. For example, ensure that circuit breakers are used on electrical items or ensure that there are door closer springs attached to fire doors. Engineering controls needn’t be complex; they can be simple additions like locks or coded door entry to hazardous areas etc.

Administrative control

Policies and procedures implemented to allow people to work safely – for example, a lone working policy, food safety management system, or fire and emergency evacuation plans. Training and supervision is also an important administrative control.

Personal protective clothes and equipment

Only after all of the above measures have been considered and tried should PPE be considered. PPE may also be used in conjunction with any of the control measures as an additional precaution if elimination is not possible.

Correct identification of hazards is a very important part of any risk assessment. It might be useful to organise or separate risk assessments by dividing the process up into different locations, rooms, processes, activities, etc., depending on property size and use. A visual inspection of the areas or activities to be risk assessed is a good place to begin identifying potential hazards.

It might also be useful to look at other relevant sources of information, including previous risk assessment records, operating procedures for equipment, training records, accident/incident records, information from manufacturers' labelling and instructions for safe use, any suppliers’ recommendations, and health and safety inspection reports.

It is important to speak to those directly involved in undertaking or introducing any specific activities to the church buildings to ensure that all significant hazards are identified and suitably controlled. This includes visiting contractors and workmen who may introduce other hazards and risks by the tools, equipment, chemicals or materials that they bring into the church environment. It’s also very important to remember that they may not be familiar with your buildings, so sharing your risk assessments, asbestos register and ensuring a safety walk around the building will also ensure the contractors and visitors are kept safe from any specific hazards on site. See the specific sections on CDM and contractor management.

Extensive information on hazard identification is available from the HSE website, including access to legislation, guidance documents and approved codes of practice.

The risk assessment must reflect all those who may be at risk from the hazards identified from stage one.

Types of hazards

For ease, hazards can be classified into five main groups:

• Biological: Bacteria, moulds, viruses
• Chemical: Cleaning chemicals, fumes
• Physical: Equipment, slips, trips and falls
• Psychological: Stress, verbal abuse
• Ergonomic: Body movements, strains

It is important to keep a written record of risk assessments and the decisions made about how to control identified risks.

The Church of Scotland requires all congregations to be prepared to provide evidence that suitable and sufficient risk assessments have been carried out and regulatory and legal compliance can be demonstrated across the organisation. Therefore, it is best practice to keep a written or electronic record of any risk assessments carried out.

What should be included in the risk assessment document?

There is no prescribed format for a risk assessment document. However, it is necessary to record significant hazards identified, how people might be harmed by them and what has been put in place to control the risks. The risk assessment record should be simple and focus on identifying and controlling hazards.

It is possible to refer to and list any policies, procedures or relevant information that demonstrate risk control within your risk assessment. For high-risk activities such as working at height or using tools or machinery you may also attach the Safe System of Work (SSOW), which is a prescriptive step-by-step method of ensuring that the task is carried out safely. See templates section for an example of a safe system of work.

Risk assessments must be reviewed regularly. For very low risks, this means an annual review. However, if control measures have been implemented, it might be necessary to review these more regularly. It is especially important to review risk assessments following any accident or near miss incident, significant changes to procedures or equipment, or changes in the law. For any moderate, substantial or intolerable risks, continual review of risk assessments until risks have either been eliminated or controlled to a tolerable level is necessary.