Risk assessment & HACCP
Dear All,
it seems risk assessment and hazard analysis looks almost the same isn't ?. In hazard analysis we find out CCP and PRPs using severity x likelihood and control measures are taken.
Similary the same principle is used in risk assessment and we put control measures. Both covers main steps like - physical hazards/ chemical /allergens/ biological and steps like incoming material to dispatch
Can anyone give me the difference of risk assessment and hazard analysis. ?
thanks in advance
Babu Sebastian
Hello Babu,
Hazard is a potential to cause harm. Risk is a probability and the severity of that harm. They are two different things even though they sound similar.
So when you do hazard analysis so list up the potential hazards that can cause harm. When you do risk assessment you assess how likely and how severe that harm would be. Based on the risk you introduce the control measures.
Hope this helps.
Hello Babu,
Hazard is a potential to cause harm. Risk is a probability and the severity of that harm. They are two different things even though they sound similar.
So when you do hazard analysis so list up the potential hazards that can cause harm. When you do risk assessment you assess how likely and how severe that harm would be. Based on the risk you introduce the control measures.
Hope this helps.
Hi Caglar,
Actually above not quite precise in a haccp context, eg Codex -
Hazard - A biological, chemical or physical agent in, or condition of, food with the potential to cause an adverse health effect.
Additionally i think "Probability" is mathematically defined to be within the range 0 - 1. Obviously not always the case for "Likelihood" and "Severity" as utilised in haccp.
@ Babu - Yr OP is a popular textbook conundrum.
Actually the mathematical definition of "risk" is arbitrary and varied. Some haccp analyses use an additive function of Likelihood and Severity for "Risk".
afaik, neither Codex nor NACMCF define "Risk".
PS - JFI note that the BRC7 definition of risk is - "The likelihood of occurrence of harm from a hazard". This appears equivalent to the "likelihood of occurrence of the hazard"(?). This definition of "risk" is another of the findable risk interpretations in the literature but is clearly incompatible with a typical haccp "risk matrix".
Just another terminological mess. :smile:
Yes I meant likelihood when I said probability. This is due to not being native English speaker.
hi Babu,
with a HACCP hazard analysis you are looking at Physical, Chemical, Micro and Intrinsic hazards in the risk assessment, for a risk analysis you could also account for example the Financial Exposure.
see example below a table which I have used for RISK ASSESSMENT TO DETERMINE HOW QUICKLY REPAIRS MUST BE MADE:
I hope this helps,
Severity / Probability
Risk Rating
Definition
Relative Risk
Significant
3
Will cause food safety risk
Moderate
2
Potential food safety risk
Negligible
1
Low food safety risk
Financial Exposure
Significant
3
High financial risk
Moderate
2
Moderate financial risk
Negligible
1
Low financial risk
Likely Occurrence
High
3
Likely to happen, often, frequent
Medium
2
Can happen, but not frequent
Low
1
Unlikely to happen, rare, remote
Hi changk,
Thanks but I'm afraid "tables" can't be copy/pasted into Posts.
.
You need to attach the file via clicking the "more reply options" tab and following the additional choices which will magically appear.
One possible way of looking at it:
Hazard Analysis is looking for all possible hazards, assessing risk and determining sufficient controls.
(A) Determining the type of hazard - biological, chemical, physical, etc.
(B) Risk assessment (severity x probability) is determining what control is needed.
© CCP vs PRP is determining what type of control is needed (level of risk).
So Risk Assessment is part of the Hazard Analysis process.
Meteor hitting the plant = high severity x almost zero probability = almost zero risk. No control necessary.
Storm hitting the plant = high severity x high probability = high risk. Some type of program should be in place (business continuity, etc.).
Risk Level does not directly determine what control program should be implemented. It does determine how stringent the control program needs to be.
Hi. I'd like to ask a silly question. Why risk definition is expressed as a mathematical product and not as a sum? Is it related to the type of variables to be considered dependent variables? When you built a risk table the differences are huge if you consider one or another option. For example, for a certain event (or hazard) in a table 5x5,
5x5 = 25
P1= 2x5 = 10 >>40%
P2= 2+5=7 >> 28%
Variables = likelihood of occurrence and severity
Thx