Risk assessment & HACCP

Dear All,

 

it seems risk assessment and hazard analysis looks almost the same isn't ?. In hazard analysis we find out CCP and PRPs using severity x likelihood  and control measures are taken.

 

Similary the same principle is used in risk assessment and we put control measures. Both covers main steps like - physical hazards/ chemical /allergens/ biological  and steps like incoming material  to dispatch

 

Can anyone give me the difference of risk assessment and hazard analysis. ?

 

thanks in advance

 

Babu Sebastian

 

Hello Babu,

 

Hazard is a potential to cause harm. Risk is a probability and the severity of that harm. They are two different things even though they sound similar. 

 

So when you do hazard analysis so list up the potential hazards that can cause harm. When you do risk assessment you assess how likely and how severe that harm would be. Based on the risk you introduce the control measures. 

 

Hope this helps.

Hello Babu,

 

Hazard is a potential to cause harm. Risk is a probability and the severity of that harm. They are two different things even though they sound similar. 

 

So when you do hazard analysis so list up the potential hazards that can cause harm. When you do risk assessment you assess how likely and how severe that harm would be. Based on the risk you introduce the control measures. 

 

Hope this helps.

 

Hi Caglar,

 

Actually above not quite precise in a haccp context, eg Codex -

 

Hazard -   A  biological,  chemical  or  physical  agent  in,  or  condition  of,  food  with  the potential to cause an adverse health effect.

Additionally i think "Probability" is mathematically defined to be within the range 0 - 1.  Obviously not always the case for "Likelihood" and  "Severity" as utilised in haccp.

 

@ Babu - Yr OP is a popular textbook conundrum.

 

Actually the mathematical definition of "risk" is arbitrary and varied. Some haccp analyses use an additive function of Likelihood and Severity for "Risk".

afaik, neither Codex nor NACMCF define "Risk".

 

PS - JFI note that the BRC7 definition of risk is - "The likelihood of occurrence of harm from a hazard". This appears equivalent to the "likelihood of  occurrence of the hazard"(?). This definition of "risk" is another of the findable risk interpretations in the literature but  is clearly  incompatible with a typical haccp "risk matrix".

 

Just another terminological mess. :smile:

Yes I meant likelihood when I said probability. This is due to not being native English speaker.  

hi Babu,

 

with a HACCP hazard analysis you are looking at Physical, Chemical, Micro and Intrinsic hazards in the risk assessment, for a risk analysis you could also account for example the Financial Exposure.

 

see example below a table which I have used for RISK ASSESSMENT TO DETERMINE HOW QUICKLY REPAIRS MUST BE MADE:

 

I hope this helps,

 

Severity / Probability

Risk Rating

Definition

Relative Risk

Significant

3

Will cause food safety risk

Moderate

2

Potential food safety risk

Negligible

1

Low food safety risk

Financial Exposure

Significant

3

High financial risk

Moderate

2

Moderate financial risk

Negligible

1

Low financial risk

Likely Occurrence

High

3

Likely to happen, often, frequent

Medium

2

Can happen, but not frequent

Low

1

Unlikely to happen, rare, remote

Hi changk,

 

Thanks but I'm afraid "tables" can't be copy/pasted into Posts.

.

You need to attach the file via clicking the "more reply options" tab and following the additional choices which will magically appear.

One possible way of looking at it:

Hazard Analysis is looking for all possible hazards, assessing risk and determining sufficient controls.

(A)  Determining the type of hazard - biological, chemical, physical, etc.

(B)  Risk assessment (severity x probability) is determining what control is needed.

©  CCP vs PRP is determining what type of control is needed (level of risk).

 

So Risk Assessment is part of the Hazard Analysis process.

 

Meteor hitting the plant = high severity x almost zero probability = almost zero risk.  No control necessary.

Storm hitting the plant = high severity x high probability = high risk.  Some type of program should be in place (business continuity, etc.).

 

Risk Level does not directly determine what control program should be implemented.  It does determine how stringent the control program needs to be.

Hi. I'd like to ask a silly question. Why risk definition is expressed as a mathematical product and not as a sum? Is it related to the type of variables to be considered dependent variables? When you built a risk table the differences are huge if you consider one or another option. For example, for a certain event (or hazard) in a table 5x5,

5x5 = 25

P1= 2x5 = 10 >>40%

P2= 2+5=7 >> 28%

Variables = likelihood of occurrence and severity

Thx