Show Form
Can’t find it? Try A-Z Check a registration

Information for:

Sign up to our Engage eNewsletter

Guidance on Risk

Guidance on Risk cover image - petrol guage, coloured green to red (left to right)

Risk is inherent in the activities undertaken by engineering professionals, meaning that members of the profession have a significant role to play in managing and limiting it. The Engineering Council’s guidance on risk describes the role of professional engineers and technicians in dealing with risk, and their responsibilities to society.

Download the Guidance on Risk leaflet

Download the Guidance on Risk wallet card

It comprises the following six principles to guide and motivate professional engineers and technicians in identifying, assessing, managing and communicating about risk:

1. Apply professional and responsible judgment and take a leadership role

Engineering professionals should demonstrate by example a commitment to safety, reliability and ethical conduct through the professional management of risk, from the inception of any engineering activity. They should clearly demonstrate the standards by which they expect risks to be managed, thus setting an example to others. In doing so, engineering professionals should:

  • be prepared to challenge assumptions and proposals
  • ensure that safety receives appropriate consideration
  • assess the balance of risk and benefit
  • strive for all those involved to be able to identify potential problems and opportunities
  • ensure that any engineer reporting to them has the opportunity to maintain competence in the process of risk management
  • lead others in improving practice

2. Adopt a systematic, broad and holistic approach to risk identification, assessment, management and review

The factors that give rise to risk are interdependent and cannot be examined in isolation. It is vital in managing risk to be aware of this interdependency and, rather than dealing with risks one-by-one as they arise, use approaches that deal with whole systems. This requires engineers to:

  • make risk management an integral part of all engineering activity and decision making
  • look beyond purely technical considerations, to address non-technical factors, including social, economic, environmental and political perspectives
  • don’t discount weak signals without further consideration
  • ensure that human factors are considered
  • adopt a decision-making approach that is proportionate to the risk and consistent with their organisation’s defined risk appetite
  • aim to quantify the risks with as much precision as is relevant, sufficient and can be supported by the evidence
  • ensure consideration of high severity, low frequency events along with low severity, high frequency events
  • be responsive to changes in the operating environment
  • look for connections, patterns and relationships between risks and opportunities
  • bear in mind that risk assessment should be used as an aid to professional judgment and not as a substitute for it

3. Comply with legislation and codes, but be prepared to suggest or promote further improvements

Regulations and codes are generic. They can only deal with anticipated events and cannot predict every possible situation. Engineering professionals should take a measured, yet challenging, approach to potential risks, whether or not regulations apply. They should:

  • act in accordance with codes of conduct
  • know about and comply with the law in countries where they are operating or where their products or services will be used
  • recognise and understand the intent behind standards and codes, and understand when their limits are being approached
  • comply with current relevant legal requirements governing engineering risk issues
  • seek advice where necessary
  • where it is practicable, seek further improvements, thus embedding a culture of seeking continuous improvement
  • be open-minded and avoid hiding behind regulations

4. Ensure good communication with the others involved

Communicating effectively with all stakeholders is important to ensure that risks and their implications are understood properly. Within an organisation, risk management should be communicated as a core value. Engineering professionals should:

  • establish strong, honest and effective two-way communication within and beyond their organisation
  • establish a consultation and feedback process about risks with all stakeholders, including the public and local community
  • express clearly the balance of risk and benefit
  • communicate clearly assumptions made during the risk management process
  • communicate clearly individuals’ responsibilities in managing risk over the lifetime of the engineering activity
  • encourage a culture of ‘open reporting’ and a spirit of questioning and learning from others
  • avoid a ‘good news only’ or closed culture

5. Ensure that sustainable systems for oversight and scrutiny are in place

Effective oversight and assurance processes are important safeguards in controlling risks. They should be challenging, and carried out with independence from those creating the risk or attempting to control it. Engineering professionals should:

  • be aware that risk assessment documentation may be used in incident investigations
  • ensure that effective oversight and assurance procedures and systems are in place, and are sufficiently independent
  • ensure that roles, responsibilities and accountabilities are understood and clearly defined, especially where functions are outsourced
  • include assessment of culture
  • not limit assurance to audit or physical systems

6. Contribute to public awareness of risk

The perception of risk among the public is influenced by a range of factors, including emotional ones. Engineering professionals have an important role in raising awareness and understanding about actual levels of risk and benefit, and helping to prevent misconceptions. They should:

  • be prepared to engage in public debate on the perceived risks and benefits
  • ensure that discussion with the public includes management of risk
  • ensure that the public are informed about all aspects of risk management
  • explain the quantitative and qualitative aspects of risk with clarity and supporting evidence
  • be honest and clear about assumptions
  • be prepared to challenge misrepresentations
  • communicate to the public its role in risk management

The guidance document and a handy wallet card listing the six risk principles can be downloaded from the links below. This guidance should be read alongside risk related information produced by professional engineering institutions, such as codes, policy statements or guidance of a technical nature. We have also provided some tools and case studies for extra information.

Useful links


Useful documents

Case studies

Download the Guidance on Risk leaflet

Guidance on Risk has been designed to be read alongside risk related information from your institution, such as codes, policy statements and technical guidance. Updated in October 2021.

… (Read more)

Download the Guidance on Risk wallet card

A handy wallet card listing the six risk principles, designed to be used alongside risk related information from your institution, such as codes, policy statements and technical guidance. Updated in October 2021.

… (Read more)

Print this page