Hazard Identification & Risk Assessment Course

(HIRA – OHS Act & Mine Health and Safety Act)

(Full Day Workshop)

(Including proposed amendments to risk assessment as per proposed Occupational Health and Safety Amendment Bill)



27 November 2019: Tsogo Sun: Century City: Stay Easy: Cape Town


Online booking form


Click here to download registration forms for 27 November 2019: Tsogo Sun: Century City: Stay Easy: Cape Town



Course content:


Unit 1: Introduction

1.1 Introduction       

1.2 Reasons for risk assessments

1.3 What is meant by the term ‘‘risk assessment’’


Unit 2: Legal requirements

2.1 Legal requirements in South Africa

2.2 Legal requirement stipulated by the OHS Act

2.3 Legal requirement stipulated by the MHS Act

2.4 Risk assessment standards (SANS/ISO 31 000 standard & SIMRAC guidelines)


Unit 3: Definitions, terminology and examples

3.1 Important definitions of the OHS Act and MHS Act

3.2 Relevant terminology

3.3 Examples of work-related hazards and risks


Unit 4: HIRA principles and criteria

4.1 Criteria for assessments

4.2 HIRA principles


Unit 5: Legal risk exposures; codes and standards

5.1 Legal risk exposure;

5.2 Influence of codes/ standards and

5.3 General criteria for risk assessment


Unit 6: Risk management; types of risk assessments 

6.1 Risk management and HIRA

6.2 Influence of codes and standards

6.3 Different types of risk assessments (Baseline -; Issue based - & Continues HIRA)


Unit 7: Managing the HIRA process 

7.1 How to establish a HIRA program

7.2 HIRA process and management

7.3 Planning the HIRA


Unit 8: HIRA methodology 

Step 1 Initiating the HIRA and selecting the approach

Step 2 Selection a suitable ‘‘Risk Assessment Report’’

Step 3 Identify the hazards

Step 4 Determine the associated risk(s) to the identified hazards

Step 5 Identify all parties affected by the hazard and determine how they can be affected

Step 6 Evaluate or assess the risk (Methods to rate the risk & Risk ranking matrix)


Unit 9: Managing the risk 

9.1 Sequence of applying control measures

9.2 Identify and evaluate existing risk controls

9.3 Identify appropriate control measures

9.4 Hazard register

9.5 Compile an action plan

9.6 Communicate and consult

9.7 Implementation

9.8 Record keeping

9.9 Monitor the effectiveness of measures

9.10 Review and update

9.11 Conclusion


Purpose of the course:

Risk assessment is essential to any organisation or business, it is a legal requirement stipulated by the Occupational Health and Safety Act as well as the Mine Health and Safety Act.


HIRA promotes a pro-active approach towards effective Health and Safety Management, serving as a valuable tool to the organisation in order to elevate the standard(s) of safety, meeting legal compliance and protecting persons from the hazards that they may potentially be exposed to.


Course outcomes:

On completion of the course the delegates will have knowledge and understanding of the scope and impact of the risk assessment process, including the legal requirement imposed upon the employer for the completion of suitable and sufficient risk assessments.


Delegates will be equipped with the knowledge and skill to be able to identify and assess work related hazards and participate in baseline and continuous HIRA activities.


Learners will be empowered to identify and assess work related hazards and risks in order to identify, implement and evaluate effective methods of control into the situation.


At the end of this course you will be able to: 

  • Explain the specified requirements needed to conduct a base-line risk assessment

  • Prepare to conduct a baseline risk assessment

  • Conduct a baseline risk assessment

  • Initiate remedial action for hazards identified and risks assessed


Unit Standard 

  • Aligned to Unit Standard: 244287

  • Title of US: Conduct a baseline risk assessment and take appropriate action


Who should attend? 

  • Management and supervisors

  • Health and safety representatives and OHS committee members

  • SHE practitioners/ officers

  • Contractors

  • Subject experts

  • Safety, health and environmental personnel such as risk managers, loss control officers, facility managers

  • Any person who is expected to carry out baseline hazard identification and risk assessments



  • R 2740-00 (incl. Vat) per delegate

  • Price include course material, certificates, legislation and catering/ refreshments

  • Safe and secure parking


For further information contact:

  • Deidre on (012) 666 8284

  • Fax: (086) 547 2636 or (012) 661 1411

  • or phone Tinus Boshoff 083 659 2840



What does POPI compliance mean?

By Jan du Toit


Latest developments – Registration of Information Officers:


On 17 May 2021 the Information Regulator’s long awaited online portal went live for the registration of Information and Deputy Information Officers.


The Information Officer of a Responsible Party is the person at the head of your company (CEO or MD) or any person acting in such capacity, or specifically appointed by the MD or CEO to be the Information Officer. Registration must be completed before the end for June 2021.


The address for the portal is  https://justice.gov.za/inforeg/portal.html   


The following information is required to successfully register: 

  • Company name.

  • Company registration number.

  • Company type.

  • Company physical and postal addresses.

  • Company telephone and fax numbers.

  • Information Officer gender, nationality, full name and surname, ID or passport number.

  • Deputy Information Officers same details as per above.


POPIA Compliance – what must be done?

With a little more than a month left before POPI becomes fully effective, many employers may find themselves out of time to become fully compliant to amongst other considerations, the 8 processing conditions prescribed in the Protection of Personal Information Act.


To be considered compliant the following must be considered and applied in the business of a Responsible Party before 1 July 2021. 

  1. POPI training / awareness sessions for the CEO / MD, managers and others tasked with the company’s POPI compliance project. Have a look on our website for the next POPIA training dates.

  2. Compliance audit to be conducted company-wide per department / division to determine the current processing practices within the organization and to establish what needs to be done to be compliant.

  3. Correction of contraventions as identified, and to introduce reasonable technical and organizational measures to prevent the loss or unauthorized access of Personal Information.

  4. Introduction of Data Subject rights and consent in the business through policies and consent clauses / paragraphs / contracts.

  5. The introduction of a PAIA manual (Promotion of Access to Information Act) that incorporates data subject rights and participation in terms of POPIA. This manual must be published on one of the company’s websites. It is also important to note that the current exemption granted by the Minister of Justice for some business to not have such a manual in place currently, expires at the end of June 2021.

  6. General staff POPI policy and legislation awareness training.

  7. Registration of the company’s Information Officer (the CEO, MD or any person acting in such position).

  8. Follow-up assessment on compliance measures and adherence thereto.


It is important to note that no institution, not even the Information Regulator, can “accredit” any Responsible Party in South Africa to be compliant in terms of legislation. Compliance (or otherwise) will only be determined should an investigation be launched by the Information Regulator following a complaint. Should such an investigation confirm a lack of compliance, consequences such an administrative fine not exceeding R10m may follow (which one may luckily pay off in instalments). Further to this those whose rights are infringed upon by a Responsible Party not adhering to the requirements of POPIA, may also institute civil proceedings. Such  proceedings may result in compensation being awarded for loss, as well as aggravated damages determined at the discretion of the court.


In terms of section 19 of the Act, the Responsible Party (business owner / employer) is required to introduce reasonable organizational and technical measures to secure the integrity and confidentiality of Personal Information. The organizational measures referred  to above includes inter alia both internal and external policies to introduce the principle of protection of personal information in the workplace, as well as the rights of data subjects.


To allow you more time to focus on your business, the author of this article compiled a bundle of detailed policies for your business, ready to use. This includes all relevant forms to be used and a template document with draft consent clauses / paragraphs / rules  to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages, and Independent Contractor agreements.


Also included is an Operator Agreement as required in terms of section 21 of the Act and a consent letter for existing clients / service providers, to agree to the continued processing of their Personal Information beyond June 2021.


The policies bundle includes: 

  • Privacy notice template to be published on your website.

  • Personal information protection policy.

  • Personal information retention policy.

  • Data breach policy.

  • Data breach register - form.

  • Data breach report - form.

  • Data security policy.

  • Data subject access request policy and procedures.

  • Data subject access request forms.

  • Processing agreement with third parties as Operators - contract.

  • Data subject participation - draft consent paragraphs / clauses to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages and Independent Contractor agreements

  • Guidelines on the appointment of deputy information officers, inclusive of appointment letter.


For only R3750 you can now order you set of POPI policies, ready to use. Contact Jan du Toit for further assistance at









Courses and Workshops




POPIA: Protection of Personal Information Act

18 June 2021 (09:00 - 12:00) (Fully Booked)

Interactive Online Course

22 June 2021 (09:00 - 12:00) Fully Booked)

Interactive Online Course

22 June 2021 (13:00 - 16:00) (Fully Booked)

Interactive Online Course

23 June 2021 (09:00 - 12:00) (Fully Booked)

Interactive Online Course

23 June 2021 (13:00 - 16:00) (Fully Booked)

Interactive Online Course

29 June 2021 (09:00 - 12:00)

Interactive Online Course

COVID-19 Workplace Compliance Health, Safety and Claims Management Course

23 & 24 June 2021 (08:30 - 13:00)

Inter active Online Course

Basic Labour Relations

24 June 2021 (09:00 - 16:00) (Fully Booked)

Interactive Online Course

29 July 2021 (09:00 - 16:00)

Interactive Online Course

AARTO and the Impact on Your Business

25 June 2021 (09:00 - 12:00)

Interactive Online Course

Employment Equity Committee Training

02 July 2021 (09:00 - 16:00)

Interactive Online Course

Workshop Chairing Disciplinary Hearings

15 & 16 July 2021 (09:00 - 16:00)

Interactive Online Course

Compensation for Occupational Injuries and Diseases Course

16 July 2021 (09:00 - 12:00)

Interactive Online Course

Managing Poor Performance/ Incapacity

22 July 2021 (09:00 - 12:00)

Interactive Online Course

Management and Leadership Skills

28, 29 & 30 July 2021 (08:30 - 16:00)

Interactive Online Course


 Our Clients 


Android App On Google Play

Android App On Google Play