5 RAMS Mistakes That Get You Sent Back by HSE

Your site team is ready. Equipment is on hire. The project timeline is tight. Then HSE reviews your RAMS and sends it back. Work stops. Costs mount. The project delays.

Certain RAMS mistakes almost guarantee rejection by HSE inspectors. Based on enforcement data and inspector feedback, these five errors appear repeatedly in failed assessments—and they're all completely avoidable.

Mistake #1: Missing or Incorrect Legislation Citations

The Error

Risk assessments that don't cite relevant UK legislation, cite outdated regulations, or reference legislation that doesn't apply to the task.

Common examples:

• No legislation mentioned at all
• Citing "CDM 2007" instead of CDM 2015
• Referencing COSHH for a task with no substance hazards
• Listing every regulation generically without matching to actual hazards

Why It Fails

Missing legislation suggests the assessor doesn't understand legal requirements. Incorrect citations raise questions about competence. Inspectors immediately doubt the quality of the entire assessment.

For construction work, you should typically reference:

• Construction (Design and Management) Regulations 2015
• Work at Height Regulations 2005 (if working above 2m)
• Control of Substances Hazardous to Health Regulations 2002 (if handling substances)
• Management of Health and Safety at Work Regulations 1999 (always applies)

The Fix

Match legislation to actual hazards in your task. If you're working at height, cite WAHR 2005. If handling cement dust, cite COSHH 2002. Keep a legislation reference guide handy or use automated systems that apply correct regulations automatically.

Mistake #2: Generic Controls That Don't Match Actual Hazards

The Error

Control measures so generic they could apply to any task, showing no thought about the specific work activity or site conditions.

Examples that fail inspection:

• Hazard: Working at height on scaffold - Control: "Wear PPE"
• Hazard: Excavation collapse - Control: "Be careful"
• Hazard: Striking underground services - Control: "Take care"
• Hazard: Dust exposure - Control: "Appropriate measures"

Why It Fails

Generic controls don't actually control risks. They're box-ticking, not risk management. HSE expects specific, practical measures that address the identified hazard.

Consider the difference:

Generic: "Wear PPE when working at height"

Specific: "Edge protection installed to all open edges per BS EN 13374. Guardrails at 950mm minimum height with mid-rail and toe boards. Weekly inspection by competent person with records maintained. Full body harness with lanyard only where edge protection impractical, attached to certified anchor points."

The Fix

Make controls specific and measurable:

• What exactly will be done
• To what standard or specification
• Who is responsible
• How compliance will be checked

Mistake #3: No Risk Rating Methodology Shown

The Error

Risk ratings appear with no explanation of how they were calculated. Inconsistent ratings for similar hazards across different assessments. No clear distinction between initial and residual risk.

Examples of the problem:

• Rating shows "High" but no explanation of likelihood and severity
• Working at 3m is "Low risk" in one assessment, "High risk" in another
• No before/after comparison showing control effectiveness
• Using numbers (1-25) without defining the matrix

Why It Fails

Inspectors need to see systematic risk evaluation, not arbitrary labels. Inconsistent ratings suggest guesswork rather than proper assessment. Missing methodology means they can't verify your evaluation.

The Fix

Use a consistent risk matrix across all assessments:

• Define your likelihood scale (1-5): Rare, Unlikely, Possible, Likely, Certain
• Define your severity scale (1-5): Negligible, Minor, Moderate, Major, Catastrophic
• Show the calculation: Likelihood × Severity = Risk Score
• Rate both initial risk (before controls) and residual risk (after controls)
• Include the matrix in your RAMS template so it's always referenced

Mistake #4: Incomplete or Missing Control Hierarchy

The Error

Jumping straight to PPE without demonstrating consideration of higher-level controls. No evidence of attempting to eliminate or reduce the risk before resorting to protective equipment.

Classic failures:

• Every hazard lists PPE as the only control
• No evidence of considering elimination or substitution
• Administrative controls missing (training, permits, supervision)
• Engineering controls not explored (guards, barriers, extraction)

Why It Fails

HSE's hierarchy of controls is fundamental to UK health and safety law. PPE is explicitly the last resort. Assessments that rely primarily on PPE suggest:

• Lack of understanding of control hierarchy
• Inadequate consideration of safer alternatives
• Box-ticking rather than genuine risk reduction
• Potential CDM 2015 non-compliance (construction sector)

The Fix

Apply the control hierarchy systematically:

Eliminate: Can you avoid the task entirely? Design out the hazard?

Reduce: Can you substitute safer materials/methods? Use mechanical aids instead of manual?

Isolate: Can you physically separate workers from the hazard? Barriers, guards, segregation?

Control: Permits to work, safe systems, training, supervision, signage?

PPE: Only as a last line of defense, supplementing higher controls.

Document why higher-level controls aren't feasible when you must rely on PPE. This shows you've properly considered the hierarchy.

Mistake #5: No Evidence of Competent Person Review

The Error

Risk assessments with no signature, no date, no indication of who prepared them, or no evidence that the assessor was competent to evaluate these specific risks.

Red flags for inspectors:

• Unsigned documents
• No assessor name or job title
• No evidence of relevant training or qualifications
• Assessment created by someone with no knowledge of the task
• No consultation with workers who perform the task
• Generic assessments clearly not site-specific

Why It Fails

The Management of Health and Safety at Work Regulations 1999 require risk assessments be conducted by a 'competent person.' If you can't demonstrate competence, the assessment is legally invalid.

Competence means:

• Sufficient training and experience
• Knowledge of the work being assessed
• Understanding of the hazards involved
• Awareness of legal requirements
• Ability to identify necessary control measures

The Fix

Every RAMS should include:

• Name of the person who prepared the assessment
• Their job title/position
• Relevant qualifications (NEBOSH, IOSH, trade qualifications)
• Date of assessment
• Signature/approval
• Evidence of worker consultation
• Review date

For specialized tasks, involve workers with hands-on experience. The site supervisor who does the work daily often knows hazards that a desk-based assessor might miss.

The Cost of These Mistakes

These aren't minor paperwork issues. When RAMS fail inspection, the consequences include:

Immediate consequences:

• Work stopped on site
• Equipment standing idle (still on hire)
• Workforce diverted to other jobs or sent home
• Client relationship damage

Formal consequences:

• Improvement Notices (formal legal requirement to fix issues)
• Prohibition Notices (immediate work stoppage)
• Fines for non-compliance (£2,000 - £20,000+ for summary offences)
• Unlimited fines for serious breaches
• Criminal prosecution in severe cases

Business impact:

• Loss of reputation
• Difficulty winning future contracts
• Higher insurance premiums
• Reduced competitive advantage

How to Never Make These Mistakes Again

Prevention is straightforward once you know what to avoid:

1. Create a Standard Template

Include mandatory sections for legislation, risk methodology, control hierarchy, and competent person details. Make these required fields that can't be skipped.

2. Use a Quality Checklist

Before submitting any RAMS, check:

• Correct legislation cited for this task?
• Controls specific and measurable (not generic)?
• Risk methodology clearly shown?
• Control hierarchy demonstrated (not just PPE)?
• Competent person details completed?

3. Get Peer Review

Have another competent person review high-risk assessments. Fresh eyes catch mistakes the original assessor missed.

4. Use Automated Systems

Modern risk assessment platforms prevent these mistakes by design:

• Automatically apply correct legislation
• Generate specific controls (not generic templates)
• Include consistent risk methodology
• Enforce control hierarchy in suggestions
• Capture competent person details automatically
• Maintain audit trails and version control

Key Takeaways

• Missing or incorrect legislation citations immediately raise competence concerns
• Generic controls don't control risks - be specific and measurable
• Show your risk rating methodology clearly and consistently
• Demonstrate consideration of control hierarchy before resorting to PPE
• Document competent person details, qualifications, and worker consultation

These mistakes cost time, money, and reputation. More importantly, they suggest your risk assessment process isn't protecting workers effectively. Fix the process, and both compliance and safety improve.