OH Consultant
Risk AssessmentsGuide
Technical14 min read30 April 2026

Environmental Risk Assessment for Australian Workplaces

What Is an Environmental Risk Assessment?

An environmental risk assessment is a systematic process of identifying, evaluating, and controlling the risks that an organisation's activities, products, and services pose to the natural environment — including the risk of pollution to land, water, and air; the risk of harm to biodiversity and ecosystems; the risk of resource depletion; and the risk of climate-related impacts. It examines both the probability that an environmental incident will occur and the magnitude of the harm that would result, and it determines the controls and management measures necessary to reduce those risks to a level that is acceptable under applicable environmental law and community expectations.

In the Australian context, environmental risk assessment is required at multiple levels of the regulatory hierarchy. Under state and territory environmental protection legislation — the Protection of the Environment Operations Act 1997 (NSW), the Environment Protection Act 1970 (Vic), the Environmental Protection Act 1994 (Qld), and equivalent legislation in other states — PCBUs that hold environment protection licences, development consents, or other environmental approvals must assess and manage the environmental risks of their licensed activities. At the federal level, the Environment Protection and Biodiversity Conservation Act 1999 (EPBC Act) requires environmental impact assessment for actions that may have a significant impact on matters of national environmental significance (MNES), including threatened species and ecological communities, world heritage areas, Ramsar wetlands, and the Great Barrier Reef Marine Park.

Environmental risk assessment is also a component of management system standards. ISO 14001 Environmental Management Systems requires certified organisations to identify their environmental aspects — the elements of their activities, products, and services that interact or could interact with the environment — evaluate their significance, and manage the risks associated with significant aspects. An environmental risk assessment is the mechanism through which the significance evaluation required by ISO 14001 is conducted in practice.

Beyond regulatory compliance, environmental risk assessment is a critical tool for business risk management. Environmental incidents — chemical spills, contamination events, regulatory non-compliance — can result in regulatory penalties, clean-up liability, reputational damage, and third-party claims from affected landowners or communities. The cost of remediating a significant contamination event in Australia can reach tens of millions of dollars. A proactive environmental risk assessment is substantially less expensive than reactive remediation.

Australian Environmental Regulatory Framework

Environmental risk management in Australia is governed by a multi-layered regulatory framework that spans federal, state and territory, and local government legislation. Understanding this framework is essential for scoping an environmental risk assessment appropriately.

**Federal legislation — EPBC Act 1999:** The Environment Protection and Biodiversity Conservation Act is the primary federal environmental law. It prohibits actions that will have, are likely to have, or are likely to have a significant impact on MNES without ministerial approval. An environmental risk assessment for any project that could affect MNES must include an assessment of the likelihood and magnitude of those impacts as part of the referral and assessment process.

**State and Territory EPL regimes:** Most industrial and commercial activities that have the potential to cause significant environmental harm require an Environment Protection Licence (EPL) or equivalent authorisation under state environmental legislation. EPL conditions specify the permissible emission concentrations and limits, monitoring requirements, and environmental management obligations applicable to the licensed activities. The environmental risk assessment must evaluate the risk of non-compliance with EPL conditions and the controls required to maintain compliance.

**Contaminated Land:** State environment protection legislation in each jurisdiction regulates contaminated land — sites where the concentration of potentially contaminating substances exceeds the applicable investigation threshold or remediation criteria. PCBUs that operate on potentially contaminated sites (former industrial sites, fuel storage areas, dry cleaning premises, electroplating workshops) are required to notify the regulator in some jurisdictions when contamination is discovered and must assess and manage the contamination risk. The environmental risk assessment must include a contamination history review and, where indicated, site sampling.

**National Environment Protection Measures (NEPMs):** The National Environment Protection Council administers NEPMs — standards for ambient air quality, assessment of site contamination, and other national environmental quality objectives. The Assessment of Site Contamination NEPM (ASC NEPM) specifies the investigation levels and health-based criteria used in contaminated land assessments in Australia.

**WHS/Environment Overlap:** In many industrial settings, environmental incidents — a chemical spill, an asbestos disturbance, a dust emission event — are simultaneously WHS incidents because they expose workers as well as the environment to harm. A comprehensive environmental risk assessment must consider both the environmental pathway (spill → waterway → ecosystem) and the occupational pathway (spill → skin contact or inhalation → worker health harm).

Environmental Aspects and Impacts: The ISO 14001 Approach

ISO 14001 Environmental Management Systems uses the concepts of environmental aspects and environmental impacts as the basis for environmental risk assessment. Understanding these concepts is essential for organisations seeking ISO 14001 certification or alignment.

**Environmental aspects** are elements of an organisation's activities, products, or services that can interact with the environment. Examples include: discharging treated wastewater to a receiving waterway; burning natural gas for process heating; using solvents that evaporate to atmosphere; generating solid waste for landfill disposal; consuming groundwater for cooling; and disturbing contaminated soil during excavation. Aspects can be normal (routine operations), abnormal (planned non-routine activities such as maintenance shutdowns), or emergency (spills, fires, equipment failures).

**Environmental impacts** are the changes to the environment — whether adverse or beneficial — that result from an aspect. A discharge of treated wastewater may cause elevated nutrient loading in the receiving waterway (adverse), leading to algal blooms and reduced dissolved oxygen (impacts on aquatic ecosystem). A contaminated soil disturbance may release benzene to groundwater (adverse), with potential drinking water impacts downstream.

**Significance evaluation** is the process of determining which aspects are significant and therefore require active management controls. ISO 14001 requires organisations to establish criteria for significance evaluation and apply them consistently. Common criteria include: the scale of the environmental impact; the severity of the impact (reversible or irreversible; local or regional); the probability of occurrence; the duration of the impact; compliance with applicable legal requirements; and stakeholder concern.

**Risk-based thinking in ISO 14001:2015.** The 2015 revision of ISO 14001 introduced explicit risk-based thinking into the standard, requiring organisations to identify risks and opportunities associated with their environmental aspects and to plan actions to address those risks. This aligns the environmental management system standard with the Australian WHS risk management methodology and creates a natural bridge between an organisation's WHS risk assessment and its environmental management system.

Common Environmental Hazard Categories in Australian Workplaces

An environmental risk assessment must address all relevant environmental hazard categories present in the workplace or associated with the organisation's activities. The following categories are among the most significant for Australian industrial and commercial operators.

**Liquid chemical spills and discharges.** Chemical spills to land or stormwater drainage can contaminate soil, groundwater, and receiving waterways. The assessment must identify all liquid chemical storage and use areas, the quantities and hazard properties of the chemicals involved, the containment infrastructure (bunded areas, spill kits, interceptor pits), and the risk of a spill reaching stormwater drainage or an uncontained area. In coastal and near-coastal locations, the risk of marine pollution must be considered.

**Air emissions.** Point source air emissions (stacks, vents, flares) and fugitive emissions (evaporation from open vessels, dust from unsealed roads and stockpiles, volatile organic compound emissions from chemical storage) can cause local air quality impacts. The assessment must identify all emission sources, estimate the mass emission rate for each significant pollutant, and compare emissions against applicable EPL conditions and ambient air quality criteria.

**Noise.** Industrial noise affecting adjoining residential or sensitive receiver areas (schools, hospitals) is a common environmental compliance issue for Australian manufacturers and construction contractors. The assessment must identify noise sources, estimate the noise level at the nearest sensitive receiver using standard acoustic modelling methods, and compare against the applicable noise criteria specified in the EPL or development consent.

**Waste generation.** The assessment must characterise the waste streams generated by the organisation's activities — identifying hazardous versus non-hazardous wastes, tracking their disposal pathway, and confirming compliance with the applicable waste classification and disposal requirements under state legislation.

**Groundwater and soil contamination.** Operations involving underground storage tanks, chemical injection, or soil contact with hazardous materials must assess the risk of soil and groundwater contamination. The assessment should include a site history review and, where contamination risk is identified, a sampling and analysis programme consistent with the ASC NEPM investigation levels.

**Biodiversity and habitat impacts.** For projects involving land clearing, construction in vegetation communities, or activities near waterways, wetlands, or other sensitive habitats, the assessment must evaluate the risk of significant impact on flora and fauna — including threatened species and ecological communities listed under the EPBC Act or state equivalent.

Conducting an Environmental Risk Assessment: Step by Step

A compliant environmental risk assessment follows a structured methodology that mirrors the WHS risk management process, adapted for environmental hazards.

**Step 1 — Define the scope.** Identify the activities, products, and services to be assessed, the geographic extent of the assessment (the site boundary, the stormwater catchment, the airshed), and the regulatory requirements applicable to those activities. Review the EPL conditions, development consent, and any other environmental approvals to identify the specific environmental compliance obligations that the assessment must address.

**Step 2 — Identify environmental aspects.** Systematically identify all activities, products, and services that interact or could interact with the environment — both under normal operations and under abnormal and emergency conditions. Walk the site, review process flow diagrams, utility meters and usage records, and waste management records. Engage operational staff who have direct knowledge of the activities.

**Step 3 — Evaluate significance.** For each identified aspect, evaluate the significance of the associated environmental impact using the organisation's significance criteria. Record the rationale for each significance rating. Aspects rated as significant require active management controls; aspects rated as not significant require only monitoring to confirm that their impact remains negligible.

**Step 4 — Identify and assess current controls.** For each significant aspect, document the controls currently in place — containment infrastructure, monitoring systems, operational procedures, emergency response plans — and assess their adequacy. The current control adequacy assessment determines the residual risk after existing controls, which is the basis for the management decision about whether additional controls are required.

**Step 5 — Identify additional controls.** Where the residual risk is unacceptable — either because of regulatory non-compliance risk or because the potential environmental impact is severe — identify additional controls in hierarchy order: eliminate the aspect where feasible (substitute a less hazardous chemical, switch to a dry process); reduce the quantity or concentration of the environmental pollutant; contain and capture the emission before it reaches the environment; implement monitoring systems to provide early warning of abnormal conditions; and prepare emergency response procedures.

**Step 6 — Document, implement, and review.** Record the assessment in a formal document, implement the additional controls, assign responsibility and timelines, monitor performance using the environmental performance indicators identified in the assessment, and review the assessment annually and whenever significant changes occur.

Environmental Incident Response and Emergency Planning

An environmental risk assessment is the input to the site's environmental emergency response plan — the procedures that will be implemented if an environmental incident occurs despite the prevention controls. For licensed facilities, state environment protection legislation typically requires an environment protection licence holder to have an environmental emergency plan covering spill response, air emission incidents, and other foreseeable environmental emergencies.

**Spill response procedures** must specify the actions to be taken immediately upon discovery of a spill — alert the emergency coordinator, isolate the source where safe to do so, deploy spill containment materials, prevent spill material from reaching stormwater drains or the natural environment, and notify the relevant state environmental regulator as required by the mandatory notification provisions of the applicable legislation. Most Australian state environmental protection acts require mandatory notification to the regulator of any spill that has caused or is likely to cause material harm to the environment.

**Stormwater management** is a particular priority in Australia, where direct discharges to stormwater drainage are a significant pathway for environmental harm. The emergency plan must specify the location of all stormwater drain covers and isolation mechanisms, the procedure for isolating stormwater drainage in the event of a spill, and the authority and responsibility for drain closure decisions.

**Air emission emergencies** — for example, an uncontrolled release from a vent or the failure of an emission control system — require specific response procedures including the authority to shut down the relevant process, the notification procedure for the regulator, and the procedure for communicating with potentially affected neighbours and community.

**Post-incident review.** Every environmental incident — whether or not it resulted in regulatory notification — must trigger a review of the environmental risk assessment to determine whether the incident was foreseeable, whether the control that failed can be improved, and whether the risk assessment adequately characterised the risk. The incident review record becomes part of the environmental management system's corrective action register.

Our consultant-drafted environmental risk assessment is priced at $65 AUD to reflect the greater depth of professional input and the dual regulatory framework (WHS + environmental) that the assessment must address.

Frequently Asked Questions

**Is an environmental risk assessment a legal requirement in Australia?** For licensed facilities under state environmental protection legislation, risk assessment is required as part of the environmental management obligations attached to the licence. For development projects subject to environmental impact assessment under the EPBC Act or state equivalents, environmental risk assessment is an integral component of the environmental impact statement. For ISO 14001-certified organisations, risk assessment of environmental aspects is a core requirement of the standard. Even without a formal legal trigger, the cost and reputational risk of environmental incidents make proactive environmental risk assessment a sound business practice.

**What is the difference between an environmental risk assessment and an environmental impact assessment?** An environmental impact assessment (EIA) is a regulatory process — typically required for specific development projects — that evaluates the potential environmental impacts of a proposed project and identifies mitigation measures. An environmental risk assessment is an operational tool used by existing organisations to evaluate the ongoing environmental risks of their activities and manage those risks continuously. The EIA is a one-time pre-approval process; the environmental risk assessment is a recurring management tool.

**Do I need to notify the regulator if I discover soil contamination on my site?** In some Australian states, yes. NSW, Victoria, Queensland, and South Australia have mandatory notification obligations for landowners or operators who discover contamination that exceeds specified thresholds. The assessment must identify whether mandatory notification obligations are triggered and, if so, the notification procedure and the required remediation steps. A suitably qualified environmental professional (SQEP) with contaminated land experience should be engaged where significant contamination is suspected.

**Can a WHS risk assessment cover environmental risks as well?** In principle, yes — a risk assessment can cover both occupational health risks and environmental risks if it is structured to address both. In practice, most WHS risk assessments are designed to assess risks to workers, not risks to the environment. A combined WHS/environmental risk assessment is common for activities where there is significant overlap — for example, a chemical spill that simultaneously threatens a worker's health and a receiving waterway. However, for complex environmental risk profiles — licensed facilities, contaminated land, biodiversity-sensitive locations — a dedicated environmental risk assessment conducted by an environmental professional is required.

**How does an environmental risk assessment relate to ISO 14001?** ISO 14001 requires organisations to identify their environmental aspects, evaluate their significance, and plan actions to address risks and opportunities associated with significant aspects. The environmental risk assessment is the tool used to fulfil these requirements. A well-structured environmental risk assessment that documents aspects, impacts, significance ratings, and control measures provides the evidence base for an ISO 14001 certification audit.

Download Our Environmental Risk Assessment

CIH-reviewed, covers ISO 14001 aspects/impacts, EPL compliance, contamination, spill response, and air emissions. Suitable for licensed facilities, construction projects, and ISO 14001 certified organisations. Editable Word format. $65 AUD.

Buy Environmental Risk Assessment — $65