Risk Assessment
Risk Assessment
If risk needs to be considered with regard to things done by the Hackspace then we need to do some sort of analysis:
This is, of course, only one of many ways we could approach the problem. Our first concern must be the people potentially at risk, then the physical infrastructure, like the building or event location, which we'd like to leave in as good state as before we visited, the equipment that we use for the hacking, and the resources, like electrical power, and other consumables, we are using.
We also want to avoid undue social risk, as some people might be in a new, strange, place, and that can make them more vulnerable. Then, there are things like reputational risk to the Hackspace as an organisation (and, indirectly, the IC and DMU), because, we want to be able to go on hacking!
Tools & Materials
Any tools in the Hackspace are only for the use of members, and on the premises. Included in 'tools' is various parts of the Hackspace infrastructure, like power supplies, printers, laptops and other IT equipment. If it is marked 'Do Not Hack' then assume it is infrastructure. If we run a workshop then an assessment needs to be done of risk to the participants, from the tools and materials used, even though in almost all cases there will be no electrical or chemical risks. For physical risk, like from swarf or small pieces of wood, we have protective equipment which should be used; if there is not enough of these then the event or workshop must only be run for those properly equipped.
The Hackspace in most respects counts as a light engineering workshop, and we are not using most of the tools and processes considered most risky, by someone like HSE. Our training procedures for use of tools covers members, and we don't allow non-members to do anything except observe use of those tools from a safe distance, while wearing any suitable protection.
You may want to look at the HSE approach to risk assessment for events.
Innovation Centre Risk Assessment Process
We have conducted risk assessments for use of the rooms we have as tenants at the Innovation Centre (IC), and we continue to do this, at least on an informal basis, as things change over time. This affects Hackspace members, and visiting members of the public on Open Hack Night.
The public may also be involved in arranged events, or by special arrangement, such as organised visits, or member's showing potential members the Hackspace. For a number of reasons, including the lack of Hackspace employees, this risk assessment process is our responsibility, as long as any meetings or events, informal or otherwise, are only held in the rooms we have as tenants.
As part of our agreements with IC, and the requirements put on them by the De Montfort University (DMU) Health & Safety, we need to provide a Risk Assessment (RA) for any out-of-hours room bookings. During working hours, 9-to-5, there is no need for a RA because safety issues are handled by IC staff.
Out of these hours we only have free use of our rooms and the Co-Working Cafe Kitchen, with concern of course for any event being held in the larger Co-Working Cafe space. This means that booked rooms need a RA Process, and a completed RA must be provided with every room booking. However, if this is a regular, repeating, event the previous RA can be used, with minimum change, and many events are similar, so we can make use of some of the examples, below.
Sample Risk Assessments
Hopefully one of these might come close to the sort of event we're assessing. So, hack those assessments!