ALARP (As Low As Reasonably Practicable)

What Is ALARP?

ALARP stands for "As Low As Reasonably Practicable." It is a legal principle and regulatory standard embedded in UK occupational health and safety law, originating from the Health and Safety at Work Act 1974 (Section 2 and Section 3). ALARP requires employers, self-employed persons, and duty-holders to reduce risks so far as is reasonably practicable.

Legal Basis

The Health and Safety at Work Act 1974 Section 2 states:

> "It shall be the duty of every employer to ensure, so far as is reasonably practicable, the health and safety at work of all his employees."

This is a general, performance-based duty-not prescriptive. It does not specify how to achieve safety; rather, it requires that organisations demonstrate they have done everything reasonably practicable to reduce risk.

The "Reasonably Practicable" Test

"Reasonably practicable" is distinct from:

• "Physically possible": It is physically possible to eliminate almost all risk, but ALARP recognises this is often impractical.
• "Reasonably safe": Achieving safety at any cost is not required. ALARP balances safety against practicability.

The interpretation of "reasonably practicable" was established in UK case law (R v. Dunning & Sons Ltd, 1907) and refined in the seminal case R v. Heil Ltd (1987):

> "Reasonably practicable" is that which is capable of being done; the cost and effort of doing it must not be grossly disproportionate to the benefits to be achieved.

This is the Gross Disproportion Test: If the cost or burden of implementing a risk control is grossly disproportionate (10x, 20x, or more) to the risk reduction benefit, the control is not reasonably practicable.

Burden of Proof Reversal

Crucially, ALARP places the burden of proof on the employer (defendant). In a prosecution, the employer must prove to the court that they did everything reasonably practicable, not just "something reasonable." This reversal of burden is unusual in criminal law and makes ALARP compliance critical to legal defence.

The Gross Disproportion Test: Worked Example

Scenario: A construction company operates a crane. The residual risk of failure is 1 in 50,000 lifts. A new safety system would reduce this to 1 in 100,000 lifts (50% improvement). The system costs £200,000 to install and maintain annually.

ALARP Analysis:

• Benefit: Risk reduction from 1/50,000 to 1/100,000 per lift. Over 5 years (50,000 lifts/year), this prevents 5 potential incidents.
• Cost: £200,000 per year = £1,000,000 over 5 years, or £200,000 per incident prevented.
• Gross Disproportion?: The cost is high (£200,000 per prevented incident), but if the severity of a crane failure is death (SIF), the benefit is preventing a fatality. Most courts would not find a 5:1 or 10:1 cost-to-benefit ratio grossly disproportionate for SIF prevention.

Conversely: If the system cost £2,000,000 per year to prevent 1 accident per 50,000 lifts (all of which would result in minor injuries, not SIFs), a court might find gross disproportion (£2M to prevent minor injury × 5 = £10M cost for minor injuries).

Also Known As: Reasonably Practicable Standard, ALARP Principle, Risk Tolerance Framework

Regulatory Standard / Framework:

• Health and Safety at Work Act 1974 (UK) - foundational statute
• Management of Health and Safety at Work Regulations 1999 (UK) - operationalises ALARP duty
• HSE Guidance INDG163 "Five steps to risk assessment" - provides practical ALARP framework
• R v. Heil Ltd (1987) - case law establishing Gross Disproportion Test
• HSE Prosecution Policy (2016) - guidance on burden of proof and ALARP defence

How ALARP Is Demonstrated & Applied

The ALARP Hierarchy

When assessing whether a risk is reduced to ALARP, apply the risk control hierarchy:

1. Elimination: Remove the hazard entirely (most effective, most ALARP).
2. Substitution: Replace with a lower-risk alternative.
3. Engineering Controls: Design out hazard (e.g., guardrails instead of relying on behaviour).
4. Administrative Controls: Procedures, training, supervision, permits.
5. PPE: Personal protective equipment (last resort, least ALARP if used alone).

At each step, ask: "Is this reasonably practicable?" If yes, implement and move to the next step. If no (due to gross disproportion), document why and move forward.

Demonstrating ALARP Compliance

To prove ALARP compliance in a prosecution or audit, you must show:

1. Hazard Identification: The organisation identified all relevant hazards.
2. Risk Assessment: The organisation assessed the severity and probability of each hazard.
3. Control Hierarchy Applied: The organisation applied the hierarchy systematically.
4. Controls Implemented: All reasonably practicable controls were implemented (based on step 4, above).
5. Residual Risk Acceptance: Any residual risk was documented as tolerable (not grossly disproportionate cost to benefit).
6. Documentation & Evidence: Risk assessments, meeting minutes, decisions, and audit trails show systematic ALARP analysis.
7. Ongoing Monitoring: Controls are regularly reviewed and updated when new information (e.g., new technology, incidents) becomes available.

ALARP Documentation Checklist

For each significant hazard: ☐ Hazard identified and documented ☐ Risk assessed (severity × probability) ☐ Control hierarchy considered: ☐ Elimination feasible? If not, documented why (cost/burden) ☐ Substitution feasible? If not, documented why ☐ Engineering controls feasible? If not, documented why ☐ Admin controls implemented? ☐ PPE in place? ☐ Cost-benefit analysis: Are controls reasonably practicable?

• Cost of implementation: £X
• Benefit (risk reduction, harm prevented): [quantified]
• Gross disproportion? (Yes/No, documented)

☐ Controls documented in method statements and safe systems of work ☐ Workers trained and supervised on controls ☐ Controls reviewed annually or when circumstances change ☐ Incidents or near-misses linked back to ALARP: did they reveal a control gap?

Why ALARP Matters: Operational impact

For HSSE Teams

ALARP is the legal foundation of UK health and safety compliance. Every risk assessment, control decision, and safety investment must be justified through ALARP reasoning. HSSE teams must document their decision-making: Why was this control chosen? What alternatives were considered? Why is this control reasonably practicable? If challenged in an inspection or prosecution, ALARP documentation is your defence. The burden is on you (the employer) to prove ALARP compliance, not on the HSE to prove you failed.

For IT & CIOs

ALARP decisions must be documented and auditable. Risk registers should record hazard, risk level, controls implemented, cost-benefit rationale, and residual risk acceptance. Systems must track control implementation and review dates. When incidents occur, the system should flag whether the control involved in the incident was previously identified as hazard and whether ALARP analysis supported its adequacy. Audit trails demonstrate that ALARP decision-making was systematic, not arbitrary.

Industry context

According to HSE prosecution records (2021-2023), organisations that documented ALARP analysis (risk assessments with cost-benefit justification) are significantly more likely to successfully defend ALARP challenges in court. Conversely, organisations with minimal or absent documentation (no risk assessments, no control justification) typically face larger fines and higher conviction rates. The average fine for HSE prosecutions where ALARP documentation was absent exceeded £500,000, while fines where documentation was robust averaged £200,000-£300,000.

Implementing & Monitoring ALARP: From Manual to Digital

Manual approach: A company's risk assessments are stored in Excel or paper files, often inconsistent in format and depth. When the HSE inspects, risk assessments cannot be easily located or are discovered to be incomplete (missing cost-benefit analysis, no documentation of why alternatives were rejected). During prosecution, the company cannot prove ALARP compliance due to poor documentation. Fines are higher because the burden of proof is reversed; the company must prove ALARP, not the HSE.

Digital approach: All risk assessments are recorded in a centralised system with mandatory fields: hazard, risk rating, control hierarchy steps considered (with yes/no and justification), cost-benefit analysis, residual risk acceptance, implementation date, review schedule. When controls are implemented, photos and completion evidence are attached. When incidents occur, the system links the incident back to the relevant risk assessment and control, flagging any ALARP gaps. Audit trails demonstrate systematic decision-making to regulators.

Dockt's platform integrates ALARP risk assessment with credential and control monitoring. When a hazard is identified, the system links it to required certifications and training (e.g., fall protection hazard to require fall rescue training credential). When controls are implemented, Dockt tracks their compliance status and flags if Competent Person supervision is lapsed or if required certifications expire. This ensures ALARP analysis is not merely theoretical but operationalised and monitored.

Best Practices for ALARP Compliance

• Document Risk Assessment & ALARP Analysis Thoroughly: For every significant hazard, maintain a risk assessment documenting: hazard, current risk level, control hierarchy steps considered, cost-benefit analysis (if a step was rejected), controls implemented, residual risk, and review date. This documentation is your ALARP defence.
• Use the Control Hierarchy Systematically: Do not skip steps. If you propose PPE as a control, document why elimination, substitution, and engineering controls were not reasonably practicable. Courts are suspicious of control hierarchies that jump directly to PPE.
• Conduct Cost-Benefit Analysis for Significant Controls: For expensive controls (e.g., £50,000+ or affecting all operations), document the benefit: How many incidents would be prevented? How severe are those incidents? Compare cost to severity and probability. Show that cost is not grossly disproportionate.
• Review ALARP When Circumstances Change: ALARP is not a one-time assessment. When new equipment becomes available, when technology advances, when regulations change, or when incidents reveal control gaps, re-assess ALARP. Failure to update ALARP analysis when new control methods become available can shift the balance of proportionality.
• Prepare for the Burden of Proof: In any HSE inspection or prosecution, you must prove ALARP compliance. Ensure your documentation is robust, contemporaneous (not created retrospectively), and demonstrates systematic decision-making. Use ALARP audits to identify and address any documentation gaps before regulators do.