Hazard identification in accordance with ISO 12100

The goal of risk minimization and key factors

Hazard identification: The ISO 12100 standard sets out general principles for designing safe machinery and carrying out risk assessment. The purpose of applying this standard is to achieve the maximum practicable reduction of risk—so that the machine is as safe as possible, without compromising functionality or usability, while also remaining economically feasible. The risk reduction strategy under ISO 12100 takes into account four key factors that should be considered in the order given below:

• Machine safety throughout its entire life cycle – above all, the machine should be designed and used in a way that protects people’s health and lives at every stage, from installation through to decommissioning.
• The machine’s ability to perform its intended function – the safety measures introduced must not prevent the machine from carrying out its basic tasks. Safety should not be achieved at the expense of lost functionality.
• Machine usability – the machine must remain ergonomic and easy to operate. Safeguards that are too cumbersome or complex may lead staff to bypass them, so it is important that safety measures are user-friendly.
• Manufacturing, operating, and decommissioning costs – finally, safety-related solutions should be economically justified. The aim should be to reduce risk within the bounds of reasonable costs for production, maintenance, and the machine’s eventual withdrawal from service.

Note that safety comes first and costs come last—this is no coincidence. Striving for safety is an iterative process. After implementing risk-reduction measures, the machine is assessed again—if the risk is still too high, additional protective solutions are applied. These cycles are repeated until an acceptable level of risk is achieved. It is important that these iterations use the best available technical measures and good engineering practice. As a result, a machine that meets the requirements of ISO 12100 should be safe, efficient, and compliant with regulations (the EN ISO 12100 standard is harmonised with the Machinery Directive 2006/42/EC, which means there is a presumption of conformity with its requirements).

Risk assessment process according to ISO 12100

Risk assessment in accordance with ISO 12100 consists of several stages, comprising risk analysis and risk evaluation. The key stages are: defining the limits of the machine, hazard identification, risk estimation, and risk evaluation. Only after completing these steps are decisions made on whether risk reduction is needed and appropriate protective measures implemented. A properly conducted risk assessment is the basis for ensuring machine safety and compliance with legal requirements (e.g., for CE marking). In this article, we focus on hazard identification—the foundation of the entire risk analysis process. It is the first and most important step of risk assessment, determining the effectiveness of subsequent actions. However, to identify hazards correctly, you must first clearly define the scope and operating context of the machine and gather the appropriate input information.

Information sources for hazard identification

Before we start identifying hazards, let’s gather all available information about the machine and how it will be used. ISO 12100 recommends taking the following data into account:

• Machine documentation and user requirements – should include a description of the machine, its intended use, technical specifications, design diagrams and drawings, a list of components, required energy connections, etc. The requirements and expectations of future users regarding the device’s functions and performance are also important.
• Applicable regulations and standards – all relevant legal requirements, harmonized standards, and other technical standards applicable to the specific machine or process should be collected (e.g., detailed standards covering the safety of control systems, electrical equipment, ergonomics, noise, hazardous substances, etc.). Reviewing these documents helps anticipate the required safety measures and typical hazards.
• Operating experience with similar machinery – feedback from real-world use is extremely valuable: the history of accidents and incidents (including so-called near-miss events) involving similar machines, service data on typical failures, damage statistics, or operator error statistics. If the machine is being modernized or is a subsequent version of an existing solution, experience from previous designs should be reviewed. The absence of past accidents does not guarantee that the risk is negligible—it may simply reflect good luck or underreporting, so potential hazards must not be disregarded solely because there is no accident history.
• Ergonomic and environmental aspects – it is worth taking ergonomic principles into account (e.g., adapting machines to users’ anthropometry, reducing work-related strain) as well as information about the working environment (e.g., whether the machine will operate indoors in a hall or outdoors, in dusty conditions, humidity, extreme temperatures, etc.). Such factors may create additional hazards (e.g., the risk of slipping on an icy platform, reduced operator concentration when working in an uncomfortable position).

All of the above information should be kept up to date as the design work progresses. Based on this data, the design team can better anticipate hazards and dangerous situations that may arise throughout the machine’s entire life cycle.

Defining the machine’s limits (step 1)

The first step in risk assessment is to define the machine’s limits, meaning to establish the context in which the machine will be used. These limits cover not only the equipment’s physical parameters, but also how it will be used, the environment in which it operates, and the people who will interact with it. Setting these boundaries is essential to correctly identify all hazards. Four main aspects of the machine’s limits should be considered:

• Limits of use – these include the machine’s intended use as well as reasonably foreseeable misuse. You need to define what the machine is designed for (e.g., metalworking, packaging food products, transporting pallets) and also how it might be used contrary to the instructions (e.g., using a press as an improvised bending machine, operation by unqualified persons, etc.). Consider the different operating modes (automatic, manual, service) and any operator interventions required during faults or downtime. It is crucial to define the user profile – will the machine be operated by qualified operators, maintenance staff, or also by interns/trainees or bystanders? Take into account operator characteristics that may affect safety: the minimum required level of training and experience, as well as any physical limitations (e.g., operation by left-handed people, shorter individuals, possible disabilities such as hearing or vision loss). In addition, we must consider other people in the machine’s vicinity – for example, whether employees not directly involved in operation (administrative staff, cleaning personnel) may be nearby, or even bystanders, visitors, or children. Their presence can create additional hazards if they enter the equipment’s working area.
• Spatial constraints – relate to the physical space in which the machine operates. The movement range of moving parts must be defined in order to identify hazardous zones around the machine (e.g., the area where a moving robot arm could strike a person). The required space for the operator and service personnel during all activities (operation, maintenance, repairs) must be taken into account—for example, whether there is enough room around the machine for a worker to safely change a tool, or whether they would be forced into an awkward posture. Human–machine interfaces are also important (whether controls are easily accessible, whether the HMI panel is in the right place), as well as energy connection points (for example, whether power cables or hydraulic hoses create a trip hazard or are exposed to mechanical damage). Spatial constraints may also include installation conditions—for example, limited hall height or the presence of other nearby equipment that may affect safe operation.
• Time limits – relate to the machine’s life cycle and its operating schedule. The expected service life of the machine and its components must be defined (e.g., whether the design is intended for 5, 10, or 20 years of operation; how many operating cycles key parts will withstand before material fatigue occurs). It is important to plan service intervals: how often the machine requires inspections, preventive maintenance, and replacement of wear parts (seals, filters, cutting tools, oils, etc.). This information matters because many hazards emerge over time—for example, component wear can increase the risk of failure, and infrequent inspections increase the likelihood of a dangerous fault. Time limits also include the expected intensity of machine use (whether it will run continuously in a three-shift system or only occasionally for a few hours per week)—the more frequent the exposure to a hazard, the higher the risk.
• Other limitations – these are any additional factors specific to the particular machine. They include, for example, the properties of the materials being processed (whether the feedstock is liquid, free-flowing, toxic, flammable, sharp, heavy – which may create chemical, fire, or mechanical hazards). Requirements relating to cleanliness and hygiene may also be important (e.g., for machines used in the food or pharmaceutical industries – the need for frequent washing may mean a slip risk due to water or hazards associated with the use of cleaning chemicals). It is also necessary to take into account the machine’s environmental operating conditions – minimum and maximum ambient temperatures, humidity, dust levels, exposure to weather if it operates outdoors, the presence of explosive atmospheres, etc. These factors affect both safety (e.g., the risk of the equipment overheating, the risk of a spark in a dusty environment) and the durability of protective measures (e.g., guards may corrode in a humid environment).

A careful review of the above limitations provides the context in which the subsequent risk assessment will be carried out. Only with this full picture can we move on to the actual hazard identification.

Systematic hazard identification (step 2)

Hazard identification is the process of finding and listing all potential hazardous situations, as well as hazardous events and other possible events that could lead to an accident. This task should be approached methodically and should cover all phases of the machine’s “life”—from transport and installation, through commissioning, normal operation, changeovers, cleaning, maintenance, and finally decommissioning and dismantling of the equipment. Different hazards may arise at each of these stages, so none may be overlooked.

To avoid missing anything, the designer (or the risk assessment team) should identify all operations and tasks carried out both by the machine and by the person interacting with the machine, at every stage of its life cycle. In other words, we consider what the machine does and what the person does at each stage, and then determine what hazards may be associated with it. It is helpful to create checklists or step-by-step scenarios. Examples of tasks related to machine operation and servicing that should be analyzed include:

• Adjustment/setting – any preparatory activities carried out before starting work, e.g., parameter configuration, manually moving machine components when setting the zero position, calibration.
• Testing and trials – running the machine unloaded or under light load, functional tests of subsystems, controller programming, teaching the robot trajectories, etc.
• Process or tooling changeover (retooling) – replacing machining tools, reconfiguring a production line for a different product, changing tooling, which often requires entering the machine’s working area.
• Start-up and normal operation – the production phase when the machine performs its intended function. Here we analyze hazards during the standard operating cycle, when the operator typically only supervises the process (but may also, for example, feed raw material by hand or remove the finished product).
• Feeding materials and removing products – operator tasks related to loading the machine (e.g., inserting raw material or a semi-finished part) and taking out the finished workpiece or waste. Many accidents occur precisely when the operator reaches into the working area, for example putting a hand into the machine to correct the material’s position.
• Machine stopping – both normal shutdown at the end of the cycle and emergency stop in a hazardous situation. Consider what happens during the run-down of moving parts, whether there is a risk of someone being drawn in during braking, etc.
• Clearing faults and restarting – activities related to an unplanned stoppage, e.g., clearing material jams, resetting an alarm, restarting the machine after an emergency stop. Often, in a rush, operators intervene in the machine (e.g., trying to manually pull out a jammed part), which creates a particular risk if the machine starts up unexpectedly.
• Fault detection and servicing – troubleshooting, maintenance and repair work, parts replacement, lubrication, and in-service calibration. This typically involves opening guards and disabling interlocks, which can potentially expose maintenance personnel to contact with hazardous machine parts.
• Cleaning and housekeeping – regular washing, vacuuming, and removal of production waste. This can be a source of atypical hazards, e.g., an operator may enter the inside of the machine to clean it, use chemical agents, pressurised water, etc.
• Preventive maintenance – scheduled periodic inspections during which the condition of mechanisms is checked, consumables are replaced (e.g., filters, oils), control software is updated, etc. Risk must be assessed for each of these activities.
• Corrective maintenance (repairs) – fixing breakdowns, often under time pressure. Hazards arise when technicians try to patch the machine up quickly, sometimes bypassing safety measures, to get production running again.

The list above is not exhaustive—each machine may involve specific tasks (e.g., operator training on the machine, upgrades and modifications during its service life, etc.). It is important to list all foreseeable activities and, for each one, ask: “What could go wrong? What hazard is present here?”.

If we tried to put it in the simplest terms, the description of the “scenario” would look like this:

During a setup operation (Task), sharp parts (Source) may cause a skin cut (Consequence). After assessing the likelihood of occurrence and the severity, this scenario becomes a risk, which is then subjected to the evaluation process.

This process is very rarely captured properly in the “Excel” spreadsheets circulating online or shared among auditors and consulting firms. We recommend safetysoftware.eu, which in our view has so far reflected the “spirit” of ISO 12100 most accurately.

When identifying hazards, hands-on experience is extremely valuable. It is worth consulting experienced operators and Maintenance staff—they know the machine “inside out” and will often point out unusual but very real hazards that a designer might overlook. A useful tool is hazard checklists published in the literature and standards. For example, ISO 12100 includes an example catalogue of hazard types in Annex B. The technical report ISO/TR 14121-2, which describes practical risk assessment methods, also proposes sets of checklist questions that help you systematically review a machine from a safety perspective (drawing on real accident cases)—this approach makes it easier to ensure that no critical “hot spot” is missed. In engineering practice, dedicated software and hazard identification forms are also used, guiding the team step by step through successive parts of the machine and its operation.

Only after identifying all tasks and situations can we compile a list of specific hazardous situations. A hazard is a potential source of harm—it may be a machine component, a factor, or a circumstance that creates danger. Below are typical hazard categories encountered with industrial machinery:

• Mechanical hazards – arising from moving machine parts or mechanical forces. These include, among others, the risk of being caught, drawn in, or crushed by moving components (shafts, gears, transmissions, belt conveyors, press pistons, etc.), being struck by fast-moving robot arms, cuts from blades, entrapment in gaps, falling heavy objects, as well as hazards resulting from inadequate machine stability (tipping over, structural collapse).
• Electrical hazards – electric shock or other effects associated with electrical energy. These may include, for example, exposed live conductors, damaged insulation, failure of the earthing system, breakdowns and short circuits in circuits, static electricity accumulating on the machine, as well as a fire hazard resulting from a short circuit in the electrical installation.
• Thermal hazards – burns from hot surfaces (e.g., heating elements, injection molding machine nozzles, furnaces, steam pipes), frostbite from extremely cold components (refrigeration systems), as well as fire or explosion hazards associated with high temperature. This category also includes chemical burns (if the machine operates, for example, with acids at high temperature) and hazards arising from thermal radiation.
• Chemical hazards – arising from contact with hazardous substances. If the machine uses or generates chemical substances (e.g., adhesives, solvents, coolants, fumes, dusts), there is a risk of poisoning, chemical burns, allergic reactions, and contamination of the operator’s skin or lungs. Consider both normal emissions (e.g., welding fumes, wood dust from a machine tool) and emergency situations (chemical leaks, pressurised hydraulic oil spills).
• Radiation hazards – include harmful electromagnetic and ionizing radiation. Examples include laser radiation (e.g., in laser cutting machines – risk of eye injury or burns), UV radiation (e.g., from welding processes or curing lamps), X-ray and gamma radiation (present in quality control equipment, X-ray inspection units), and strong electromagnetic fields (generated by welding machines, induction furnaces – which may, for example, affect employees’ medical implants).
• Noise and vibration hazards – high machine noise levels (above permissible limits) can cause hearing damage in operators and hinder communication, indirectly increasing the risk of accidents. Mechanical vibrations transmitted to the workstation may lead to musculoskeletal disorders (e.g., hand–arm vibration syndrome) and accelerated worker fatigue, which in turn increases the likelihood of errors.
• Ergonomic hazards – arising from machines not being adapted to the operator. These include forced, uncomfortable working postures, the need to apply excessive force (e.g., when pressing a part that was not предусмотрено in the design), repetitive movements that can lead to repetitive strain injuries (RSI), poor workstation layout (encouraging improper behavior, e.g., reaching over guards), or visual strain caused by inadequate workstation lighting. Ergonomic shortcomings often do not cause an accident immediately, but over the long term they lead to health problems or increase the likelihood of operator error and an accident.

Note: ISO 12100 (a Type A standard—foundational for all other standards in a given segment) has not yet been harmonized with the Machinery Regulation 2023/1230. A new edition of the standard is expected to be published in mid-2026. It will most likely also include guidance on assessing cyber threats.

When identifying hazards, you cannot limit yourself to the machine’s normal operating conditions. You also need to consider atypical and emergency situations. A machine may become faulty or operate incorrectly for various reasons: a component failure, an error in the control software, a drop in supply voltage, external disturbances (e.g., vibrations from another machine, electromagnetic interference), or even design errors (certain scenarios may not have been anticipated by the designer). Any such deviation from normal operation can create new hazards. That is why you should ask yourself: “What will happen if the machine stops performing its function correctly?”. For example: if a cutting tool breaks, could fragments strike someone? If a conveyor stops, will material start to accumulate and create a risk of overload or require manual intervention? If a control system element fails, will the machine transition to a safe state, or could uncontrolled movement occur? Considering all possible machine states (normal state vs. emergency states) is essential for complete hazard identification.

Another aspect is taking into account human error and the deliberate bypassing of safeguards. ISO 12100 requires you to anticipate reasonably foreseeable misuse by operators. People, by nature, try to make their work easier and sometimes take risky shortcuts. Typical situations include, for example: reflex actions under stress (when a machine jams, the operator may instinctively reach in by hand, forgetting to switch off the power), lack of focus or routine (an experienced worker may stop noticing the hazard due to familiarity), haste and time pressure (leading to working on the machine without isolating it from energy sources or deliberately disabling protective devices so that “the machine runs faster”), as well as unauthorised interference (e.g., the curiosity of bystanders, children trying to start the machine). When identifying hazards, you should assume that a person can make a mistake—and consider what consequences that may have. For example, if it is possible to enter the hazardous zone while the machine is operating, sooner or later someone may do so (even if they “know they are not allowed”). That is why, already at the hazard identification stage, it is worth listing such misuse scenarios and treating them as real hazards that must be prevented.

It is worth emphasizing that only an identified hazard can be eliminated or reduced. That is why the hazard identification phase is so important—it is the foundation of the entire risk assessment. If a hazard is not detected at this stage, it may “slip through” unnoticed into the subsequent stages of risk estimation and evaluation and, as a result, remain unprotected. In industrial practice, it is precisely overlooked hazards that most often cause accidents. For this reason, the analysis should be carried out very meticulously, ideally by a team with diverse experience (designer, automation engineer, operator, OHS specialist, etc.).

If, for example, we are to assess the severity of harm, it is worth thinking carefully about what qualifications we have to judge whether the outcome could be fatal. Sometimes, for the assessment to be truly reliable, the team needs to be tailored to the actual needs—for instance, a common practice is to add an occupational medicine specialist to the hazard assessment team.

It is also a good idea to have the hazard list verified by an independent expert or to compare it with lists for similar machines. You can use a checklist from a standard or draw on your own experience from other projects. An example of this approach is HAZOP analysis, used for instance in the chemical industry, where a team of specialists jointly considers various deviations in process parameters and their possible consequences—in the context of machinery, a similarly important role is played by thorough hazard identification.

What’s next after identifying hazards?

The outcome of the identification stage is a list of hazards associated with the machine, together with a description of the situations or activities in which each hazard occurs. This list provides the basis for the subsequent steps of risk assessment: risk estimation (i.e., determining how high the risk is for each hazard—taking into account the likelihood of occurrence and the severity of possible consequences) and risk evaluation (comparing the estimated risk against acceptability criteria and deciding whether additional risk reduction measures are necessary). In the following stages, we assign risk measures to each hazard and decide which risks require reduction first. Many risk estimation methods—such as risk matrices or scoring methods—depend on prior, thorough identification of hazards and accident scenarios, which is why this first step must be carried out diligently.

To wrap up, it is worth keeping two points in mind. First, the risk assessment process (including hazard identification) must be documented. In line with ISO 12100, the designer should produce a record of the analysis carried out—so it is clear which hazards were identified, what assumptions were made, and what actions were taken to minimize risk. Such documentation is essential, for example, when applying for CE certification of a machine and it also provides a valuable knowledge base for the future. Second, hazard identification is not a one-off activity. When the machine is modified (modernization, process change) or when new information becomes available (e.g., an accident report, a new industry standard), you should return to the analysis and update the hazard list. Regular machine safety audits and risk reviews will help you spot hazards that may have emerged over time.

Hazard identification in accordance with ISO 12100 is the foundation of safe machine design and operation. Thanks to a systematic approach and consideration of a broad range of factors—from technical aspects to human factors—it enables proactive accident prevention. Only once we understand all hazards can we effectively design guards, select appropriate protective measures, and implement procedures that ensure the safe operation of equipment. As a result, a well-executed hazard identification process translates into lower risk, greater regulatory compliance, and peace of mind for operators. It is an investment in safety that pays back many times over by avoiding incidents and downtime. Remember—safety starts with anticipating hazards, and that is exactly what thorough hazard identification in line with ISO 12100 is for.