Known Hazards: 5 Failures That Keep Risk Alive

OSHA tells employers to identify foreseeable emergency scenarios and nonroutine tasks, yet many serious exposures are already known before the injury happens. This article examines five failures that let a named hazard survive after detection, with a Headline Podcast lens on risk competence, control ownership, and executive action.

Why known hazards survive after everyone has named them

A known hazard is not a weak signal. It is a hazard already visible in an inspection, risk register, waiver, audit, near-miss review, maintenance backlog, worker complaint, or field observation, which means leadership can no longer treat future harm as a surprise.

OSHA recommends that employers collect information about workplace hazards, inspect the workplace, investigate incidents, and identify hazards linked to emergencies and nonroutine work. That sequence matters because discovery is only the first half of risk management. The second half is a decision system that assigns authority, money, time, and verification to the critical control verification calendar that shows what must change.

On the Headline Podcast, guests have returned to a blunt question for safety technology and risk work: what problem are we trying to solve? Cam Stevens framed the danger of walking into a technology catalog before the problem is clear, while Gary Pietro's Farmington discussion showed a harder pattern, where a hazard can be knowable, named, and still not acted on in time.

1. The hazard is documented, but no one owns the decision

A documented hazard without a named decision owner is an exposure waiting for a calendar accident. The record may show a date, a location, and a control gap, but if no one has authority to stop, fund, redesign, or escalate the work within 7 days, the document mainly proves that the organization knew.

ISO 45001:2018 specifies requirements for an OH&S management system that helps organizations prevent work-related injury and ill health and improve OH&S performance. A register that lists hazards without decision rights contradicts that purpose because it separates knowledge from action.

Across more than 250 cultural transformation projects, Andreza Araujo observes that the decisive question is rarely whether the hazard was visible. The decisive question is whether the person who saw it could reach the person who could change the condition. That is why leading indicator response rules matter: they convert a signal into a named decision, not another chart.

For an EHS manager, the practical move is to add four fields to every material-risk item: accountable executive, operational owner, next decision date, and verification evidence. If one field is blank for more than 14 days, the hazard is not being managed. It is being stored.

2. The risk is normalized by temporary workarounds

A temporary workaround becomes a failure when it has no sunset date, no compensating control, and no proof that exposure is shrinking. The first approval may be rational, but the third extension often means the organization has converted exception into routine.

BLS recorded 5,283 fatal work injuries in the United States in 2023 and 5,283 means leaders do not have the luxury of treating serious exposure as paperwork. BLS reported that transportation incidents remained the most frequent fatal event in 2024, accounting for 38.2 percent of fatal work injuries, while exposure to harmful substances or environments still caused 687 deaths.

Andreza Araujo's book *A Ilusão da Conformidade* warns that compliance can become theatrical when the form is treated as the control. The same problem appears in temporary risk waivers: the organization can point to approval while the field keeps working under a known gap.

The fix is to make every workaround expire into one of three choices: close the gap, redesign the task, or stop the exposure. Extending the waiver should require a higher authority than approving it the first time, because repeated acceptance is evidence that the temporary bridge has become part of the operating model.

3. The control exists, but nobody checks whether it still works

A control that is not verified after conditions change is only a memory of protection. Maintenance history, bypass records, changed crew mix, production pressure, and aging equipment can all turn a control that worked in January into a weak barrier by June.

The Headline Podcast discussion on risk competence is useful here because it separates control installation from control attention. A guard, sensor, permit, ventilation rule, or alarm can reduce exposure, yet the same control may train people to stop noticing when the surrounding risk has changed.

That is the core trap in control automation in safety. Protective technology can support risk management, but it cannot replace field unease, supervisor verification, and line ownership. When workers wait for the alarm to think, the organization has outsourced judgment to a device that may fail silently.

Build a 30-day control-health rhythm for the top 10 material risks. Each review should ask whether the control is present, functional, used as intended, understood by the crew, and still matched to the actual exposure. Five yes-or-no answers are more useful than a 40-page audit report that arrives after the risk window has closed.

4. Field changes are treated as noise instead of new risk

Known hazards stay alive when field variation is treated as an inconvenience rather than a risk update. A task planned for dry weather, full staffing, normal access, and familiar equipment is no longer the same task when 2 of those assumptions change.

OSHA's hazard-identification guidance includes nonroutine tasks for a reason. Nonroutine work is where the paper plan most often loses contact with reality, especially during shutdowns, contractor mobilization, night work, emergency repair, and simultaneous operations.

On Headline Podcast, the repeated lesson is that risk competence is built continuously. In practice, that means supervisors need permission and expectation to run a dynamic risk assessment when the job no longer matches the plan, rather than waiting for an EHS specialist to validate what the crew can already see.

Use field triggers that do not require debate: weather shift, missing competent person, equipment substitution, unplanned energy source, changed access route, or production pressure above the planned rate. Any one trigger should require a pause. Two triggers should require escalation. Three should require a stop-work decision unless the operational owner can prove controls still match the exposure.

5. Corrective actions close administratively before risk closes physically

A corrective action is not closed when the spreadsheet says closed. It is closed when the condition that created exposure has been changed, tested, and observed in the field under normal production pressure for a defined period, usually 30 to 90 days for material risk.

MSHA notes that the 1969 Mine Act followed the Farmington disaster, where 78 miners died in November 1968. In the Headline Podcast conversation around *A Day to Remember*, the uncomfortable lesson was not that hazards were unknowable. The lesson was that inspection findings and worker fear can sit inside a system without becoming a strong enough leadership decision.

Andreza Araujo's *Sorte ou Capacidade* makes the same point from a different angle: accidents are not explained by luck when organizational conditions have already created a predictable path to failure. A shallow corrective action breaks that path on paper, while a verified control change breaks it in the work.

After a serious near miss, use a 72-hour corrective action triage to separate holding controls from final fixes. Then require evidence from the line manager, not only EHS, that the new control has survived real work. Photos, training records, and revised procedures are supporting evidence. Field performance is the proof.

Known hazard management: detection vs action

The difference between detection and action is visible in the management routine, not in the vocabulary. A mature system does not celebrate that a hazard was found. It asks whether the hazard changed the next decision fast enough to protect the next worker.

During Andreza Araujo's PepsiCo South America tenure, where the accident ratio fell 50 percent in 6 months, the lesson was that follow-up cadence changed behavior because leadership kept returning to the same risks until the field condition changed. That cadence is less glamorous than a new dashboard, but it is harder to fake.

What leaders should change this month

The practical test for known hazards is simple enough to run in one monthly governance cycle. Select the top 10 named hazards, check who owns the next decision, verify whether any temporary acceptance has expired, and walk 3 field examples where the control is supposed to work under production pressure.

For the Headline Podcast audience, the deeper point is cultural as much as technical. A learning-oriented organization is not the one with the longest list of hazards. It is the one where named hazards move quickly from discovery to authority, from authority to control, and from control to field verification.

If your organization has known hazards that keep returning in audits, waivers, near misses, or dashboards, use this article as a 30-day challenge: choose one material risk, assign one executive owner, require one field verification, and close the loop before the next meeting makes the same exposure sound normal again.

Known hazards stay alive when the field role can see the exposure but cannot correct it. The related explainer on the competent person role separates hazard recognition from correction authority.