Root Cause Analysis in Health and Safety Management

Share with

Contents

When a workplace incident happens, the immediate response is to treat the injury, secure the area, and restore normal operations. But stopping there means the same incident is likely to happen again. Root cause analysis (RCA) is the process that goes deeper - past the visible event and into the underlying conditions that made it possible.

In a health and safety management system, root cause analysis is not just a reactive tool. It is a core practice that connects incident investigation, corrective action, and long-term risk reduction. Organisations that use RCA consistently tend to see fewer repeat incidents and stronger safety performance over time.

This page covers what root cause analysis involves, how it is carried out, which methods work best in safety contexts, and how to embed it into your overall safety process.

What Is Root Cause Analysis in the Context of Health and Safety

Root cause analysis is a structured method for identifying why an incident, near miss, or safety failure occurred - not just what happened, but why the conditions existed for it to happen.

In health and safety, incidents rarely have a single cause. A worker may slip on a wet floor, but the root causes might include a missing reporting process for spills, inadequate signage, or gaps in safety procedures that were never enforced. RCA looks at the full chain of contributing factors.

The goal is to identify corrective actions that eliminate or reduce the root cause - not just address the surface-level event.

Why Root Cause Analysis Matters for Workplace Safety

Preventing Recurrence, Not Just Documenting Incidents

Most organisations document incidents. Fewer take the time to analyse them properly. Without a root cause investigation, corrective actions tend to be surface-level - retraining a worker, replacing a tool - without addressing why the failure happened in the first place.

Root cause analysis shifts the focus from blame to systemic improvement. It asks: what in the system allowed this to happen? That framing leads to more meaningful and lasting corrective actions.

Supporting Legal and Regulatory Requirements

Many safety regulations and standards, including ISO 45001, require organisations to investigate incidents and implement corrective actions based on the findings. Root cause analysis is the method that makes those corrective actions defensible and evidence-based.

Organisations that document their RCA process demonstrate due diligence - which matters during audits, inspections, and in the event of a regulatory review.

Common Root Cause Analysis Methods Used in Safety Management

The 5 Whys Technique

The 5 Whys is one of the simplest and most widely used root cause analysis methods. It works by repeatedly asking "why" after each answer until you reach the underlying cause.

Example:

A worker sustained a hand injury while operating a machine.
Why? The guard was not in place.
Why? It had been removed during maintenance and not reinstalled.
Why? There was no checklist to confirm guards were reinstalled before restart.
Why? The maintenance procedure did not include that step.
Why? The procedure had not been reviewed since the equipment was modified.

The root cause here is a documentation and process review failure - not the worker's behaviour. The corrective action targets the procedure, not the person.

Fishbone Diagram (Cause and Effect Analysis)

Also called the Ishikawa diagram, this method maps all potential causes of an incident across categories such as people, equipment, environment, methods, and materials. It is particularly useful for complex incidents where multiple contributing factors are involved.

The fishbone diagram helps teams avoid fixating on one obvious cause and instead consider the full picture before drawing conclusions.

Fault Tree Analysis

Fault tree analysis (FTA) is a more technical method used for high-consequence events. It works top-down, starting with the undesired event and mapping out the logical conditions that could lead to it. FTA is common in industries like oil and gas, chemical processing, and nuclear operations where the cost of failure is extremely high.

Bow-Tie Analysis

Bow-tie analysis combines hazard identification with consequence management. On one side, it maps the causes and preventive barriers that stop an incident from occurring. On the other, it maps the consequences and recovery barriers that limit harm if the event does occur.

It is a useful visual tool for communicating risk to leadership and for connecting risk control measures to specific failure pathways.

The Root Cause Analysis Process Step by Step

Step 1 - Define the Problem Clearly

Before any analysis begins, the incident or failure must be described in specific terms. Vague problem statements lead to vague findings. The description should include what happened, where, when, and who was involved.

Step 2 - Gather Evidence and Data

Evidence collection includes physical inspection of the site, review of maintenance records, interviews with witnesses, and examination of any relevant documentation. This step is time-sensitive - conditions change quickly after an incident.

Organisations that manage incident reporting digitally are better placed here. When incident data is captured consistently, the investigation team has a reliable record to work from.

Step 3 - Identify Contributing Factors

Contributing factors are the conditions and circumstances that allowed the root cause to exist. They may include human factors, equipment condition, environmental conditions, supervision gaps, or process failures. Identifying these factors is essential before drawing conclusions about root causes.

Step 4 - Identify the Root Cause

Using the method best suited to the incident - 5 Whys, fishbone, FTA - the team works through the contributing factors to find the underlying cause. A good test for whether you have reached the root cause: if this cause is eliminated, does it prevent recurrence? If yes, you are at the right level.

Step 5 - Develop and Implement Corrective Actions

Corrective actions should be specific, measurable, and assigned to an owner with a clear deadline. They should address the root cause directly, not just the contributing factors. Actions that only address surface symptoms will not prevent recurrence.

For organisations managing this through a structured system, CAPA (corrective and preventive action) processes provide the framework to track these actions through to completion and verify their effectiveness.

Step 6 - Verify Effectiveness

After corrective actions are implemented, the organisation should verify that they have worked. This might involve follow-up inspections, monitoring of related incidents, or a scheduled review. Without this step, the organisation cannot confirm whether the root cause has actually been addressed.

Root Cause Analysis and Near Miss Reporting

One of the most underused applications of root cause analysis is near miss investigation. Near misses - events that could have caused harm but did not - are early warning signals that something in the system is not working as intended.

Applying root cause analysis to near miss reports allows organisations to act before an injury or serious incident occurs. The process is identical to incident investigation, but the stakes are lower - making it an ideal environment to build investigation capability across the team.

Organisations with strong near miss reporting cultures tend to have lower serious incident rates. The connection is direct: more near miss investigations mean more root causes identified and addressed before they escalate.

Common Mistakes in Root Cause Analysis

Stopping too early - Identifying an immediate cause and calling it the root cause. The 5 Whys exists specifically to push past this tendency.

Blaming individuals - Human error is rarely a root cause. It is usually a symptom of a deeper system failure - poor training, unclear procedures, or inadequate supervision. Focusing on individual blame does not prevent recurrence.

Weak corrective actions - Actions like "remind workers to follow procedures" or "retrain staff" rarely address root causes. Effective corrective actions change the system, not just the behaviour.

No follow-up - Implementing a corrective action without verifying its effectiveness leaves the organisation unable to confirm the root cause was resolved.

How Effivity Supports Root Cause Analysis in Safety Management

Effective root cause analysis depends on having reliable incident data, a structured investigation workflow, and a clear corrective action process - all linked and traceable.

Effivity's occupational health and safety management software brings these elements together. Incident reports, near miss records, investigation findings, and corrective actions are managed in one place - giving safety teams the data they need to conduct thorough investigations and track actions to closure.

Try Effivity for Free and see how a structured HSMS can support your root cause analysis process from investigation through to verification.

Free Trial →

Frequently Asked Questions

Root cause analysis is a structured process used to identify the underlying cause of a workplace incident or near miss, so that corrective actions target the real problem rather than surface symptoms.

The 5 Whys is the most widely used method due to its simplicity. It involves asking "why" repeatedly until the underlying cause is identified, typically within five iterations.

ISO 45001 requires organisations to investigate incidents and implement corrective actions. Root cause analysis is the standard approach used to fulfil this requirement effectively.

A contributing factor is a condition that made an incident more likely. A root cause is the fundamental reason the incident occurred - addressing it prevents recurrence, while addressing contributing factors alone may not.

Share with