University Events

Threat and Risk Assessment of University Events


The University organises and hosts a considerable number of events routinely. This paper seeks to document a process for identifying events at risk of disruption, requiring additional measures of security and seeks to mitigate the threats and risks identified in a transparent process.

Threat and Risk Identification

Risk assessment is the process of estimating the potential effects or harm of a hazard to determine its risk rating.

By identifying the level of risk we can, working with partners, prioritise risks to ensure systematic and informed mitigation of the risks posed.

In order to control risk we will consider;

  • The impact (what will happen/the extent of harm)
  • The likelihood (the chances or possibility of something occurring)

We will seek to identify the risk within the University context we will evaluate the following:

  • The venue (where is the event taking place, what are the issues surrounding the actual space the event will take place in?)
  • The attendees (who is attending and does their presence add to the risk associated with the event)
  • The timing of the event (when is the event taking place and does it coincide/follow/precede an associated event which could impact upon the University)
  • The event subject (what is the event about?)
  • The interest on campus or externally to the University (what interest is there in the event from students/staff/others that could contribute to the risk)
  • The level of known interest in the event ( Is there any information to suggest the potential numbers of interested parties considering attending the event or its environs)
  • The level of additional information held by other persons (do others have information which could inform accurate risk assessment e.g. event organiser)
  • Media Interest ( before, during or after the event where it is known)
  • The consequences of the event for the University (Will the event have an impact upon the University, staff students or others associated with the University)

Risk Control

Once the level of threat has been evaluated then consideration will be given to eliminate or reduce the risk.

There are four levels of risk control;

  • Elimination of Risk (Removing the threat or risk entirely)
  • Substitution of Risk ( Removing the threat and replacing it with a less hazardous option)
  • Engineering of the Risk ( by isolating, enclosing or containing the risk through deliberate measures)
  • Administration of the Risk ( by ensuring that safe processes and efficient monitoring of the Risk is in place)

Severity of Risk

The severity of Risk will be graded based upon the most predictable consequence if the event was to occur.

The grading will be as follows:

Severity of consequences
  • Zero or minor injury or work absence
  • Readily recoverable, local, minor service disruption
  • Negligible loss of resource
  • Financial loss under £50,000
  • Isolated comment in media / occasional complaint
  • No discernible impact on reputation
  • No evident impact on performance / objectives
  • Moderate yet recoverable injury, harm or work absence
  • Recoverable, localised, short term service disruption
  • Moderate loss of resource
  • Financial loss over £50,000
  • Adverse local media attention / service user complaints
  • Some impact on reputation
  • Limited / local impact on performance / objectives
  • Permanent / substantial harm, disability or inability to work or numerous casualties
  • Recoverable widespread or substantial service disruption
  • Substantial but recoverable loss of resource
  • Financial loss over £100,000
  • Adverse comment from auditors / minister / significant damage to reputation, national media attention
  • Major impact on performance / objectives
  • Death or multiple casualties
  • Irreversible or substantial long term service disruption
  • Irrecoverable substantial loss of income
  • Financial loss over £250,000
  • International media attention
  • Government intervention/catastrophic damage to reputation
  • Corporate impact on performance / objectives

Likelihood of Occurrence

The Likelihood of the occurrence actually happening should be based upon a realistic assessment informed by the information gathering above.

The options will be graded as follows:

  • Unlikely - Less than 10% chance of occurring
  • Possible - Greater than 10% chance of occurring
  • Likely - Greater than 60% chance of occurring
  • Almost Certain – Greater than 90% chance of occurring

The use of the Risk Matrix

The information initially gathered will then be superimposed upon the Risk Matrix to establish the perceived level of Risk.

The risk matrix is attached.

Where the levels of risk are established the assessor will then devise a mitigation strategy to reduce, where possible the factors contributing to the risk.

Any Substantial or Unacceptable risk will be notified to the Secretary of Court or their Deputy along with accompanying rationale ahead of the event.

Negligible or acceptable risk will not normally be notified however the option to flag events will remain with the assessor. Issues such as University reputation will normally feature in such cases.

The final outcome will be that the risk is that each event will carry the following assessed Risk:

  • Negligible
  • Acceptable
  • Moderate
  • Unacceptable

This information will be conveyed to the event organiser along with any additional relevant supporting information when required.