Guide

How do you carry out an event risk assessment?

Published 6 July 2026

Shoreditch Security cover graphic titled 'How to run an event risk assessment'

Most event disasters aren’t caused by one dramatic thing going wrong. They’re caused by an ordinary hazard nobody wrote down — a blocked exit, an overcrowded bar, a gate that funnels 500 people into a space built for 200. An event risk assessment is how you catch those before they catch you.

In short: an event risk assessment is a written record that identifies what could cause harm at your event, who could be harmed and how, and the steps you’ll take to reduce each risk. You complete it by working through five simple steps — spot the hazards, decide who’s at risk, put controls in place, write it down, and review it. This guide takes you through the whole process in plain English.

This is general guidance, not legal advice. The exact requirements depend on your event, venue and licence — always check what applies to you.

What is an event risk assessment?

A risk assessment is not a form you fill in to keep someone happy. It’s a structured way of thinking honestly about your event and deciding, in advance, how you’ll keep people safe.

The written document does two jobs. First, it forces you to plan — to walk your event in your head, spot what could go wrong, and decide what you’ll do about it. Second, it’s the evidence others rely on: venues, licensing authorities, insurers and safety advisory groups will often ask to see it before they’ll let your event go ahead.

Why do you need one?

There are three reasons, and they stack on top of each other.

  • The law. If you employ anyone or run events as a business, health and safety law requires you to assess risks. If you have five or more employees, you must record the significant findings. The Health and Safety Executive (HSE) sets out the framework most events follow.
  • Permissions and insurance. A venue, a premises licence, a Temporary Event Notice or your public liability insurer will very often require a written risk assessment as a condition. No assessment can mean no cover, or no event.
  • Martyn’s Law. For qualifying public premises and events, Martyn’s Law introduces a specific duty to consider terrorism risk and take proportionate steps. A general safety assessment and a terrorism risk assessment work hand in hand — our Martyn’s Law readiness check helps you see where you stand.

The five steps to an event risk assessment

The HSE’s five-step method has been the industry standard for years because it’s simple and it works. Here’s how it applies to an event.

Step 1 — Identify the hazards

Walk the event from a guest’s point of view, start to finish: arrival, entry, the event itself, and exit. A hazard is anything with the potential to cause harm — crowding, trip hazards, fire, vehicles moving near pedestrians, temporary structures, electrics, alcohol, adverse weather. Talk to your venue and contractors; they often know the site’s quirks better than anyone.

Step 2 — Decide who might be harmed and how

For each hazard, name who’s at risk and how they could be hurt. That’s not just attendees — it includes staff, stewards, performers, contractors, and passers-by outside the venue. Being specific (“guests queuing at the single entrance could be crushed if a surge builds”) makes the next step obvious.

Step 3 — Evaluate the risks and decide on controls

For each risk, weigh how likely it is and how serious the harm could be, then decide what you’ll do to reduce it. Good controls are practical: more exits or wider ones, trained crowd management officers, clear signage, a capacity limit, better lighting, a defined vehicle route, a wet-weather plan. Aim to reduce each risk to a level that is genuinely acceptable — not to pretend it’s zero.

Step 4 — Record your significant findings

Write it down: the hazard, who’s at risk, and the control measures you’ll put in place, with someone named as responsible for each. This record is what you’ll share with your venue, licensing authority and security provider. Our event risk assessment generator helps you structure your thinking and produce a written record you can build on.

Step 5 — Review and update

A risk assessment is a living document. Revisit it whenever something material changes — a bigger crowd, a new layout, a different weather outlook — and review it again after the event to capture what you’d do differently next time.

What hazards should you look for at an event?

Every event is different, but these are the areas that catch organisers out most often:

  • Crowds and capacity — surges, bottlenecks at entrances and exits, and simply too many people for the space. Getting your safe number right is fundamental; the crowd capacity calculator helps you sense-check it.
  • Entry and exit — queues, single points of failure, and emergency egress that must stay clear at all times.
  • Fire and evacuation — sources of ignition, escape routes, and how you’d get everyone out quickly.
  • Vehicles and pedestrians — deliveries, car parks and drop-offs mixing with people on foot.
  • Alcohol and behaviour — intoxication, conflict and the need for licensed door supervisors where entry control or searching is involved.
  • Weather and structures — wind loading on marquees and staging, wet or slippery surfaces, heat and shelter.
  • Medical and welfare — first aid provision, lost children, and vulnerable attendees.
  • Security threats — theft, unauthorised access, and the counter-terrorism considerations that Martyn’s Law now formalises.

Who should carry out the risk assessment?

Overall responsibility sits with the event organiser. But you shouldn’t do it alone. Your venue knows the building, your security provider knows crowd behaviour and threat, and your contractors know their own kit. The best assessments are built with input from all of them — while one person stays accountable for pulling it together and acting on it.

This is where an experienced security partner earns their keep. Providers who work events every week can spot risks a first-time organiser wouldn’t, and translate the assessment into people and plans on the day. For conferences, exhibitions and large gatherings, that links directly to professional corporate event security and crowd management.

Put your risk assessment into practice

A risk assessment only works if it turns into action. Once yours is written, make sure every control has an owner, brief your team so they know their roles, and have the right number of trained officers on site to deliver the plan.

Start by building your written assessment with our event risk assessment generator, sense-check your numbers with the crowd capacity calculator, and if terrorism risk applies, run the Martyn’s Law readiness check. When you want experienced, SIA-licensed officers to help assess and deliver it across London and the Home Counties, get a quote or call 020 3960 7969 — we’ll reply with clear, practical advice, usually within a few hours.

Take the next step

Frequently asked questions

What is an event risk assessment?

An event risk assessment is a written record that identifies what could cause harm at your event, who might be harmed and how, and the steps you'll take to reduce each risk to an acceptable level. It's both a planning tool and, for most public events, a document venues, licensing authorities and insurers will expect to see.

Is an event risk assessment a legal requirement?

If you employ anyone or run an event as a business, health and safety law requires you to assess risks, and to record the significant findings if you have five or more employees. On top of that, venues, premises licences, Temporary Event Notices and insurers routinely require a written risk assessment, and Martyn's Law adds a specific terrorism risk assessment duty for qualifying premises and events. Always check the requirements that apply to your event.

Who is responsible for the event risk assessment?

The event organiser holds overall responsibility. You can and should draw on others — your venue, your security provider, contractors and stewards — but the duty to make sure a suitable assessment exists and is acted on sits with whoever is running the event.

What are the five steps of a risk assessment?

The Health and Safety Executive's well-established five steps are: identify the hazards; decide who might be harmed and how; evaluate the risks and decide on controls; record your significant findings; and review and update the assessment. It's a simple, repeatable framework that works for events of any size.

How often should an event risk assessment be reviewed?

Review it whenever something material changes — a bigger crowd, a new layout, a different date or weather outlook, or a new activity — and always revisit it after the event to capture lessons for next time. For recurring events, treat the assessment as a living document rather than a one-off form.

Ready to secure your event?

Tell us about your event and we’ll send a clear, all-inclusive quote — usually within a few hours.