Features / Hazards

Hazards — the leading-indicator surface, before incidents.

Photo + GPS hazard capture from any device, mapped at site level, scored on a configurable risk matrix, classified through the hierarchy of controls, tracked Active → Mitigating → Resolved with SLA-driven corrective-action gates. Job Safety Analysis runs the same discipline pre-task. Twenty-two universal templates seeded at provisioning plus thirty-one pack-tagged categories across Manufacturing, Construction, Mining, and Logistics. Root-cause investigation — 5-Whys, Fishbone, Cause Mapping — attaches to hazards as a first-class subject, with a curated Generic Causes library, AI suggestions anchored to it, per-investigation report PDF, knowledge-base search across every past investigation, and corrective-action effectiveness tracking. SDS uploads run through AI extraction that proposes candidate hazards with grounded citations back to the source PDF. When a hazard becomes an event, the realized-incident backlink closes the loop both ways.

The populated, risk-scored hazard register through stand-alone hazard capture — the running product against Apex Manufacturing demo data. On-screen captions narrate each step.

See it in action

Walk-throughs against live demo data.

Short, captioned clips of the running product against the Apex Manufacturing demo tenant. Click any to play.

A risk-scored hazard — drilling from the populated register into one hazard's 5×5 risk assessment, its Extreme-tier score, and the Root-Cause Analysis the platform recommends in response.

Six RCA methodologies — searching the investigation knowledge base, then drilling into the FMEA risk-priority grid and the Apollo cause tree.

What's in it

The capability surface.

Hazard capture + the map view

Photo + GPS hazard reporting from any authenticated device.
An interactive site map plots every open hazard per site.
Point / Circle / Polygon location-shape support on the record.
Standalone hazard recording — no parent incident required.
Hazards surfaced from incident investigations carry the originating-incident backlink for traceability.

Configurable risk matrix

Configurable risk matrix — relabel axis levels, edit per-cell scores, and set tier-band thresholds in the admin UI; the model supports alternate grid shapes (3×3 / 4×4 / 5×5), configured at setup.
Ships with the SE default: an asymmetric ALARP-aligned 5×5 Likelihood × Consequence grid, 1–25 scale, four tiers (1–4 Low · 5–9 Medium · 10–16 High · 17–25 Extreme).
Scores are persisted at assessment time so historical assessments survive a later matrix reconfiguration.
Interactive grid picker with visual tier colour-coding + keyboard accessibility.

Hierarchy of controls + effectiveness review

Five-level classification — Eliminate → Substitute → Engineering → Administrative → PPE.
Each control has its own forward-only lifecycle (Planned → InPlace → Verified → Removed), independent of the parent hazard.
Per-control effectiveness rating on a review cycle — "is this control actually working?" is a tracked answer, not an assumption, with the review date and outcome on the record.
Verification timestamping + audit stamps on every control.
Kind-coloured badges for the control hierarchy + status-coloured badges for the lifecycle state.

Hazard lifecycle + corrective-action gating

Active → Mitigating → Resolved status states with a tracked lifecycle.
SLA-driven escalation on Active hazards past their threshold.
Resolved transition is gated — closure requires all open corrective actions to be done.
Resolved hazards excluded from active pick-lists to prevent contradictory records.
Auto-generated corrective-action tasks with owner assignment, due-date scheduling, and discussion threads.

Hazard categories — universal + industry-pack

22 universal categories seeded at provisioning — Mechanical, Electrical, Pressurised Systems, Radiation, Noise, Vibration, Temperature Extremes, Chemical, Biological, Fire, Explosion, Hot Work, Working at Heights, Slip/Trip/Fall, Confined Space, Lone Working, Manual Handling, Lifting Equipment, Vehicle/Mobile Equipment, Ergonomic, Psychosocial, Workplace Violence/Security.
Multi-category support per hazard.
Manufacturing pack — 10 categories: Lockout-Tagout, Machine Guarding, Industrial Robotics, Pressure Vessel, Process Safety, Hot Surface, Welding Fume, Combustible Dust, Conveyor Pinch Point, Forklift / PIT.
Construction pack — 10 categories: Falls from Heights, Excavation Collapse, Crane / Lifting, Falling Objects, Scaffolding, Power Tools, Heavy Equipment, Trenching, Concrete Pour, Demolition.
Mining pack — 5 categories: Ground Stability, Blasting, Mine Gas, Underground Ventilation, Heavy Mining Equipment.
Logistics pack — 6 categories: PIT Safety, Dock Operations, Cold Storage, Loading Bay, Pallet Handling, Conveyor System.

Root-cause investigation — six methodologies + a knowledge base

The same investigation attaches to both Hazards and Incidents — investigate a near-miss preventively, not only after the recordable event.
Six methodologies, selectable per investigation — 5-Whys (linear cause chain), Fishbone / Ishikawa (six-category cause analysis), Cause Mapping (parallel evidence-verifiable effect-to-root chains), FMEA (Failure Mode and Effects Analysis with Severity / Occurrence / Detection and live RPN), Bow-Tie (threats → top event → consequences with preventive and mitigative barriers rated by effectiveness), and Apollo / RealityCharting (recursive cause tree with Action and Condition pairing).
Visual cause-tree diagrams for the three structured methodologies — Cause Mapping, Bow-Tie, and Apollo each render as a read-only diagram alongside the editor, so investigators see the shape of the story at a glance and reviewers can scan a complex tree in seconds.
Curated Generic Causes library — a catalogue of common root causes across nine cause families with industry-pack variants; the AI suggestions are anchored to it, so they speak your organisation's own cause vocabulary, and tenants extend it without losing the seeded baseline.
Per-investigation report PDF — subject, methodology working, root-cause conclusion, recommendations, and reopen history, with a tamper-evident content fingerprint.
Knowledge-base search across every past investigation — "have we seen this before, and what did we conclude?" answered in seconds, faceted by methodology, subject, date, and generic cause.
Corrective-action effectiveness tracking — each recommendation that becomes an action carries an effectiveness check after it closes; the investigation rolls the outcomes up so a fix that didn't hold is visible, not assumed.
An "RCA Recommended" banner surfaces automatically on Extreme-tier hazards; concluding an investigation pre-populates the corrective-action tasks from its recommendations.

SDS-driven candidate hazard extraction

Uploading a Safety Data Sheet triggers AI extraction, producing hazard candidates for review.
Each candidate carries — extracted name, suggested category codes (resolved against the tenant's catalog), confidence score, grounded-indicator flag, citation back to source PDF page + paragraph.
Approving a candidate creates the hazard with the source citation preserved for evidentiary traceability.
Reject captures the reason for audit.
Cross-chunk dedupe via title similarity + page distance + category-code union.
Per-tenant extraction (no cross-tenant pattern learning at launch — see "What's evolving" below).

AI-assisted suggestions (advisory only)

Next-step suggestions across the 5-Whys, Fishbone, and Cause Mapping methodologies — click-to-fill chips drawn from the tenant's own historical investigations and anchored to the curated Generic Causes library, so suggestions speak the organisation's cause vocabulary.
Fishbone-cause and cause-map-node suggestions — per-category / per-node click-to-fill chips from tenant historical data.
Three-tier confidence scoring (high / medium / low); low-confidence suggestions render subdued.
Always click-to-accept — suggestions never auto-fill, never write to a record without explicit user OK.
Graceful degrade — AI suggestions return empty (not an error) when the AI service is unreachable.

Realized-incident backlink

On any incident, a multi-select captures which hazards the event was realized from.
Active-only filter excludes Resolved hazards from the picker (prevents accidental link to a closed record).
Reverse panel on the Hazard edit page — read-only "incidents that realized this hazard" list.
Origin distinction — for hazards surfaced from an incident investigation, the originating-incident reference is preserved on the hazard.

Ergonomics assessments — structured MSD-risk capture

Record structured musculoskeletal-disorder risk assessments using the industry-standard methods — REBA (Rapid Entire Body Assessment), RULA (Rapid Upper Limb Assessment), and the NIOSH Lifting Equation, with an Other catch-all for tenant-specific approaches.
Capture per-assessment context — assessor, subject (a specific worker or a workstation-scope analysis), task description, score, score interpretation, body regions implicated (neck, shoulder, back, arm, wrist, leg, knee), recommended interventions, and optional follow-up date.
Site-scoped record alongside the rest of the platform — assessments land in the same audit trail and corrective-action workflow as everything else.
Without motion-capture AI — gets you to the structured-record yes for the "do you do ergonomics?" eval question without the heavy specialist tooling. If you already use motion-capture analysis, pair it alongside.

IndustryPacks — additive content composition

Four industry packs — Manufacturing, Construction, Mining, Logistics.
Tenants select packs in tenant settings; multi-pack tenants see the union of all selected packs' content.
Seeder reads tenant packs once at start + skips items whose pack tag isn't in the tenant's set.
Re-seed hook fires when the tenant modifies pack selection; customisations are preserved on pack removal (items stay via upsert-by-Id).

Representative workflows

What this looks like in practice.

Site walk → hazard pinned + scored + controlled → corrective actions land + close

A site walk surfaces a slip-hazard at the loading bay. The walker captures a photo + GPS pin from a tablet, picks Slip / Trip / Fall + Dock Operations (Logistics tenant) from the multi-select, scores Likelihood 4 × Consequence 3 = High, submits. Hierarchy-of-controls planning opens — Engineering (drainage / surface texture), Administrative (housekeeping cadence), PPE (footwear standard). Each control is its own record with its own lifecycle and verification stamp. Auto-generated corrective-action tasks land on ops + facilities + EHS with SLA-derived due dates. The hazard sits in Mitigating until every task closes, then the Resolved transition unlocks. No spreadsheets, no exports.

An SDS upload becomes a candidate hazard with grounded citations

The procurement team uploads a Safety Data Sheet for a newly-onboarded solvent. SE reads the GHS-structured PDF and produces a hazard candidate with the suggested name, the matched category codes against the tenant's catalog (Chemical + Flammable + Hot Work-adjacent), a confidence score, and a citation to the GHS Section 2 paragraph that backed the suggestion. The Site Safety Officer reviews the candidate, edits the name, adds a Health-Hazard category, and approves. The new hazard lands with that citation preserved. If a future inspector asks where this hazard came from, the answer is the page and paragraph of the SDS — not "the safety officer added it last quarter."

An Extreme-tier hazard triggers RCA → corrective actions → realized-incident prevented

A near-miss surfaces a hazard at an underground equipment intersection scored Likelihood 4 × Consequence 5 = Extreme (RiskScore 20). The "RCA Recommended" banner appears on the hazard edit page. The HSE manager opens a 5-Whys session against the hazard as the subject — preventative, not post-event. Three why-step suggestions are tenant-historical (one high-confidence from a sister-site event, two medium); the manager accepts one and edits two. The session concludes with three recommendations; three corrective-action tasks pre-populate and land on owners. Six weeks later, a separate event at a nearby intersection links itself via the realized-from-hazard picker — the audit trail shows the RCA conclusion + corrective actions + realized incident. A leading-indicator chain that closed before it became a fatality.

How this is different

What sets the hazards model apart.

Most EHS platforms ship hazard registers as a separate module from incident management, with a category list, a risk matrix, and a checklist. SE built the hazards register as a peer to incident management — the same root-cause investigation, the same corrective-action engine, the same audit trail, the same connected record. The differences that follow are direct consequences of that decision.

RCA on hazards is a first-class workflow, not "if you have time"

Linear chain, branching causes, or evidence-verifiable DAG — three of the six methodologies shown. Pick the shape that fits the investigation; all six attach to hazards as a first-class subject.

Most platforms restrict RCA to recordable incidents — the high-stakes events. SE attaches all six methodologies to hazards as a first-class subject, with the "RCA Recommended" banner surfacing automatically on Extreme-tier hazards. The point is preventive: running RCA on a near-miss does the work an RCA on the eventual recordable would have done, without the body. Conclusion auto-populates corrective actions; the audit trail is the same shape.

Hierarchy of controls is a structure, not a label

Many platforms record "what controls are in place" as a free-text or checkbox field on the hazard. SE models each control as its own record — forward-only lifecycle (Planned → InPlace → Verified → Removed), audit stamp on verification, colour-coded hierarchy-ordering badge. A failed verification is on a specific control record, not buried in the hazard's edit history. The hazard's Resolved transition gating on Verified controls is structural, not a manager's read of a checkbox.

Industry packs are additive, not exclusive

A logistics-and-manufacturing operator (a contract manufacturer running their own DC network) selects both packs and sees the union — 22 universal + 10 Manufacturing + 6 Logistics — composed additively without conflict. Pack-source tagging is preserved on every record (per-pack visual badges in the admin UI are a future polish). This is the inverse of "pick one industry vertical at provisioning."

AI candidates carry citations

SDS-driven candidate hazard extraction returns each candidate with a grounded flag and a citation back to the source PDF page + paragraph. Approve preserves the citation on the hazard record permanently. When an inspector asks "how did you know this material was a Class 3 flammable?" the answer is "GHS Section 2 of the supplier's SDS, page 1, paragraph 3" — not "the safety officer's professional judgment." That's the evidentiary floor for arbitration and regulatory dispute.

Hazards and incidents share one connected record

An incident's investigation can surface a hazard at the same location with the originating-incident backlink preserved. A future incident at that location auto-suggests the realized-from-hazard linkage. Same corrective-action engine, same root-cause investigation, same task workflow, same audit trail. Not "incident-to-hazard integration" — a single model with two front-doors.

Adjacencies

What hazards connects to.

Incidents

Realized-from-hazard backlink on incidents; originating-incident backlink on hazards born from investigations; RCA spans both subject types.

Explore →

Corrective actions

Same corrective-action engine as incidents; the close-gate prevents a Resolved transition while open tasks remain; discussion threads + evidence attachments on every task.

SDS + chemical safety

SDS uploads trigger candidate hazard extraction with grounded citations; chemical hazards link to the SDS record for ongoing reference.

Explore →

Observations

Observation pipeline is separate (template-driven dual-track compliant / non-compliant); adjacency exists via the Corrective Action engine cross-linking.

Explore →

IndustryPacks

Tenant-selected packs seed pack-specific hazard categories + RCA templates + incident categories; multi-pack composition is additive.

Map view

An interactive site map plots every open hazard per site; resolved hazards drop from the pin layer automatically.

On the roadmap

What's next for hazards & risk.

Everything above is shipped and ready to demo. These are the focused next additions for this area, sequenced by customer demand.

Per-pack risk-tier calibration. Different verticals carry different consequence/likelihood defaults; the matrix is configurable per tenant today, with per-industry-pack starting calibrations as the next refinement.

Asset-tied hazards. Hazards are site-scoped today; tying a hazard to a specific piece of equipment so it travels with the asset rather than the location lands with the equipment module.

Scanned-SDS extraction. SDS hazard extraction works on text-based PDFs today; optical extraction for scanned-image SDS documents is a planned addition.

Bulk SDS reconciliation + on-canvas cause-tree editing. Single-row approve/reject for SDS ships today, plus read-only diagrams for Cause Mapping, Bow-Tie, and Apollo render alongside each investigation editor. Bulk SDS reconciliation and full drag-and-drop on-canvas editing of the cause trees are sequenced next.

Continue exploring

More on the SE platform.

Five live feature spokes + two roadmap pages + the Workers' Comp claims roadmap. Jump anywhere.

Incident management Hazards Live · You are here Workers' comp claims Compliance automation Behavioural safety Chemical safety Equipment + assets AI intelligence

See the hazards register in the running product.

A 30-minute walk-through against your actual hazard shape — your industry vertical(s), your site count, your current register tooling. We'll show the matrix + the hierarchy of controls + RCA-on-a-hazard, and how incidents, corrective actions, and SDSes share one connected record and the same audit trail.

Request a demo