If you’re running a business, your health and safety policy shouldn’t be a “write it once and forget it” document. It needs to reflect what actually happens in your workplace — and it needs to keep pace with change.
The good news? You don’t need to rewrite everything every month. But you do need a clear review rhythm, and you must review when certain triggers happen.
The legal baseline
UK health and safety law doesn’t give you a neat calendar deadline like “every 12 months”. Instead, the expectation is that your arrangements stay suitable and up to date.
In practice, that means your policy should remain current and relevant to how you work. Every business needs a health and safety policy, it must be written down if you have five or more employees, and your risk assessments should be reviewed whenever they may no longer be valid or when significant changes occur.
So, in plain terms: review “as often as necessary” to keep it accurate.
You should formally review your health and safety policy when any of the following happens.
Significant changes to your business
A review is required when your business changes in a meaningful way — for example if you grow quickly, restructure, take on new types of work, or change what you outsource and what you do in-house.
New equipment, processes, or substances
You should also review your policy when you introduce new equipment or processes, such as new machinery, vehicles, display screen setups, different chemicals or cleaning products, or a new way of working like altered shift patterns.
Workplace changes
Premises changes are another clear trigger — moving site, refurbishing, expanding, changing layouts, or introducing changes like hot-desking and hybrid working can all affect risks and responsibilities.
After an accident, near miss, or dangerous occurrence
This is one of the most common (and most missed) triggers. If something goes wrong, your documentation should help explain what should have happened, what did happen and what you’re changing to prevent it happening again.
Changes in law or guidance
Sometimes the law doesn’t change — but expectations, guidance, and enforcement focus do.
Best practice frequency
Even if nothing major changes, you’ll usually benefit from a planned cycle.
Annual formal review (minimum best practice)
Once a year, do a structured review of:
- your policy statement
- responsibilities and “who does what”
- arrangements and procedures
- links to risk assessments and training
- regulations
Quarterly “operational check-ins” (light-touch)
Every 3 months, ask:
- Have we introduced anything new?
- Have we had any incidents, near misses, or complaints?
- Are people actually following the procedures?
- Are training and checks up to date?
After risk assessment updates
If you update risk assessments because something changed or controls weren’t working, check your policy still matches what you’re doing in practice.
Common mistakes
Common slip-ups include having a policy nobody owns, relying on a generic template that doesn’t match how you work, and failing to communicate updates. It’s also easy to forget the links between policy, risk assessments and training — and to miss reviews after changes like growth, new equipment or new sites.
If your documents are out of date, you may face enforcement action if an inspector finds a gap between paperwork and reality. It can also complicate insurance, increase liability after an incident, and damage your reputation with staff, clients and contractors.
A practical policy review checklist
Work through these areas and record what you checked and what changed.
1) Responsibilities
- Are responsible persons named and still in post?
- Are deputies appointed for absence/holiday?
- Do managers/supervisors understand their responsibilities?
2) Organisational changes
- Have job roles changed?
- Have you added new departments, sites, or teams?
- Are reporting lines still accurate?
3) Risk assessments and controls
- Are your risk assessments current and suitable?
- Have control measures changed?
- Are you reviewing when assessments may no longer be valid?
4) Training and competence
- Is mandatory training completed and refreshed?
- Do you have records you can produce quickly?
- Are new starters properly inducted?
5) Emergency procedures
- Fire procedures and evacuation arrangements still correct?
- First aid cover still adequate for headcount and risk?
- Accident reporting process clear and used consistently?
6) Communication and implementation
- Have you shared updates with staff?
- Can staff explain the basics if asked?
- Are procedures actually followed day-to-day?
A simple schedule you can put in the diary today
A practical rhythm is to do a quick quarterly check-in to capture changes, incidents and training gaps, schedule a fuller annual review of your policy and supporting documents, and review immediately after any significant change, incident, relocation or relevant legal/guidance update.
How The Health & Safety Dept can help
With retained support, you can take policy reviews off your worry list. The Health & Safety Dept can schedule your annual review, provide on-demand advice when changes happen, keep you updated on relevant legal and guidance shifts, and carry out audits and gap analysis so your documents match what’s happening day to day.
If you’d like a calmer, more predictable way to stay compliant, speak to us about retained consultancy support — we’ll help you set a review cycle that fits your business and risk profile.
