Many organisations have irrational obsessions and unhealthy relationships with their written risk assessments.
I'm not saying you shouldn't do written risk assessments—you absolutely should. They're an extremely important part of a risk management framework. However, what is unhealthy is the demand from management to have a written risk assessment, but once it's done, it just gets filed and nothing else is done with it.
Yet if something goes wrong, the first question is always: 'Where's your risk assessment?'
The Paperwork Delusion
This is a bizarre way to operate because you can write all the risk assessments in the world, but unless your staff are understanding of and actively managing risk, all your paperwork means absolutely nothing.
Despite this reality, the paperwork obsession remains a top priority for many organisations. But unless every excursion is being run by switched-on professionals who proactively manage risk, then no matter how good your paperwork is, you're exposed.
The practical reality is that you can write whatever you like in a risk assessment document, but often once it's written, it's quickly forgotten. It gathers dust and like a vampire in the night, it never sees the light of day again until a pile of fanged-marked corpses prompt someone into action.
You simply can't afford to place yourself or your staff in a situation where this is the standard operating procedure.
The end result, if something does go wrong, is usually expressed through head-scratching and befuddled proclamations: 'Well, we wrote a risk assessment!' However, there can't be a disconnect between the documentation and the implementation. They must be reflective of each other.
The Audit That Revealed Everything
One organisation I previously worked for was totally and utterly obsessed with written risk assessments. I was tasked with auditing their risk assessments and methodology. However, from the moment I started reading what they had in place, it became evident there was absolutely no connection between the activity and what had been written.
Subsequently, it became perfectly obvious that nobody had actually read any of the paperwork, which left me wondering what they'd been doing. Not only did their pointless documentation have to be rewritten from scratch, a significant process of change management was required to refocus the culture within the organisation to be one that was proactive in its assessment and management of risk.
The Leadership Gap
Often the source of this problem is that many organisations don't have people who truly understand risk management at the top. Just because someone has reached a leadership position doesn't mean they actually know anything about management—least of all, risk management.
Therefore, if you put someone in the situation where they're supposed to be managing risk yet don't understand risk beyond filing a written document, it's little wonder they're focused on paper-pushing nonsense and not on organisational culture.
The Blame Culture Trap
In this situation, when something goes wrong, it becomes all about blame and retribution. It's not about discussing what was the root cause of an incident—it's about finding scapegoats. This sort of approach is unhealthy and totally counter-productive.
What an organisation needs to be able to do is sit down and openly discuss activities that involve risk and be prepared to debrief near-misses and learn from each other's knowledge and experience.
If everything's about retribution and blame, you create a culture that wants to cover up anything that doesn't go 100% to plan. With this, you get a thin veneer giving the impression everything's fine, yet scratch the surface and you'll find what can be a toxic mix priming itself for a significant failure.
How Xcursion Planner Bridges the Gap
Technology alone can't fix a broken culture, but it can help ensure written risk assessments actually connect to real-world practice:
Living Documents, Not Filed Files
Risk assessments in Xcursion Planner aren't static PDFs that get filed away. They're working documents that supervisors access on their phones during excursions. When circumstances change, assessments can be updated in real-time and all staff are notified immediately.
Forced Implementation Checkpoints
The system requires staff to actively acknowledge and sign off on risk controls before departure. You can't just tick a box saying "risk assessment complete" without demonstrating you've read it and understand the specific mitigations required.
Incident Reporting That Feeds Back
When near-misses or incidents occur, they're captured in a way that automatically prompts review of the related risk assessment. This creates a feedback loop where documentation improves based on real-world experience rather than gathering dust.
Transparency and Accountability
Leadership can see which risk assessments have been completed, by whom, when they were last reviewed, and whether identified controls are actually being implemented. This makes it impossible to maintain the fiction that "we have risk assessments" when nobody's reading them.
Culture Building Through Systems
The platform facilitates open, honest conversations about risk by providing a shared language and framework. When everyone's working in the same system, it's easier to learn from each other's experiences and build institutional knowledge.
Building a Proactive Culture
To avoid the paperwork trap, there has to be that open and honest conversation about risk, about contingency planning, and about response and mitigation. It's important to have someone at the top setting the tone and facilitating the culture within an organisation to ensure you have a team of proactive risk managers.
Good risk management procedures stem from this sort of open, honest, and proactive culture of risk managers within an organisation.
This means:
Regular risk management meetings where staff discuss excursion planning and debrief recent trips
Transparent incident reporting without fear of blame or retribution
Shared learning from near-misses and incidents across departments
Leadership that models good risk management practice, not just demands paperwork
Training and support so staff have the skills to actually manage risk, not just document it
The Bottom Line
Ultimately, documentation is only a tiny part of how your organisation should be assessing and managing risk. The remainder comes down to the professionalism, experience, and teamwork of your staff to ensure that every excursion is being run safely and effectively.
Once you're operating with this cultural mindset and have a team of proactive risk managers, the paperwork takes care of itself.
Because a risk assessment gathering dust in a filing cabinet has never kept a single student safe. It's the teacher on the ground making informed decisions in real-time who does that.
And if your written risk assessments aren't supporting that teacher to make better decisions, then they're not worth the paper they're printed on—or the digital storage space they're occupying.
