Safeguard-Me Blog 2026

Risk Assessments for Big Summer Programmes — A Smarter Way to Plan

2025-12-17 19:24

How not to repeat the obvious when it comes to risk assessments

We take a fresh angle on summer programme risk assessments for activity providers: not the usual “ratios, zoning, venue checks” list, but a risk-led planning method that helps you predict what will go wrong this summer and build controls that actually hold up. You’ll learn how to:
  • Build a “risk register” for a whole programme (not just individual activities);
  • Use incident history and near-misses to spot patterns;
  • Map safeguarding risks across the full child journey (including digital comms and handovers);
  • Stress-test your controls with scenarios;
  • Set clear risk appetite and stop-go triggers; and
  • Create evidence that commissioners and local authorities can follow.

Includes Q&A throughout as well as a specific section to hopefully cover all the types of questions you might have.

Are your summer risk assessments designed to protect children — or just to satisfy a checklist?

If your risk assessment reads like a generic template, it won’t help when the day goes sideways. Big summer programmes don’t fail because nobody wrote a risk assessment. They fail because the risk assessment didn’t reflect real-world pressure: last-minute staffing changes, mixed venues, heat, transport delays, behaviour spikes, and the sheer volume of moving parts.
This is a different approach: programme-level risk assessment — the kind that helps you prevent repeat incidents, spot weak points early, and show clear evidence when you’re asked, “How did you manage risk?”

1) Stop writing “activity risk assessments” in isolation — build a programme risk register

Most providers do risk assessments per activity (football, crafts, swimming). That’s fine — but the biggest risks often sit between activities.
A programme risk register is a single view of your highest-impact risks across the whole summer delivery.

What goes in a programme risk register?

  • Risk theme (e.g., missing child, peer-on-peer harm, online contact, medication errors)
  • Where it shows up (which days/venues/age bands)
  • Likelihood and impact (simple 1–5 scale is enough)
  • Controls you already have
  • Control owner (named role)
  • Evidence you’ll keep (what proves the control happened)
  • “Stop-go” triggers (when you pause, change plan, or escalate)

Why this is new (and useful)

It stops you repeating the same content in five documents, and forces you to focus on what matters: the few risks that could seriously harm a child or your programme.

2) Use last year’s incidents and near-misses as your starting point (not a blank template)

A summer programme risk assessment should begin with one question:

Q: “What went wrong last time — or almost went wrong?”

Because that’s where your real risk lives.
Pull three sources:
  • Incident logs (safeguarding + H&S)
  • Near-miss notes (the stuff that didn’t become an incident)
  • Staff debrief feedback (what felt unsafe or chaotic)
Then categorise into 6–8 themes, for example:
  • Peer-on-peer conflict escalating in unstructured moments
  • Boundary issues (staff/child, child/child, parent/staff)
  • Digital safeguarding issues (group chats, photo sharing, contact after sessions)
  • Medical and medication process slips
  • Missing child / wrong child collection attempts
  • Allegations/complaints and poor evidence trail
This makes your risk assessment specific to your delivery, not generic.

3) Map risk across the “child journey” (this catches what templates miss)

Instead of listing activities, map the safeguarding journey from the child’s perspective.

The child journey map (programme-level)

  1. Referral/booking
  2. Pre-start comms (emails, WhatsApp, social)
  3. Day 1 onboarding
  4. Daily routines
  5. Transitions (between spaces/activities)
  6. Unstructured time
  7. End-of-day handover
  8. Post-session contact (photos, messages, follow-ups)

Q: Why does this risk assessment approach matter?

Because many safeguarding risks sit in communication and handover, not in the activity itself.
Examples of “journey risks” providers often miss:
  • Parents sharing sensitive info in informal channels (WhatsApp)
  • Children being contacted by peers after sessions via group chats
  • Staff using personal phones for comms and photos
  • Inconsistent recording of low-level concerns that later become patterns

4) Add a “digital safeguarding” section to every summer programme risk assessment

This is where summer programmes have changed massively in the last few years.
Cover:
  • What channels you use to communicate (and what you don’t)
  • Photo/video rules and consent handling
  • Staff boundaries: no private messaging, no personal social media connections
  • Children’s device expectations (when/where phones are allowed)
  • What you do if content is shared that raises a concern

Q: “Is digital safeguarding really part of risk assessment?”

Yes — because it’s a predictable route for harm (bullying, grooming, coercion, sharing images) and it’s easy to evidence with clear rules.

5) Build “stop-go triggers” so staff don’t have to guess under pressure

Most risk assessments say what you’ll do. Strong ones also say when you’ll stop.
Examples of stop-go triggers:
  • A child repeatedly attempts to leave boundaries
  • A disclosure indicates immediate risk
  • A venue cannot maintain agreed safeguarding controls
  • A transport delay breaks supervision assumptions
  • A staff member breaches comms/photography rules

Q: “Why are triggers so important?”

Because they turn safeguarding into a decision system, not a judgement call made by tired people at 4:45pm.

6) Stress-test your risk assessment with 5 realistic scenarios

This is the quickest way to make your risk assessment actually useful.
Pick scenarios that match your risk register themes:
  1. A child discloses harm during a high-energy moment
  2. A parent becomes aggressive at pick-up
  3. A child is missing for 3 minutes (then found)
  4. A photo is shared in a group chat that raises a safeguarding concern
  5. A staff member is accused of inappropriate language or contact
For each scenario, answer:
  • Who leads?
  • What happens in the first 2 minutes?
  • What gets recorded?
  • Who gets informed and when?
This creates clarity and confidence — and reduces variation across teams.

7) Evidence planning: design your “audit trail” before delivery starts

Commissioners and local authorities don’t just want reassurance — they want evidence.
Decide in advance:
  • What gets recorded (and what doesn’t)
  • Where it’s recorded (single source of truth)
  • What “good” looks like (timely, factual, consistent)
This is where safeguarding software and digital safeguarding records help: consistent logs, clear chronologies, and easier reporting.

8) Where DBS checks fit (without making it the whole story)

You don’t need to turn this into a DBS essay — but you do need clarity.
  • Know which roles require checks and what supervision looks like for others
  • Maintain clear DBS check status visibility where relevant
  • Record decisions and supervision arrangements in your programme evidence

Q&A: risk assessments for big summer programmes (activity providers)

Q1: What’s the biggest mistake providers make with summer risk assessments?

Treating them as a form to complete, rather than a tool to predict and prevent repeat issues. Start with incident history and build a programme risk register.

Q2: How do we stop risk assessments becoming repetitive across activities?

Separate “activity-level hazards” from “programme-level risks”. Keep activity assessments short, and put your real thinking into the programme risk register and child journey map.

Q3: What should we include that commissioners actually care about?

Clear risk themes, named owners, stop-go triggers, and a defensible evidence trail (what you recorded, when, and why).

Q4: How do we cover digital safeguarding properly?

Treat it as a core risk area: comms channels, photos/video, staff boundaries, children’s devices, and what happens when content raises concern.

Q5: How do we make sure staff follow the risk assessment?

Run a scenario stress-test and turn outcomes into a one-page briefing: triggers, roles, and first-response steps.

Q6: What’s the best way to keep evidence consistent across multiple sites?

Use safeguarding software and consistent digital safeguarding records so concerns, incidents, and actions are logged the same way everywhere.

Quick takeaway: a smarter summer risk assessment

  • Build a programme risk register (one view of your top risks)
  • Start from last year’s incidents and near-misses
  • Map risk across the full child journey (including digital)
  • Add stop-go triggers so decisions are clear
  • Stress-test with 5 realistic scenarios
  • Design your evidence trail before day one