General

Understand what the PGR (Risk Management Program) is, its main components (Inventory and Action Plan), how it works in practice, and its importance for occupational safety.
By:
Guilherme Herker
With the update of Regulatory Standard No. 01 (NR-01), the Risk Management Program (PGR) established itself as the main management instrument in Occupational Safety and Health (OSH).
More than a simple formal requirement, the PGR represents the materialization of risk management, systematically organizing the identification of hazards and the control measures necessary to protect the integrity of workers and ensure the company's legal compliance.
This article addresses the fundamental aspects of the topic, detailing what the PGR is, which documents compose it, and how it differs from the occupational risk management process (GRO).
What is the PGR?
The PGR (Risk Management Program) is the set of documents, physical or electronic, that materializes the occupational risk management of a company.
Established by NR-01, it replaced the old PPRA (Environmental Risk Prevention Program). The main regulatory evolution lies in the scope: while the previous program focused primarily on environmental risks, the PGR document must address all occupational risks:
Physical (noise, heat, vibration);
Chemical (dusts, gases, vapors);
Biological (viruses, bacteria, fungi);
Ergonomic (posture, physical effort, psychosocial factors);
Accidents (mechanical, falls, electrical shocks).
For correct management, it is essential to distinguish between two concepts established by the standard:
GRO (Occupational Risk Management):
Refers to the continuous management process. It is the permanent action of identifying hazards, evaluating risks, and implementing prevention measures.
PGR (Risk Management Program):
Refers to the documentation. It is the consolidated record of the information generated by the GRO process.
In short: the GRO is the strategy executed, and the PGR is the formal record of that strategy.
What are the Main Components of the PGR?
To have legal validity and technical effectiveness, NR-01 determines that the PGR must contain at least two main components:
1. Occupational Risk Inventory
This document acts as a complete mapping of the company. It must record the identification of hazards and the evaluation of risks, containing:
Characterization of processes and work environments.
Description of hazards and possible injuries or health impairments.
Identification of the generating sources or circumstances.
Indication of the groups of exposed workers.
Classification of risks (definition of the risk level).
Note: It is important to emphasize that the Risk Inventory must also include psychosocial risk factors, in accordance with recent updates to the standard.
2. Action Plan
This is the executive schedule. Based on the information from the inventory, the action plan defines the prevention measures to be introduced, improved, or maintained. To be effective, it must establish clear goals, defined deadlines, and those responsible for execution.
How does the PGR work in practice?
The PGR should not be a static document. Its structure provides for a continuous improvement cycle, similar to the PDCA method. Its practical operation follows these logical steps:
Anticipation and Identification: Survey of all hazards existing in the activities and environments.
Evaluation: Classification of risks by level (low, medium, high) based on the combination of probability and severity.
Control: Definition of preventive measures in the Action Plan to eliminate, reduce, or control these risks.
Monitoring: Constant monitoring of the effectiveness of the implemented measures.
Review: Update of the program whenever changes occur in the environment, accidents happen, or periodically every 2 years.
Importance and benefits of the PGR
In addition to fulfilling a legal obligation applicable to most companies (with specific exceptions for low-risk micro and small enterprises), the correct implementation of the PGR generates operational benefits:
Effective Prevention: By mapping and addressing all risks, the company acts to genuinely protect the integrity of its employees.
Legal Security: A technically well-structured PGR is the main evidence of compliance in cases of inspections or labor lawsuits.
Cost Management: The reduction of accidents directly impacts the reduction of the FAP (Accident Prevention Factor) and operational costs with sick leaves.
Work Environment: Risk control, including ergonomic and psychosocial risks, favors productivity and talent retention.
How technology keeps the PGR updated
One of the biggest challenges of OSH management is keeping the PGR updated in the face of company dynamics. Managing inventory revisions, action plan deadlines, and risk reassessments manually increases the likelihood of inconsistencies and outdated information.
The use of automated EHS management software, such as the solutions from GAP Sistemas, allows the PGR to function as a living document. The use of technology makes it possible to:
Automate alerts about document deadlines and expirations;
Perform agile updates in the face of changes in processes or legislation.
Ensure revision history and information traceability for audit purposes.










