What is the DUERP?
The DUERP is a mandatory document that identifies, evaluates, and prioritizes all professional risks to which employees of a company are exposed, unit by unit. Established by the decree of November 5, 2001, it represents the concrete application of the employer's general safety obligation (Article L.4121-1 of the Labor Code).
It is not merely an inventory: the DUERP must enable the implementation of a coherent, monitored, and time-bound prevention action plan.
Is the DUERP mandatory for all companies?
Yes. The DUERP is mandatory from the hiring of the first employee, regardless of the company's size or sector of activity. Only the update frequency varies depending on the workforce size.
In addition, a mandatory update is required whenever a development decision modifies health and safety conditions, or when additional information regarding risk assessment is gathered (for example, after a workplace accident).
What are the risks incurred in the absence of a DUERP?
The absence of a DUERP or failure to update it exposes the employer to a fine of up to €1,500 (€3,000 in case of repeat offense), but more importantly, to a presumption of inexcusable fault in the event of a work accident or occupational disease. This presumption can significantly increase the company's civil and criminal liability, often leading to financial consequences far exceeding the initial fine.
Since the Occupational Health Law, the DUERP and its successive versions must also be retained for 40 years, which makes its traceability (dates, versions, authors of modifications) just as important as its content.
How to draft a DUERP step by step?
Drafting a DUERP follows a four-step methodology: breaking down into work units, identifying hazards, evaluating and prioritizing risks, then defining an action plan.
1. Break down the company into work units
A work unit groups employees exposed to similar risks (position, workshop, task, location). This breakdown determines the relevance of the entire subsequent evaluation.
2. Identify hazards by work unit
Each risk is exhaustively listed: physical risks (falls, handling, noise), chemical, biological, psychosocial, organizational. INRS grids provide a solid reference base.
3. Evaluate and rate each risk
Each risk is generally rated according to two crossed criteria (potential severity and frequency/probability of exposure) to obtain a criticality level that allows for prioritizing actions.
4. Define and monitor the action plan (PAPRIPACT)
The Annual Program for the Prevention of Occupational Risks and Improvement of Working Conditions (PAPRIPACT) directly stems from the DUERP. Without structured monitoring of this plan, the document remains a mere snapshot with no real effect on prevention.
Why digitize your DUERP instead of keeping it on Excel?
A DUERP on Excel quickly becomes difficult to maintain as soon as the company has multiple sites, exceeds ten work units, or needs to demonstrate its traceability over several years during an inspection. Spreadsheets do not reliably track versions, authors, or update dates, which is a crucial point given the 40-year retention obligation.
Dedicated software offers three tangible benefits:
- Automatic traceability of every modification, with a history and a timestamped export admissible in case of an inspection.
- Automated rating and prioritization of risks, with pre-configured grids adaptable by sector.
- Direct link to the action plan : each identified risk generates a prevention action that is automatically assigned, tracked, and followed up.
This is precisely the approach championed by the Symalean Security module, designed to centralize DUERP, prevention plans, and corrective action tracking on a single platform, AI-driven for analyzing field feedback.
Key takeaways
- The DUERP is mandatory from the first employee, with at least an annual update for companies with more than 11 employees.
- Successive DUERP documents must be retained for 40 years.
- The methodology is based on 4 steps: work units, identification, rating, and action plan.
- Digitalization secures traceability and transforms the DUERP into a true management tool, rather than an administrative formality.
FAQ
Who is responsible for drafting the DUERP in the company?
The employer is responsible, but its preparation usually involves the safety officer, the CSE (where applicable), and occupational health and safety services.
Does the DUERP need to be submitted to an official body?
No, but it must be made available to employees, the CSE, the labor inspectorate, occupational health services, and occupational risk prevention services.
What is the difference between DUERP and PAPRIPACT?
The DUERP assesses and prioritizes risks; the PAPRIPACT is the resulting annual action plan for companies with 11 employees or more.
To learn more
- Discover how to structure a workplace prevention plan compliant with 2026 requirements.
- Understand the changes to the standard ISO 9001 in 2026 and its relationship with risk management.
- Contact our team for a personalized demonstration of the Safety module and to see how to digitize your DUERP in less than 30 days.



