While the European Digital Services Act (DSA) obliges only the biggest platforms to conduct risk assessments, UK’s Online Safety Act (OSA) sets out risk assessment obligations for all services that fall within the OSA’s scope. How can smaller platforms conduct risk assessments? What do the VLOPs have to say? And how can you avoid making the risk assessments a (costly) check box exercise and can they be useful even outside of regulatory obligations? This panel will provide operational insights on how to carry out risk assessments, considering takeaways from platforms experiences conducting regulatory and non-regulatory risk assessments, Ofcom’s guidance, and industry standards. In this way, the panel aims to leverage the rich shared knowledge that exists around risk assessments to support T&S professionals in conducting this continuous exercise with as little friction as possible in the future.