Incorporating Behavioral Threat Assessment into Emergency Planning Internal and External Threats to Safety
Threat Assessment Compliments Risk Assessment Need to know what specific or general threats are likely against facilities and personnel; physical, operational and behavior Not all possible threat scenarios can be planned for; however, organizations should identify and mitigate the most likely threats Attention to local, regional, national and international incidents; cause, methods, and motivations
Workplace Standards & Threat Assessment The ASIS-SHRM standard goes deep into recommendations for developing and implementing a comprehensive, multi-disciplinary WVPI program; a threat management protocol, and practices that can help in effectively managing post-incident issues. It recommends the WVPI group include top-management, legal, HR, security, EHS, EAP, risk management, unions, EAPs, PR, and even outside experts such as a threat assessment professional. ASIS/SHRM WVPI.1-2011 Workplace Violence Prevention and Intervention
Threat Assessment Professional Uses perspective of organizational safety, not individual based Knowledgeable of multi-disciplinary functions; mental health Be objective and use all available information when making an assessment Assessments aimed at incorporating safe procedures for implementing organizational decisions
Threat Assessment Program Scope (Sample) Objective Assess the likelihood of escalated violence or disruption to operations, as well as identifying measures that can be taken to mitigate the risks When Situations which have caused harm or have the potential to cause harm affecting life safety, and/or serious damage to organization s property or operations Where Organization s owned or controlled property or which involve organization s employees.
Values of a Threat Assessment Program Process: Safety Oriented Behavior, not Profile Based Risk Prevention and Management Focused Objectives: Promote open and safe environment Activities that promote and emphasize dignity and respect Avoid heavy-handed approaches Focus upon prevention as well as a calculated response to threatening situations Expedite the reporting of troubling situations
Threat Assessment program attributes Coordination Preventive versus reactive Bring together disconnected pieces of information or concerns Coordinated plan to effectively address problem Collaboration Working with departments and units to mitigate risk Provide needed services/resources to subject Confidentiality Information to be protected to the degree legally possible Protection of case-specific information
Threat Assessments Analysis Many people causing threats or risks are not members of the organization Persons with troubled behavior who leave or are removed from the workplace may not stop being a threat or risk Community approach is beneficial, if not necessary Employees live off away from work Employment may take people away from work site Relevant activity occurred or may occur or in other jurisdictions
Types of Threats Malicious outsider organized crime, hacker, terrorist group, stalker Special interest group/extremist group Direct or indirect focus on organization Disgruntled insider/recently released employee Negligent insider Accidental or unintentional action
Low Tech Warning Signs Sudden changes of behavior Expressions of frustration(s) Pending or recent disciplinary action Expressions of ethical flexibility Expression of reduced loyalty Threats, malicious boasting ( You wouldn t believe how easily I could trash this net! ) and other negative sentiments
Considerations to Implementation of Threat Assessment Have internal process and resources available Keep message short, concise, easy to remember Use existing communications pathways to promote message Continual affirmation of message
Threat Assessment Principles Threat, approach, and attack behavior are the products of discernible processes of thinking and behavior Most people who attack others perceive the attack as a means to a goal An individual s motives and target selection are directly connected Targeted acts often precipitated by a personal or significant stressor
Targeted Violence Process (Weston, 2001) Ideation Planning Preparation Implementation
Critical Issues Making a threat vs. posing a threat Risk must be viewed as a probability estimate over time that changes with context Critical Information may come from a variety of sources (e.g., family, coworkers, other targets of interest) Threat assessment management must be viewed as a shared responsibility
Assessing the Level of Threat Posed: Initial Considerations Initial assessment of immediacy of threat/ accessibility of target Subject identifiable? prior history with the organization (or past employers) & law enforcement? Nature and intensity of threat posed? pattern of contact behaviors? escalation or de-escalation of behavior? method or methods of contact changed? motivations expressed/implied? intensity of motive across contacts? Presence of precipitating stressors? Mental illness Loss of status/pride Significant loss? (e.g., relationship, family, job, benefits)
Considerations to Facilitate Reporting Reporter should be given feedback Sometimes people need to know how concerned they should be about a situation. If the reporter is also the victim of threatening or concerning activity, important to provide following: Feedback regarding level of concern Safety planning tips Information concerning future activities by organization s authorities/tat to monitor/address/manage situation Always, the reporter should be reinforced for reporting a concern
Incidents That Should be Reported Anything that raises suspicion or concern Subject displays signs of serious mental illness who either engages in problematic contact behavior or makes reference to a member while engaging in unusual behavior Harassing, following, or stalking behavior Contacts that reference the person s safety or security Contacts (e.g., letters, email, phone, voice mail, face to face visit) that make negative/hostile reference to a person or group Threatening contacts regardless of method used Subject displays agitated & disruptive behavior toward a person or group (regardless whether threat is made)
Incidents That Should be Reported Behaviors Suggestive of Surveillance/Stalking: Individuals observed within unauthorized areas Use of multiple identifications Person(s) placing unusual items in trash containers adjacent to facility (or placing items in garbage on multiple occasions) Unknown persons trying to gain access to facilities Unknown persons or occupied vehicles loitering in the vicinity of facility for an extended period of time
Incidents That Should be Reported Behaviors Suggestive of Surveillance/Stalking: Photography or filming of high profile structures/procedures i.e. critical infrastructure, research facility, security, etc. Interest in security measures or personnel, entry points, access controls, or perimeter barriers Observation of emergency reaction drills or procedures Discrete use of still cameras, video recorders or note taking at unusual locations
Owen Yardley oyardley2@unl.edu University of Nebraska-Lincoln Police 402-472-2222