Security Leadership and Management

A Risk Mitigation Strategy in Preventing Workplace Violence

In most corporate sectors those responsible for providing leadership, guidance, perspective and program management are torn between the corporate realities and the unthinkable damage one catastrophic incident of homicidal violence will have on their personal reputation and the corporate image. I am reminded of The 10 Myths of Workplace Violenceoriginally introduced by Dr. John Baron, PhD, arguing the need to implement basic workplace prevention strategies. Of which the most memorable myths that come to mind are “It won’t happen here” and “Workplace violence is not preventable.” Integrating and Collaborating Resources allows for the sharing of the Workplace Violence Prevention Mission through “strategic intervention.” Why? Because it allows for flexibility in managing the program in organizations, eliminates the stovepipe approach and spreads the program management and commitment throughout the organization.

Such an approach to workplace violence prevention removes the “Denial Factor” as an avoidance measure. Instead, it considers the value of strategic intervention in avoiding the stovepipe mentality, which inevitably leads to damage control. Though an oxymoron in many workplace vernaculars, Workplace Violence Prevention is a reality requiring our ongoing attention and senior management commitment and investment in personnel security. Why, because people, though our most treasured resources, are also the most unpredictable when it comes to expectations. Any assumptive approach will assuredly bedazzle your imagination and even strike fear in the hearts and minds of many. Staying on top of the workplace culture and staffing and assessing the impact of workplace policies can uncover conditions, situations and moods adversely impacting worker morale, performance, production, and efficiency that eventually lead to workplace conflict. If you’ve watched the situational show the CEO on TV you can appreciate the correlation to this strategy and the surprise factor.

Integration and Collaboration as a concept causes organizations to rethink the stovepipe mentality that has allowed Workplace Violence to reside in the HR Function, when in fact, it can achieve greater organizational value through sharing in the program execution.

Here is an example of how the model would work.  Human Resources, in collaboration with other functional departments, will formulate the draft policy and then coordinate staff review to avoid unintentional adverse consequences. HR for all intents and purposes, will be the designated organizational program manager. Each functional department head would be responsible for day-to-execution, administration, enforcement and reporting. To create independence in the process, Security would be responsible for preliminary fact finding investigations in establishing just ground for continuing the investigation or recommending other appropriate steps. Security would also manage the violence response and interdiction as it relates to credible threats of violence, coordinating at risk employee situations, taking corrective steps to remove known physical security hazards and coordinating the external engagement of outside agencies with other organizational entities. All other departments would have appropriate input during policy and program implementation and execution as well as during the investigative process and in managing business and security risks. As always, Legal and Compliance would provide the framework needed to avoid the legal implications of the effort.

 

Integration and Collaboration

Workplace Violence Prevention should not be left to the “predisposition factor or” the background screening process conducted many years earlier. People, conditions, situations and circumstances change over time and as such are unpredictable. Warning signs and patterns can help only if we are paying attention. Circumstances, events and people assemble to create unfortunate triggers that on any given date, if left to short cuts, leave one to the unexpected news. 

This past August 9, 2011 in a little quiet town of Brattleboro, VT, Richard Gagnon, 59 shot and killed his store manager, Richard Morten over a severance package that stated Gagnon was creating a “hostile work environment” and that failure to take corrective action led to management’s decision to let him go. Whatever the circumstances, Gagnon felt aggrieved and reacted in the extreme. The million-dollar question is: Why did this happen?! Can we manage the organizational factors in avoiding the justification that led Gagnon to his extreme behavior? YES!!! 

While workplaces have improved their response to violence prevention in reducing nonviolent and violent homicidal acts of violence, we have a new threat facing our workplace violence prevention efforts, called the Multiple Fatalities. In 2008 there were 30 multiple-fatality workplace homicide incidents. Those incidents accounted for 67 homicides and 7 suicides. On average, about two people died in each of these incidents.

Integration and Collaboration considers strategic intervention in integrating cross-functional alignment in a collective higher-level collaborative role to proactively engage operational and security services in exploiting the value of on ongoing passive engagement. Through this strategy, senior management commits to focusing on the people security threat through risk management by managing outcomes more efficiently.  Policy decisions will not be made in a vacuum. Policies will be staffed at this higher level to protect against the possibility of unintentional adverse and/or negative impact on people and operations thus serving to reduce potential conflict and early warnings of at risk situations, conditions and personnel.

Unresolved workplace conflict, similar to the Richard Gagnon shooting, give rise to a certain level of rationale and justification for retaliation and eventually action. Organizations must dictate the response plan, not the Disgruntled Employee. Often, when one analyzes the circumstances of a past event, one can quickly discern provocation and contributing factors in the early stages, in the lack of leadership involvement and style and in a lack of corporate accountability as unrecognized contributory signs and factors along the way go unrecognized. These failings to recognize unknown hazards are fruitful circumstances in civil liability cases when the allegation is generally centered on some form of negligence. Thus, when we speak of unintentional consequences of favorable personnel actions, we refer to workplace polices that have an adverse impact of people and the operations and because of a lack of staffing and/or proper coordination and inability to see their global impact is missed. 

Managing the threat of workplace violence requires Integration and Collaboration of Resources as collective components of strategic intervention. Contrary to common opinion that the workplace offender fits a certain profile, those responsible must remain vigilant to workplace related contributory conditions and situations that when left unabated unintentionally cause further conflict. There is plenty of time to argue the philosophy, allow me to redirect your attention to the Richard Gagnon shooting and the Robert Montgomery Shooting incident of 2003.

Why is Collaborating and Integration being discussed as strategic intervention strategy?  Why is it important? Because as a combined strategy we strive to move away from operating under “Myths” and undertake situations as active players minimizing the impact through a concerted coordinated response. 

While the incidents of workplace homicides have decreased we have a need to take proactive measures that help detect the transition from the Disgruntled Employee and/or Domestic/Relationship Threat to Hostile Intruder (Active Shooter.).  The Hostile Intruder (Active Shooter) is the lethal reality to unresolved workplace conflict from the negative impact of termination and loss of income, support, family and dignity and pride. The ensuing retaliation will be well planned, swift and lethal.

There are recent examples of multiple workplace shootings that warrant corporate attention and consideration in critically assessing and evaluating workplace safety and security programs and policies and allocating and defining resources.

To further but critically assess and evaluate the impact of workplace violence, let’s review a totally innocent turn of events ending in a double homicide and suicide.  On May 18, 2010, Robert Montgomery a 50-year old salesman at the Boulder Stove & Flooring, shot and killed 40-year old Sean and Staci Griffin, owners of the Boulder Stove & Flooring Company, Boulder, Colorado. Montgomery was upset over recent changes in sales commissions and bonus policies.  We see from this incident that workplace policies and decisions can and have an adverse and negative impact on employee morale, justification and rationale for violent retaliation. We can see that background screening was not a factor since the employee had no prior history of violence nor were there any employee reports of concern. 

So how does an organization with a plethora of ongoing simultaneous missions wrap its arms around prevention and its measurable ROI? We learn from the Robert Montgomery shooting incident that like the “terrorist” the Disgruntled Hostile Intruder methodically rationalizes his actions, plans his approach and never intentionally disclose his intentions.

 

Top Down Management Commitment

Integration and Collaboration of Resources allows those providing program management to expand oversight without adding or expending additional resources through ongoing multiple intervention strategies that rely on Relevant Methodologies as Best Practices.  Organizations by virtue of its unique settings, situations and conditions should avoid the “cookie-cutter mentality” in applying best practices. Apply Relevant Methodologies emanating from your critical vulnerability assessments in developing your Best Practices.

•  Require the organization’s collective efforts to insure best practices rather than costly re-inventions.

•  Conduct frequent critical vulnerability risk assessments in helping to identify potential at risk situations and conditions.

•  Implement Violence Prevention and Response Plans designed to engage situations before transition to a Hostile Intruder / Active Shooter.

•  Develop comprehensive interrelated emergency management plans with local emergency services providers that consider employee support.

•  Planning in considering the business interruption and business continuity considerations in protecting the crime scene, evidence and prospect of temporary closure of a unit or section.

•  Conduct drills and exercises integrating related plans.

•  At the senior level use desktop simulations exercises and executive briefings to keep busy people engaged.

•  Participate in local private public initiatives that invest in organizational safety and security.

•  Promote employment of new technologies to exploit the value of Integration and Collaboration of systems as a cost-efficient way of having state of the art cross-functional system.

 

Applying Relevant Methodologies Best Practices

Applying Relevant Methodologies – in achieving the value of Integration and Corroboration of Resources – can best be summed up in a nutshell through the combined efforts or effective communications: Introducing an idea; evaluating its worth, and considering the impact in a collaborative setting that considers the Business, Security and Legal Implications of not doing anything. Through Integration and Collaboration of Resources a core component of strategic intervention leadership is held responsible and accountable. 

The Role of Standards in Workplace Violence Prevention and Response

By Sean A. Ahrens, CPP, BSCP, CSC

He/She "just snapped” is what many describe after an incident of workplace violence has occurred. However, there are subtle clues prior to someone acting out. Until now, workplace violence prevention was a voluntary program, one that was buried in a duty of care to protect employees, which is governed by the Occupational Safety and Health Administration. However, a forthcoming, open, unbiased and balanced standard may change all of that to require companies more than ever before to be “proactive about tomorrow’s uncertainties.”

The Workplace Violence Prevention Standard is currently being addressed jointly between ASIS International and Society of Human Resource Management. This is an immense initiative and commitment from both organizations recognizing they need to systematically bring both security and human resources expertise together in order to mitigate violence in the workplace.

The Problem

Workplace violence requires a balanced approach, utilizing administrative and behavioral countermeasures to mitigate its potential by applying security measures designed to deter, delay, detect and respond to the incident. These programs require buy-in from corporate management and there is often no perceived return on investment. However, a severe incident can be an extreme financial burden on companies.

Without awareness and pre-planning, workplace violence can be triggered quickly, and - depending on the conviction of the aggressor – can be catastrophic. Compounding the problem, there are multiple types of workplace violence, all of which have different controls and approaches to detecting and controlling/responding to the incident from occurring.These include:

•  Type I involves criminal intent such as robbery at a bank, in a taxi cab or convenience store;

•  Type II concerns a crime involving a customer or client who feels they have been wronged or is disturbed by a specific billing issue;

•  Type III is a crime where the victim and perpetrator are co-workers;

•  Type IV involves a crime relative to a personal relationship, such as a domestic issue.

Workplace violence prevention and response is simplistic when there has been pre-planning, such as that done in anticipation of other crises: fire, earthquake, inclement weather, etc. More often than not, we find that crisis management planning does not take into account workplace violence. The reason is simple: People believe it would never happen, but in all incidents of workplace violence there have always been after-the-fact clues, hints and gut feelings that something was not right.

Education on workplace violence incident management is essential to prevent the occurrence of a crisis. Organizations may deal with someone who may act out though disciplinary action or by pushing them back into the organizations through an Employee Assistance Program or additional resource. In many instances, the employers’ perceived conclusion to the problem only creates deep-seated brooding by the person contemplating a workplace violence act. Workplace violence prevention could be as simple as a weekly call to the individual who could act out, asking how he/she is doing and if they are in need of help.

The main component of workplace violence prevention is to learn about the tools available to prevent an incident from occurring. Workplace violence prevention requires the layering of administrative, environmental and behavioral security.  By themselves, these individual components provide an ineffective security program. 

History

Violent incidents have always occurred at workplaces, but no other incident called attention to the problem of workplace violence than the rash of incidents in the 1980s at the Unites States Postal Service, where coworkers and managers were gunned down by fellow ex-employees. These separate and distinct incidents brought on a new American slang phrase, “going postal.” The gravity of this result is that it had far-reaching indirect implications on the USPS, implying their facilities were not safe. In fact, the USPS conducted an expensive study later, which concluded that an incident of workplace violence was no more likely to happen at a USPS facility than another facility.

There are no current standards or requirements beyond the OSHA duty of care to protect employees. In some cases in the United States, specifically in the health care sector, legislation is emerging which will require pre-planning and assessment. In Canada, there is more stringent legislation that crosses all industries and sectors, requiring robust assessment, analysis and implementation of controls and plans to preclude and respond to incidents of workplace violence. In all instances, legislation is not specific; it only describes broadly what needs to be done. A unified workplace violence standard, as discussed above, is being developed jointly by ASIS International and the Society of Human Resources Managers (SHRM) could change that.

Standards

Role of Standards– Standards in security ultimately create a common management system approach to address issues associated with a specific domain and/or risk. By looking at specific concerns intrinsic to the industry, security standards better serve the needs of the business world by improving the effectiveness and productivity of security practices as well as enhancing the professionalism of the industry.

Background on the Process– ASIS International develops security standards and guidelines intended to create access to information and practices in today’s evolving world. The process is intentionally lengthy, unbiased, balanced and very thorough. It commonly starts with a proposal within a committee or by a person and includes creating a working committee, regular meetings, public reviews and stringent documentation.

Comparison Between Guidelines, Codes and Standards– There is no prescriptive methodology to the development of a guideline. In the most basic sense, a guideline provides guidance, which most likely is not mandatory or prescriptive but is a generalized concept for consideration toward meeting a goal. For instance, a guideline to boat-making might say “ensure the boat is water-tight.” A voluntary standard tends to require a far more robust and time-intensive process, which is typically administered by a standards organization, such as the American National Standards Institute or the equivalent. A standard is prescriptive and specific, identifying specific methods that shall/must be used.

A code is a list of rules which are adopted by a municipality or a government and are typically legally binding as a result of ordinance or legislation. Standards are easily adopted as codes because of the rigorous processes required when developing a standard.

Discussion on the Forthcoming Workplace Violence Standard

The forthcoming standard provides guidance on general policies, processes and protocols by which companies can help to mitigate behavior and violence that impacts the workplace while improving the opportunity to respond to and resolve workplace violence incidents prior to them becoming crises. The standard was created to present practical definitions of workplace violence that includes a continuum of challenging behavior and classifies events based on the relationship of perpetrator to victim. It presents prevention and intervention strategies as well as outlines procedures for detecting, investigating, supervising and responding to threatening behavior or violence that occurs either in association with work or while at work.

The scope of the standard provides an overview of general security policies and processes, provides tools that an organization can implement to mitigate behavior affecting the workplace and supports the organization to better respond to an event. The Workplace Violence Prevention Standard presents a general definition of workplace violence. It outlines security prevention and response strategies as well as the procedures for detecting, investigating and managing threatening acts which happen in the workplace or in association with an individual’s employment. The standard is based on the existing ASIS International Workplace Violence Prevention and Response Guideline.

The standard will likely impact all public and private organizations with a focus on the roles of human resources and security professionals. From a broader perspective, this standard offers a greater opportunity in a collective partnership between two business functions that can sometimes have competing goals. ASIS and SHRM will benefit how we look to create future standards and the need to collaborate for the betterment of the industry.

Regardless of standards, organizations need to conduct due diligence regarding the threat of workplace violence and the vulnerabilities that could create an opportunity for an occurrence. The first step is to evaluate an organization’s risks to workplace violence. Is anything of monetary value stored at the facility, do employees interact with potentially violent patrons, guests, visitors, patients? Is the environment stressful or highly energized, such as at a hospital? Are there extenuating environmental factors, such as financial, romantic or cultural issues which could create a greater potential for someone to act out? Once vulnerabilities have been identified, controls such as employee awareness, training and response must be addressed. There is no greater control than active employee/student participation, as evidenced when an anonymous tip prevented the potential for another school shooting at Leto High School in Florida. This unsuccessful act is now a footnote in history because nothing happened, which is what security is about – prevention.

Preventing these occurrences begins with a plan and a response, which is similar to other types of crises and a respective crisis management model. Although the tools and resources are different as compared to other crisis’s, without doubt, workplace violence is an incident that will call upon local internal and external resources which will require in-depth planning, table-top and wild-card scenarios to prepare an organization for a response that will be necessary to save lives and restore business as quickly as possible. Important aspects to the crisis management planning process need to be taken into account, including, but not limited to: pre-incident, after action employee assistance, counseling, work slowdowns, employee/vendor retention and increased sick and personal time usage. In addition, this pre-planning will assist in the ability for an organization to limit the indirect costs, such as negative perceptions to brand and image, will be placed heavily on public relations during and after a crisis event. Crisis management plans should address and take into account local police response to workplace violence, which is much different than what was seen prior to the Columbine tragedy. Gun laws (concealment/carry) should also be considered, because legitimate, responding employees could react to a workplace violence incident in conjunction with police, which could create delay for the police. Crisis management planning is essential and will assist an organization’s efforts to identify and plan for potential scenarios.

The security community is evolving and that evolution is driving standards. The implication of standards changes the game. Standards drive codes and legislation, which can be sources of revenue for municipalities and cities. Currently, there is legislation in a variety of states that broadly describes requirements for workplace prevention, but lacks definitions, commonality, environment and a consistent message. The application of a workplace violence prevention and response standard provides a mechanism for current and future legislation to latch on and require compliance.

About the Author:

Sean A. Ahrens (sean.ahrens@aon.com), CPP, BSCP, CSC, is a project manager with Aon Risk Solutions’ Global Risk Consulting practice. With more than 18 years of experience in the security industry, Ahrens is responsible for providing organizational security consultation, threat and risk analyses, contingency planning, loss prevention and force protection design and planning. Ahrens also serves as a member on the Commercial Real Estate Council and on SecurityMagazine’s Advisory Board.

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Felix Nater

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

July 2014

2014 July

In the July issue of Security Magazine, read about how the NFL is balancing security with fan experience to make sure sporting events are running smoothly. If you're doing any traveling this summer, be sure to read the 5 hot spots for business travel security, also, employers can track on-the-go employees with new mobile apps. Also, check out the latest news and industry innovations for the security industry.

Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.  

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+