There are three choices in dealing with the risk of workplace violence. First, you can ignore the risk, throw in the towel and believe that it won’t happen in your organization. This is the most frequent approach when dealing with the risk. The belief, call it an ostrich approach, is the top obstacle for managers and security executives who should be proactive. Generally, ostriches conduct a formal or intuitive assessment of the statistical risk of violence occurring in their workplace. Because the odds are very small, not much is put into addressing the issue.

A second choice is to transfer a portion of the risk via insurance. Here the organization does what’s legally required to minimize liability. However, fundamentally these firms just trade the cost of taking preventative efforts for getting payment to cover costs in the event of an incident. The bosses rest easier knowing that the financial impact of a violent incident on the continuity of business has been mitigated. Unfortunately, the real impact on people injured or whose lives are damaged is not necessarily mitigated.

People and the Environment

The third choice: reduce a substantial amount of the risk by reducing “at risk” behaviors, those individual and organizational behaviors that tend to increase risk.

This latter approach is the one taken by progressive organizations that actually operationalize their mission statement that people are their most important resource. They genuinely focus on providing a safe workplace free of known hazards.

These organizations focus on a comprehensive strategy to prevent injuries before they occur and recognize the importance of assessing both individual and organizational risk factors.

Avoid Single Focus

One danger is to place the sole focus on individual behaviors. Too often, firms and their security operations spotlight early warning signs, behavioral profiles and individual threat assessments for those identified as “being at risk.” More progressive organizations instead take a 360-degree view by combining the individual threat assessment approach with one that also assesses endemic organizational behaviors that may create a hostile work environment. The bottom line: recognize elements that make things ripe for “the perfect storm.” Such elements can include a potentially violent or at-risk individual; an organization, facility, department or group with a hostile work environment or one that’s violence prone; and when the at-risk individual is exposed to a stressful event.

A solid first step is a facility risk assessment to determine a sound preventive physical security program as well as an organizational assessment to identify management behaviors, polices, practices, environmental and organizational factors that may lead to a higher propensity for workplace violence.

Security and other appropriate managers need to classify at risk behaviors and then develop appropriate actions at each of the commensurate levels of risk. One model borrows from the threat levels used for Homeland Security.


Identify what risks of violence are inherent to your specific organization, industry or geographic location. Develop a plan to mitigate any potential exposure.

For example, if it’s a warehouse in an area where several robberies or assaults have occurred in other company parking lots, consider steps such as more and better lighting, security video and escorts for employees to and from their cars, when requested.

Train security officers, supervisors and employees to recognize early warning signs and how to report or intervene to effectively address them.

Proactively communicate the value of the security program and any employee assistance resources to employees and train supervisors how to influence employees to use the programs.


Conduct a facility risk assessment to ascertain vulnerabilities. Take actions to address these weaknesses, including improved perimeter security, particularly access control.

Establish a protocol with local law enforcement to expedite response to an incident. This includes familiarizing public safety officials with a facility and its physical layout.


Conduct a desktop review or rehearsal of your workplace violence emergency response plan to test how the pieces work and learn where improvements are necessary.

Review factors common to organizations with a higher propensity for incidents and identify the areas within the organization possessing a lot of these factors. Conduct an organizational assessment in these specific areas and develop a positive employee-relations plan to address the problems identified.

Conduct a threat assessment of individuals identified as at-risk. This may include a background check, a threat assessment or “fitness for duty” evaluation. Take specific actions based on the information learned. One action, often with input from the organization’s counsel, a labor attorney, law enforcement or workplace violence professional, is to determine appropriateness of obtaining a workplace restraining order. This should not be an automatic decision but well thought out because a restraining order could escalate the situation.


Security can conduct surveillance of the at risk employee with, in appropriate cases, the involvement of law enforcement. If specific individuals have been identified as being potential targets, relocate their work location and/or provide additional security protection.


Consider closing a facility or area. The most effective way to deal with work violence is to identify what the real risks are, develop mitigating strategies to reduce or eliminate the risks and have a comprehensive strategy focused on early identification and averting issues.

With the value of hindsight, after an incident, security and management generally are able to identify how the incident could have been prevented. So the trick is to anticipate incidents through “what if” scenarios and then implement preventative actions in real-time. For example, in a 2003 New York City Hall shooting, if authorities had required all personnel to go through metal detectors, the killings probably would not have happened.

With serious planning and diligent application of proactive measures, most security operations and their top management have the capability of preventing most incidents.

About the Author

W. Barry Nixon is executive director of the National Institute for Prevention of Workplace Violence, Inc. The private firm’s Web site is Contact Nixon at


Security can take a page from the Homeland Security risk alert model.

Severe — Severe risk of an imminent incident

High — High risk of an incident to occur

Elevated — Significant risk because of identified person or situation

Guarded — General risk that something could happen

Low — Low risk thanks to progressive policies and ongoing reviews


There are actions which security executives and management can take matched to each level of infrastructure.

Basic building blocks include:

  • Workplace violence prevention policy
  • No weapons policy
  • Threat assessment team trained in how to deal with crisis and emergency situations
  • Crisis communication plan
  • Employee assistance program or pre-identified resources to assist employees in dealing with stressful situations and personal problems
Ongoing actions include:
  • Clearly defined and communicated employee problem resolution processes periodically assessed for perception of fairness and effectiveness
  • Frequent and regular communication about the organization, its direction, changes, performance, etc.
  • Progressive human resource and security policies and practices that address issues such as sexual harassment, reference and background checking, safety, security, fair and respectful treatment of people, among others.