Level of Attractiveness & Deterrence Matrix

It’s really a matter of risk management. Violence in all types and forms must be understood and managed.
Over the last two decades, the Department of Labor and National Institute for Occupational Safety and Health (NIOSH) have provided insightful information on workplace violence fatalities and nonfatal incidents. While these statistical reports have provided essential details, in most cases businesses have not been able to translate them into cogent plans to address this ever-present problem. This article will focus on helping those charged with the responsibility for addressing workplace violence to understand the potential business and financial impact of violence on their work environment.


The initial step is to assess the potential threat of workplace violence based on the nature of your business and on the types of facilities and their locations. The possible types of workplace violence include the following:
  • Violence perpetrated by a stranger (generally robbery is the goal);
  • Violence perpetrated by a current or former employee;
  • Violence perpetrated by a relative, spouse, ex-spouse or individual with a personal relationship with an employee; and
  • Violence perpetrated by a customer, client or contractor.   

All organizations have exposure to all four types of violence, although to varying degrees. For example, if you are a retail business that handles lots of cash, the nature of the threat posed and type of potential violence you face will differ from the threat that hangs over a manufacturing plant. Likewise the threat posed to a warehouse located in a high crime area will be different from that posed to an office building in a busy downtown area. Each type of workplace violence requires a different type of assessment.
Numerous variables will impact these assessments, including the type of business, the type of facilities you operate, the level and nature of security at those facilities, hours of operation, level of staffing, presence of valuables or cash, and location.


Once the risk has been identified, a vulnerability assessment must be performed. The vulnerability assessment considers the potential impact of loss if an incident occurs as well as the vulnerability of the facility/location to an incident. Impact of loss is the degree to which the mission of the organization is impaired by an incident.
A key component of the vulnerability assessment is properly defining the ratings for impact of loss and vulnerability. These definitions may vary greatly from facility to facility. For example, the amount of time that mission capability is impaired is an important part of impact of loss. If the facility being assessed is an air route traffic control tower, a downtime of a few minutes may be a serious impact of loss, while for a Social Security office a downtime of a few minutes would be minor.
A sample set of definitions for impact of loss is provided below. These definitions are for an organization that generates revenue by serving the public.
  • Devastating: The facility is damaged/contaminated beyond habitable use. Most items/physical assets are lost, destroyed, or damaged beyond repair/restoration. Multiple deaths have occurred. The number of visitors to other facilities in the organization may be reduced by up to 75 percent for a limited period of time. An example of a devastating event would be the attack on the World Trade Center.
  • Severe: The facility is partially damaged/contaminated. Examples include partial structure breach as a result of weather/water, smoke, fire, or impact damage to some areas. Some items/physical assets in the facility are damaged beyond repair, but the facility remains mostly intact. The entire facility may be closed for a period of up to two weeks and a portion of the facility may be closed for an extended period of time (more than one month). Some assets may need to be moved to remote locations to protect them from environmental damage. One or more deaths occur or a serious number of nonfatal injuries (these are injuries that would meet the OSHA reportable event standard). The number of visitors to the facility and others in the organization may be reduced by up to 50 percent for a limited period of time. Examples would include the recent attack in Mumbai or the killings at Virginia Tech. An example of a different type, but nevertheless that had similar impact, was the systems engineer that held the City of San Francisco hostage with protected passwords, denying city officials access to their computer systems.
  • Noticeable: The facility is temporarily closed or unable to operate, but can continue without an interruption of more than one day. Note that the decision to close the facility is based on employee, community, and public relations and/or political factors rather than the facility being unavailable. A limited number of assets may be damaged, but the majority of the facility is not affected. Some injuries may occur, but not a significant number of them are serious enough to warrant reporting to OSHA. The number of visitors to the facility and others in the organization may be reduced by up to 25 percent for a limited period of time. An example would the robbery of a jewelry store in which several jewelry cases are severely damaged, but can be replaced. Employees will likely be highly stressed, afraid and apprehensive; however, the physical facility is capable of opening for business.
  • Minor: The facility experiences no significant impact on operations (downtime is less than four hours) and there is no loss of major assets. There are no reportable injuries. Examples would include a credible bomb threat, a fight between employees that causes disruption in a single department, or a big scene caused by an intimate partner, who requires police to be called, but no injuries.
Vulnerability is defined to be a combination of the attractiveness of a facility as a target and the level of deterrence and/or defense provided by the existing mitigating measures.
Target attractiveness is a measure of the asset or facility in the eyes of an aggressor and is influenced by the function of the facility. Sample definitions for attractiveness ratings are as follows: highly attractive, moderately attractive, low attractiveness.
Deterrence is measured by the layers of security and other factors that discourage or restrain aggressors by increasing the likelihood of detection; severely hampering the likelihood of success; and impeding the possibility of escape.
The combination of attractiveness plus deterrence must be considered.
  • Very High: location of facility is in a high crime area or rural area with a known long police response time; the level of deterrence and/or defense provided by the existing mitigation measures is inadequate (e.g., little or no security, no workplace violence prevention program or measures in place).
  • High: location of facility is in a rural area that has a known long police response time and/or the level of deterrence and/or defense provided by the existing mitigation measures is inadequate.
  • Moderate: location of facility is a moderate distance from law enforcement and expects moderate response time and/or the level of deterrence and/or defense provided by the existing mitigation measures is marginally adequate.
  • Low: location is in close proximity to law enforcement with immediate response time and/or the level of deterrence and/or defense provided by the existing mitigation measures is adequate.

In addition, the type of workplace violence incident has to be considered when attempting to identify the appropriate vulnerability rating. For example, a workplace robbery is driven by the “attractiveness” of acquiring cash or other valuables (like jewelry, precious metals, etc.) whereas a terminated employee, intimate partner or disgruntled client is driven by the desire to get to the “target” of their rage, sense of injustice or other psychological factors. For the robber the higher the level of deterrence (or security and mitigation factors) in place the more the attractiveness of the facility diminishes because their goal is to escape with the valuables.


A combination of the impact of loss rating and the vulnerability rating can be used to evaluate the potential risk to the facility from a given threat. A sample risk matrix is depicted in Table 1. High risks are designated by the darkest cells, moderate risks by the lightest cells, and low risks by the medium cells.


Now before you jump to the conclusion that the risk is negligible – consider the following:
  • The Bureau of Labor Statistics reported that during the 1990s, on average, 19 people were murdered at work each week or close to 1,000 people on an annual basis.
  • Likewise they reported that so far in this Century workplace homicides have averaged 603 annually; a 13 percent increase in incidents occurred from 2006 to 2007.
  • NIOSH reports the estimated cost for a workplace homicide is $850,000 per incident.     
The clear point that should be extrapolated from the above data is that, while workplace violence homicides are statistically rare, the reality is they are still occurring and we actually saw a 13 percent increase in workplace homicides from 2006 to 2007. Nonfatal incidents have held steady between 1.5 and 1.8 million incidents annually.
Due to the low statistical risk of the occurrence of workplace homicide a critical issue that is frequently overlooked when assessing the risk of workplace violence is the impact of an incident if it does occur.
Once a homicide occurs in your workplace it brings the entire enterprise into the spotlight because it is newsworthy and will likely result in front page coverage by national newspapers and evening news.
To further illuminate this point, a study released by Oxford University and the Sedgwick Group analyzed the impact of catastrophes on shareholder value.
The study compared 15 companies that experienced a serious man made disaster and followed the stock value and trading volume with somewhat surprising results. The study showed that after a sharp initial negative decline of almost 8 percent of shareholder value, there is a full recovery in an average of just over 50 trading days. The results of the study also indicated an initial spike of more than four times the normal trading volumes in the days immediately following the incident. However, trading volume returned to normal in an average of just 20 days. Although shares initially recovered after only 50 days, the final outcome of the companies was not always as positive. A year after the event some stock prices had actually increased while other companies lost millions or went out of business entirely.


Consequently, once you start to recognize the potential impact of such an event, you come to understand that it is not wise to assume it is not worth investing company resources in prevention because of the low statistical probability. Just think about how much fun it will be explaining to your company President or CEO why you chose to ignore the possibility of workplace violence when the company is under siege by the news media, government agencies, attorneys, community and family members of the victim(s) because you dismissed it as a low risk. See Table 2.
Additionally, you should also be aware that workplace homicides are only the tip of the iceberg: A much larger risk is non-fatal workplace violence incidents. Between 1.5 and 2 million incidents are reported annually and many suspect this is underreported by more than 50 percent. These numbers include simple and aggravated assaults, robberies, thefts, rapes, and sexual assaults. These often less-than-sensational incidents may never be reported in the media, but they present a high financial risk to your organization. (Assume each non-fatal incident has a total cost of $2,500 and you have 10 of them: this is a $25,000 impact on your bottom line.)
Once you complete this assessment you will be ready to develop a framework for identifying the potential cost to your business of an actual incident and juxtapose this against the cost of implementing a model prevention plan.