What factors would make a threat “high risk” versus “medium” or “low risk”? Are there threat severity levels that could be used to make these definitions?
What are some good examples of low, medium, and high-risk threats?
In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser addresses these questions as he shared a model set of threat severity levels and examples that can be used by any organization.
Episode Transcript
Hey, folks. Bryan Strawser, principal and CEO at Bryghtpath, here, and welcome back to the Managing Uncertainty Podcast. This week, I wanna continue our discussion on workplace balance and threat management programs by talking about how to categorize a threat in terms of severity. We like to keep our threat severity discussions relatively simple and think about organizing threats as either low, medium or high. A low-risk threat would be a threat that is a general security incident with nonspecific threats. In these cases, this might require … it might involve general security support in a situation, it might involve a simple employment dispute, and involve, primarily, indirect threats.
So, if we think back to last week’s episode where we were talking about the threat incident risk factors and how to evaluate those risks against those risk factors, evaluate the threat rather, against the risk factors, that’s really what we’re doing here. We’re looking at this low-risk threat, we’re looking at those threat incident risk factors and we look at it and say, “Well, there’s not many of these risk factors present.”
So, a good example of a low-risk threat as defined by our threat severity levels would be when your company’s call center receives an anonymous call that’s a nonspecific threat to blow up your headquarter’s location. It’s literally someone calls and says, “I’m unhappy about this refund that I didn’t get, and so I’m gonna blow up your headquarters in Minneapolis,” and then hangs up. That’s not a very specific threat. There’s nothing specific there, there’s not a lot of directness, there’s not a lot of detail, there’s nothing actionable, there’s no outlining of a plan. It’s just somebody who’s mad and they’re blowing off steam. Should you still communicate this, should you still evaluate it, should you still think about, “Are there preventative measures?” Sure. But again, this is a low-risk situation.
Next, we think about how we categorize a medium-risk threat. Factors here could be multiple, repeated threats about the same situation or from the same individual, repeated angry outbursts, a repeated pattern of harassment or violent behavior, it could be a subject with multiple risk factors present, the risk factors that we talked about in last week’s episode, or it could be a strong suicide threat where those threat factors, threat risk incident … threat risk factors we spoke about last week for suicide are present in this individual, and so you’ve chosen to classify this as a medium-risk threat.
An example would be a current employee at your company who’s made a public threat of suicide. They have had recent performance issues and problems and a recent uptick in grievances towards their supervisor. So, this is a medium-risk situation. This is one that probably requires a threat action plan. You may need to take some specific safety and security measures in response to this. Definitely worth active intervention and determining the right threat strategy, threat management strategy to put into place.
And then, finally, we have high-risk threats. This would be where you have a specific, direct, and actionable threat made or perhaps threats made against multiple victims. It could be a subject with multiple confirmed risk factors that are present or it could be a medium-risk threat that’s occurred, but it involves a weapon, and you know that the individual has access to that weapon.
An example for a high-risk threat could be a former employer making multiple specific threats against a manager, that this individual is known to possess firearms and had a previous arrest or terroristic threats involving a firearm. Clearly, a high-risk threat. Definitely, one where immediate action is likely warranted through your threat management process.
Again, you can use the threat severity levels to help define this.
The way that these threats should be evaluated is through a threat management process and a threat management team that has the right expertise, internal and external, to the organization to understand and evaluate the threat and make the right recommendations in terms of developing a plan that needs to be followed to ensure the safety and security of your employees. These are topics we’ll talk about in next week’s episode where we will walk through a sample of workplace violence and threat management framework that you can use for your organization.
If you like an easy-to-use one-page threat severity levels graphic outlining the threat severity levels that we just discussed, low, medium, and high, and examples of these situations, visit Bryghtpath.com/42. That’s Bryghtpath.com/42, and we’ll have that available for download as a part of this episode. That’s it for this episode of Managing Uncertainty. Tune in next week, and we’ll walk through our workplace balance and threat management program. Thanks for listening.
