22 October 2017

Threat Management Team: Preemptive Risk Strategy....

The Corporate Threat Management Team (TMT) has been busy this past year and your employees are consistently seeing new and startling behavior beginning to emerge. These small and versatile task forces within corporate Operational Risk committee members include the Chief Security Officer, Human Resources (EAP), Ethics & Compliance, General Counsel and Chief Information Officer or Privacy Officer.

Assessment of threats in the workplace that include violence, sabotage, financial fraud, homicide or suicide are growing in the current economic environment and the Board of Directors are on alert. The Board has a daunting responsibility to provide the enterprise stakeholders:
  • Duty to Care
  • Duty to Warn
  • Duty to Act
  • Duty to Supervise
Threat assessment is a legal responsibility by corporate management and directors but this is not anything new per se. What may be trending upwards and at an alarming rate is the litigation associated with "Insider Threats."   Just ask Dr. Larry Barton about the subject of corporate threat assessment:
"Despite sound recruitment practices, any employer may encounter situations in which colleagues are worried about their safety because of the actions or statements made by a co-worker. The person at risk could be a current employee, former associate/contractor, disgruntled customer, investor or other person who makes or constitutes a threat to your most vital resource - your human capital."
This (Threat Assessment) approach employs strategies that have been successful in a variety of situations, including:
  • an associate being stalked by a spouse or former partner
  • an employee who states that he or she is experiencing significant mental deterioration or who has thoughts of self-harm or homicide
  • altercations between co-workers and/or with a supervisor that are escalating in tone and severity
  • serious changes in attitude and performance with known or suspected substance abuse factors
  • social networking, blog and other means of electronically threatening an individual or team
Having personally witnessed Dr. Barton's methods and approaches, the science and his applications are sound. The strategy for implementation is based upon several decades of experience and encompasses the legal framework necessary to sustain the scrutiny of law enforcement and the courts.

The actions that are utilized to address a growing threat by a person in the workplace takes a dedicated team, with the right tools and information at their fingertips. Making split second decisions based upon a lack of documented evidence, protocol failure to a set of written policies or just the wrong timing can open the doors for substantial and costly plaintiff suits.

Achieving a Defensible Standard of Care in the reality of today's volatile enterprises requires a sound governance strategy execution combined with new resources and tools to properly prepare for those almost certain legal challenges. Combining effective "BioPsychoSocial" subject matter expertise, along with the right people from legal, security, investigations, internal audit or corporate risk management can produce successful outcomes for "At Risk" employees and the entire enterprise.

This brings us to the next point regarding how a particular employee was allowed to get to the point of "No Return" in the workplace. Put on your thinking caps for a few minutes.

Whenever you have a Threat Management Team assembling to interdict a serious danger to the company, you immediately start to converge on the motive or reason why the person has or is acting against company policy or behaving in a threatening manner. It's natural to do so, as most people want to know what's causing the issue. Be careful. What seems to be the cause is only known as the "Proximate Cause." Do you really understand the "Root Cause" of the failure of people, processes, systems or some external events?

The analysis, investigation, documentation and presentation on what happened and why is the hard stuff. Getting to the "Truth" and getting answers to the "Root Cause" requires another team of specialty practitioners. These independent, outside risk advisory professionals should not be from any current or existing corporate supplier, auditor or management consultant. They truly need to be the independent, unbiased and diligent entity to discover the truth and to document the root cause of the incident. The goal is to eliminate the future threat and to mitigate any risks that may still be "lying in wait."

Corporate Management and Boards of Directors must continue to move to the left of the proximate cause on the risk management spectrum to be preemptive, proactive and preventive.

No comments:

Post a Comment