6 min read

Workplace Violence Threat Assessment: A Guide for Employers

Craig BiggsFounder & CEO

September 16, 2024

Workplace Violence Threat Assessment: A Guide for Employers

Defining Workplace Violence Why Threat Assessment Matters Components of an Effective Workplace Violence Threat Assessment Program High-Risk Situations That Warrant Immediate Assessment Recognizing Warning Behaviors Legal and Policy Considerations Post-Termination and Separation Planning Building Organizational Capacity Getting External Support

Defining Workplace Violence

Workplace violence covers a range of conduct. It includes threatening communications, harassment, physical assaults, and at the most severe end, targeted attacks. The Occupational Safety and Health Administration (OSHA) identifies four categories:

Type I: Criminal intent, violence by someone with no legitimate connection to the workplace
Type II: Customer/client, violence by someone the organization serves
Type III: Worker-on-worker, violence between employees or former employees
Type IV: Personal relationship, violence by someone with a personal relationship with an employee, such as a domestic partner

For most employers, Type III and Type IV are the primary concerns that a workplace violence threat assessment program addresses.

Why Threat Assessment Matters

Traditional security measures include access control, cameras, and security personnel. These are designed mainly to detect and respond to threats that have already materialized. Threat assessment works earlier in the process. It engages when a pattern of behavior suggests elevated risk but before an incident has occurred.

Research on workplace violence shows that attackers communicate their intent before acting. This can happen through:

Direct threats
Social media posts
Statements to coworkers
Conduct that raises concern

Organizations with functioning threat assessment programs receive and act on that information. Organizations without them often discover, after the fact, that warning signs were visible and missed.

The legal dimension is also significant. Employers who knew or should have known about a threat and failed to act on it face significant liability exposure. A documented threat assessment process shows that the organization took the concern seriously and responded appropriately.

Components of an Effective Workplace Violence Threat Assessment Program

A reporting mechanism. Employees need a clear, accessible way to report concerns about a coworker's behavior, ideally anonymously. Without a reporting pathway, warning signs that employees observe stay invisible to the organization.

A multidisciplinary threat assessment team. Effective workplace violence prevention requires input from multiple perspectives: human resources, security, legal, and in some cases mental health professionals. A standing team with defined roles and decision-making authority is more effective than an improvised response to each situation.

A structured assessment protocol. When a concern is reported, the team follows a defined process. That process includes gathering information, analyzing risk using an evidence-based framework, making intervention decisions, and documenting the work. Ad hoc, unstructured responses are neither effective nor defensible.

Calibrated interventions. Not every concern warrants the same response. A structured assessment produces findings that let the team calibrate its response to the level of risk. Lower-risk situations may call for monitoring and supportive outreach. Higher-risk ones may require law enforcement coordination and protective measures.

Ongoing case management. Workplace violence risk is dynamic. A situation that appears low-risk today may escalate following a triggering event: a termination, a domestic situation, a legal proceeding. Cases should be monitored and managed until the risk has demonstrably resolved.

High-Risk Situations That Warrant Immediate Assessment

Some situations are predictably higher risk and should trigger a formal threat assessment:

Terminations. The period around an involuntary termination is statistically elevated for workplace violence risk. Risk rises further when the employee has grievances, exhibits concerning behavior, or has access to weapons. A pre-termination threat assessment lets the employer plan the termination process appropriately.

Restraining orders. When an employee is the subject of or is seeking a domestic violence restraining order, the workplace may become a contact point for a dangerous individual. Threat assessment and protective planning are appropriate in these situations.

Escalating conflict. Workplace disputes can escalate in intensity or involve threatening language. This applies to disputes between coworkers, between an employee and management, or between an employee and a customer. Formal assessment is warranted in these cases.

Individuals exhibiting significant deterioration. A significant, visible decline in an employee's behavior, conduct, or statements warrants attention. This is especially true following a personal crisis, and action should come before the situation progresses.

Recognizing Warning Behaviors

Experienced threat assessors distinguish between behaviors that are merely unusual or unwelcome and behaviors that correlate empirically with movement toward violence. The literature on targeted attacks identifies several warning behaviors that deserve particular attention:

Pathway behavior: research, planning, preparation, or rehearsal for an attack
Fixation: an increasingly pathological preoccupation with a person or cause
Identification: adopting the persona of a "warrior" or identifying with previous attackers
Leakage: the communication of intent to a third party before an act

None of these behaviors is deterministic. An employee who makes an angry comment is not necessarily on a pathway to violence. Overreacting to isolated statements creates its own harms, including defamation exposure, discrimination claims, and the chilling of legitimate workplace communication. The discipline lies in distinguishing transient expressions of frustration from behaviors that cluster, intensify, or become operational. That distinction typically requires trained assessors. In more serious matters, it also requires investigative work that clarifies the subject's history, access to weapons, relationships, and recent stressors. When these questions exceed what an internal team can answer, targeted background investigations and discreet surveillance can supply factual context that turns speculation into informed judgment.

Legal and Policy Considerations

Workplace violence prevention sits at the intersection of several legal regimes, and an effective program has to account for all of them. OSHA's General Duty Clause obligates employers to provide a workplace free of recognized hazards. Workplace violence is increasingly treated as such a hazard, particularly in healthcare, retail, and social services. The Americans with Disabilities Act places limits on how employers may inquire into medical conditions, even when mental health concerns are part of a threat picture. Title VII, state anti-discrimination statutes, and state labor laws constrain how adverse employment actions are taken. Privacy laws govern how information about employees and third parties can be gathered, stored, and shared.

None of these frameworks prohibits effective threat assessment. They do, however, reward organizations that build their programs carefully and penalize those that act on hunches, rumors, or protected characteristics. Written policies should define:

What constitutes a reportable concern
Who receives reports
How information is documented
How decisions are made
How records are retained

Policies should also identify when counsel is engaged, when law enforcement is contacted, and when protective orders or trespass notices are sought. Law firms that advise employers in this space often coordinate with outside investigators. Our law firm clients retain us to conduct the factual work that supports both preventive planning and, where necessary, litigation.

Post-Termination and Separation Planning

The days and weeks surrounding a separation deserve particular operational attention. A pre-termination assessment should consider:

The subject's access to facilities, systems, and weapons
Their relationships with remaining employees who might be targets of anger or retaliation
The presence of personal stressors that amplify risk, such as divorce, financial collapse, or substance use
Their response history to previous setbacks

The termination meeting itself should be planned with input from security. That planning should address timing, location, who is present, how property is recovered, how systems access is revoked, and how the individual departs the premises.

For higher-risk separations, protective planning may extend well past the termination date. That can include heightened access controls, notice to reception and front-line staff, monitoring of public posts when legally permissible, and coordination with the subject's residence or local law enforcement. In matters involving departing executives or employees suspected of misconduct, parallel inquiries may be warranted. Our executive misconduct investigation work frequently intersects with threat considerations, because the same pressures that surface misconduct also create conditions in which retaliation becomes foreseeable.

Building Organizational Capacity

A threat assessment program is only as strong as the people who feed it. Frontline supervisors, human resources personnel, and receptionists are typically the first to notice changes in behavior or to receive disclosures from concerned coworkers. If they do not know what to look for, how to document what they see, or whom to contact, the program's most important inputs never reach the team. Structured training closes that gap. Realistic exercises give team members practice in applying the protocol under conditions that resemble actual cases. Useful scenarios include anonymous reports, client-initiated threats, and post-termination stalking. Our training team works with organizations to deliver this kind of instruction, tailored to industry, facility profile, and existing policy.

Capacity also depends on relationships built before they are needed. Local law enforcement, mental health providers, private security partners, and outside counsel should be identified in advance, not located under pressure during an active case. Organizations that schedule periodic tabletop exercises with these partners discover gaps in communication, authority, and information sharing while there is still time to fix them.

Getting External Support

Many organizations benefit from external threat assessment consulting support. This is especially true for those without dedicated security staff. An experienced outside assessor brings specialized training, objectivity, and legal defensibility that internal staff cannot always provide.

Our workplace threat assessment services are delivered by security professionals with direct experience in threat management and targeted violence prevention. Corporate clients fold threat assessment into broader programs. Our training team delivers the de-escalation, reporting, and response training that lets threat-assessment findings actually be acted on. We work with organizations to assess specific situations, build internal programs, and conduct training for threat assessment teams. Schedule a consultation to discuss your organization's needs.