What is a threat assessment?

After yesRisk Assessmentterday’s post, it became evident many people had never heard of threat assessments in terms of  mental health and crime prevention. Typically assessments are not added to the calculus of overall preventative measures on a local law enforcement level. In most cases this is due to a misunderstanding of their usefulness. In other cases unfortunately, assessments are willfully avoided in an effort to limit agency liability. In the end, we all do assessments of people, situations, buildings, syndicates and so on daily, we just don’t formalize them and distribute them outside of a controlled group. After having conducted well over 400 assessments in the last five years, I’ve learned the only good assessment is one that can be acted upon. For this to happen, they have to be sent to the people who need them most. This piece will focus on some basic tenets of an assessment. Later, I will discuss the “to whom…” portion. Understand, an in-person class on assessments lasts 10 hours so what follows is a very compressed version.

The first thing to remember is threat assessments are dynamic. This is to say, what is accurate now may not be so in 10 minutes. For this reason, assessors expend a lot of energy keeping the assessment as accurate as possible. Most times, the assessment will hold for the time needed to take action whether that be mental health intervention or detainment. There are times however when the ink will have barely dried and the assessment needs to be updated. This point is very important to remember for two groups of people; the customer and the command staff. For this reason both the customer and command staff must dedicate a person to continually liaise with the assessment team so pertinent updates can be pushed quickly to the end users.

The next critical element of an assessment is research. Knowing the risk a subject poses comes in part from understanding from where they came both literally and figuratively. Assessors must dive deep into the history of the subject for this information. For law enforcement this means reading potentially dozens of police reports, arrest records, and field contact cards. The work can be tedious, but one nugget of information can make a life or death difference. For corporate security or contractors, research may be a major obstacle but it’s not one that cannot be overcome. Most counties across the country publish court records on-line and most police departments will provide copies of reports for a nominal fee. If that is all you have, then do what you can. Take a moment to research the subject’s digital world as well. For some, you may only find a digital shadow, while others have a significant digital footprint.

Once the research is complete, the assessor moves to the analysis phase. In reality, an assessment team would simultaneously dig and analyze, however in most agencies assessments fall on one or two people. For this reason, it is necessary to set aside time strictly for analysis. During this phase the assessor begins building a profile of the subject. They will answer questions like, is there a history of violence? What motivated the violence? What are the subject’s stressors? Based on known information, does the subject have a plan to commit violence? Do they have means, motivation, and opportunity? What is the subject’s pattern of life? Finally, as a byproduct of good analysis, the assessor should start seeing shatter-points or weak spots in the subject’s behavior. These become critical in the conclusion phase.

Post analysis, the assessment team needs to make a decision; what is the threat level? The assumption here is a threat matrix already exists. If it does not, then an assessment is nothing more than a research project. The best threat matrices are simple and contain at a minimum three levels. Threat matrices with five or more levels can be cumbersome and not conducive to true assessments. Once the assessment team has made a decision on the threat level, they need to be prepared to defend their choice. This is where the research and analysis will be scrutinized and tested. If done correctly, the threat level will coincide with the known information.

Finally, the conclusion of the assessment is where the customer will start their approach. The conclusion should highlight weaknesses in the subject’s pattern of life, violent plans, or criminal tendencies. These areas need to be exploited in order to frustrate the subject’s plan. By the time the customer reads the conclusion they should have already fo
rmulated a plan and know where their best chances of success lay. The conclusion is where analysis meets actions.

As you have probably noted by now, a full scale assessment will take time. For this reason, assessment teams should have a plan in place for short term assessments that can be used in the interim until a full scale product arrives. Regardless of the length, all assessments should provide actionable intelligence that can be taken by the customer and immediately applied to whatever operation is needed.