Assessing and Tracking Threats

Assessing and Tracking Threats – Protecting Your Employees and Your Company

Stephen Moore

Introduction to  Assessing and Tracking Threats

Recent incidents of violence in the workplace in Canada tragically illustrate what happens when threats materialize into actions; they serve as a stark reminder to businesses across the country of their responsibility to protect their employees in the spirit of “due diligence” and “due care and attention.” Rarely, if ever, do these violent situations manifest themselves without some sort of prior indicators. This underscores the importance of having proper procedures in place to track and assess threats to your employees. Take the time to review the following recommendations to determine whether your company is prepared to address threats to employees.

Define “threat”

A threat should trigger some form of action – whether it is simply documenting the incident in a security log or informing law enforcement authorities. Before getting there it is important to make sure that everyone understands what a “threat” is from the company perspective. While some threats – such as threats of death or serious bodily harm – are obvious to most people, others may be less apparent. Threats can be directed at disrupting business, individual employees, or different company departments (i.e., Human Resources), and can be verbal or written. Because everyone has a different tolerance level as to what constitutes a threat, it is important that the company makes it clear to all employees. Employees should be encouraged to err on the side of caution and to follow the airport security adage: “If you see [or hear] something, say something.”

Define what is considered a “threat” from the company perspective to ensure that all employees understand when follow-on action must occur, regardless of whether or not they feel threatened.

Stipulate Employee Actions Following Receipt of a Threat

Once a threat that meets the company threshold is received the appropriate follow-on actions must be defined. In the face of an immediate and serious threat calling police is an obvious first step; however, it is important that all threats – whether they result in police being called or not – are also reported to the company management. Depending on the size of the company, this information would flow through the company security officer or the individual looking after contracted security. Details on reporting procedures should be clearly stipulated, including how to file a report, the timeframe within which to report it and actions to be taken if a threat is received during non-business hours, to mention a few considerations. Clearly stipulate to your employees those actions to be taken following receipt of a threat, including to whom, how, and when reports are be made.

Define Threat Assessment Procedures

Once a threat is reported and immediate actions (such as calling the police) have been taken, management must decide what additional actions, if any, are warranted. These might include enhancing the security posture, sending an advisory to all employees, or simply ensuring the threat is properly recorded using the 5 Ws (Who, What, When, Where, and How).

Following immediate actions required to safeguard your employees from imminent threats, management should review the threat to determine what, if any, further action is required.

Track Threats

All threats received by a company or its employees should be recorded and tracked. This will ensure that multiple threats that are received by different people or in different formats are not misinterpreted as a single event. It can also provide a record over time to assist law enforcement and/or company legal advisors in taking additional action, as required. A threat tracking system does not have to be complex or expensive. It should, however, be as detailed as possible and, at a minimum, should include the following information:

  • Who received the threat
  • When and where the threat was received
  • The details of the threat – as accurately as possible describe what was said or how the information was received
  • Details of the person or persons that initiated the threat
  • All follow-on actions are taken

All threats should be recorded and tracked as accurately as possible (use the 5Ws) to assist in follow-on investigation and/or actions.

Review and Analyze Threats

Someone within the company should be assigned to review and analyze threats on a regular basis. All threats that are tracked and recorded as per above should be collated and reviewed to look for patterns, trends and or indications of escalation and, where concerns exist, law enforcement authorities should be consulted and company management informed. This responsibility will likely fall to the company security officer or security staff; however, accountability for ensuring this information is collated and acted upon, where appropriate, remains with management at all levels. Good communications will lead to good threat mitigation strategies and situational awareness throughout your company.

Threat information should be collated and analyzed and, where concerns exist, law enforcement authorities should be consulted and company management informed.


Assessing and tracking threats does not have to be an expensive and complicated endeavour. Of course, larger companies will necessarily require more resources to record, track and follow up on threats; however, with a good communications and intelligence plan, it is not overly difficult to put an effective threat assessment and tracking program in place. The recommendations provided above will help you make informed decisions protecting your employees and your business.