The Missing Link in Every Workplace Violence Prevention Program

A written workplace violence prevention program satisfies regulators. It does almost nothing to stop an attack. The gap between the two is behavioral threat assessment: the discipline of noticing, reporting, and acting on the concerning behaviors that precede nearly every act of targeted workplace violence, months before the policy binder is ever opened.

What Is a Workplace Violence Prevention Program, and Why Isn’t Compliance Enough?

A workplace violence prevention program is a written plan, required by law in California and recommended everywhere else, that defines how an employer identifies, reports, investigates, and responds to violence risk. Under California’s SB 553, every covered employer must maintain one, complete with a violent incident log, hazard evaluation procedures, and documented training. California’s Occupational Safety and Health Standards Board is required to formally adopt its general industry standard no later than December 31, 2026, with enforcement expected to follow closely behind, according to the California Department of Industrial Relations.

That deadline is why most companies currently building a program are focused on the document. Names and titles of responsible parties. Reporting procedures. A training log. All of it defensible in an audit, none of it aimed at the actual mechanism of violence.

The federal data on where violence in the workplace originates is unambiguous about the mismatch. Over the 2023–2024 period, private industry recorded 78,340 nonfatal violent-act cases resulting in days away from work, restriction, or job transfer, an annualized rate of 3.7 per 10,000 full-time workers with a median of 11 days lost per incident, according to the Bureau of Labor Statistics. Those numbers describe outcomes. A compliance plan describes paperwork. Neither one, on its own, describes the person of concern six weeks before the incident, which is where prevention actually happens.

What Warning Signs Does Behavioral Threat Assessment Actually Catch?

Behavioral threat assessment catches the pattern of observable behavior that precedes violence: not a single red flag, but a cluster of them building over time. The FBI’s Behavioral Analysis Unit, studying active shooter incidents between 2000 and 2013, found that attackers displayed an average of four to five concerning behaviors observable to others before they acted, most frequently tied to deteriorating mental health, breakdowns in interpersonal relationships, and “leakage” (the intentional or unintentional disclosure of violent intent).

None of those signals show up on an OSHA log. A previously engaged employee who abruptly withdraws from colleagues. A grievance that calcifies into fixation rather than fading. A divorce or custody dispute that HR already knows about but never flags to security. Individually, each looks like an HR matter, a performance issue, or none of the company’s business. Assessed together by a team trained to connect them, they form a recognizable pathway. The FBI’s follow-on report on threat management found that people of concern are roughly 16 times more likely to escalate toward violence when they display these behaviors to bystanders who never intervene, according to the FBI Behavioral Analysis Unit’s findings as reported by ASIS International’s Security Management magazine. The absence of intervention, not the absence of warning, is usually the failure point.

Why Do HR and Security Operate in Separate Silos, and What Does That Cost?

HR and security operate in separate silos because their systems were never built to talk to each other, and that separation is precisely what lets warning signs go unconnected. HR holds the personnel history: the disciplinary record, the leave-of-absence pattern, the exit interview nobody escalated. Security holds the incident data: the access anomaly, the parking lot altercation, the visitor who won’t leave. A functioning threat assessment program needs both data sets in the same room, evaluated by the same team, on a recurring cadence, not reconstructed after the fact during an incident review.

In the assessments we run for mid-market clients rebuilding their workplace violence program from scratch, the finding that surprises HR leaders most isn’t a missing policy. It’s that three or four people across the organization each held one piece of a pattern that, assembled, would have qualified for intervention months earlier. No process existed to assemble it.

This is also where a compliance-driven build tends to stall. A workplace violence prevention program gets written to satisfy the statute, then filed. What’s actually needed is a standing, cross-functional team with defined intake, evaluation, and escalation authority, the kind of structure ASIS International’s forthcoming Workplace Violence Prevention and Intervention Standard, open for public comment through July 2026, is attempting to formalize industry-wide.

What Does the SB 553 Deadline Mean for Employers Outside California?

The SB 553 deadline is a California-specific mandate, but it functions as a national preview: it is the clearest signal yet that regulators expect behavioral threat management, not just a policy document, to sit underneath workplace violence compliance. California Labor Code section 6401.9 took effect July 1, 2024, and the Occupational Safety and Health Standards Board must adopt a corresponding general industry standard by the end of this year.

No other state currently mandates a program with this level of specificity. That will not last. Multi-site employers with any California footprint are already building their programs to the SB 553 standard rather than maintaining two versions, and a handful of other states have workplace violence legislation moving through committee. Waiting for a home-state mandate to force the issue is a bet against the direction every serious regulatory and insurance body is currently heading.

Who Should Own Your Workplace Violence Prevention Program?

Ownership belongs with a named, credentialed individual who has both the security judgment to assess threat severity and the standing to pull HR, legal, and facilities into a room on short notice — not a shared responsibility scattered across departments that each assume someone else is watching. Most mid-sized organizations don’t have a full-time chief security officer role to give that person, and building one for this purpose alone rarely pencils out.

A fractional chief security officer engagement solves that gap directly: an experienced security executive who builds the threat assessment structure, trains the intake team, and stays accountable for the program’s effectiveness, not just its paperwork, without the cost of a full-time hire. Pairing that leadership with structured workplace threat and vulnerability assessment work and formal workplace violence prevention plan development and training turns a compliance document into an operating program. For the behavioral indicators HR teams are best positioned to catch first, see our related analysis on behavioral early-warning indicators in workplace violence prevention.

Executive Takeaway

In the next 30 days, name one accountable individual for your workplace violence prevention program and give that person explicit authority to convene HR, security, and legal on short notice. Audit whether your current program exists only as a document or functions as a standing behavioral threat assessment process — most fall into the first category. If you cannot say who reviewed a concerning-behavior report in the last 90 days, you don’t have a program. You have a policy.

Frequently Asked Questions

What should be included in a workplace violence prevention program? An effective program includes a written policy, a named responsible party, reporting and investigation procedures, a violent incident log, and recurring training. Beyond the required elements, it needs a standing cross-functional team empowered to evaluate reported concerns and intervene before behavior escalates — the piece most compliance-only plans omit entirely.

Is a workplace violence prevention plan legally required? Yes, in California, where SB 553 requires nearly all employers to maintain a written plan as of July 1, 2024. No federal mandate currently exists, though OSHA’s general duty clause obligates every U.S. employer to maintain a workplace free of recognized hazards, which increasingly includes violence risk.

What’s the difference between a workplace violence policy and a behavioral threat assessment program? A policy is a document describing procedures and responsibilities. A behavioral threat assessment program is the operational practice of identifying, evaluating, and intervening on specific individuals showing concerning behavior. Employers frequently have the first without the second, which limits the policy’s practical effect.

Who should be responsible for workplace violence prevention at a company? A named, credentialed security leader with cross-departmental authority should own the program, supported by a threat assessment team spanning HR, legal, and facilities. Diffusing ownership across departments without a single accountable leader is one of the most common reasons programs fail during an actual incident.

How do you identify warning signs of workplace violence before an incident occurs? Warning signs cluster rather than appear in isolation: withdrawal from colleagues, fixation on a grievance, deteriorating mental health, and leakage of violent intent. FBI research found active shooters displayed an average of four to five such behaviors beforehand, which is why cross-functional reporting matters more than any single indicator.

Does workplace violence prevention training actually reduce risk? Training reduces risk when it teaches employees to recognize and report specific behavioral patterns, not just policy awareness. Programs that stop at “know your emergency exits” leave the behavioral detection gap wide open; programs that train managers and HR to recognize and escalate concerning behavior close it.

Building or auditing a workplace violence prevention program that goes beyond the compliance document requires the kind of judgment a checklist can’t provide. Read Outsourced. Exposed. Out of Time. for a fuller look at where security programs are structurally exposed, and what closing that gap requires.


Sources

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

A vibrant, multigenerational team shares laughter and conversation over coffee in a naturally lit, relaxed office setting. Workplace safety culture, safety leadership, employee engagement in safety, accountability in workplace safety
Creating a Culture of Safety: Building Trust and Accountability in the Workplace
Written by: James Hart Your team’s culture could be its best defense against threats to its safety and security.  When organizations experience a fire, a product recall or other incidents, they often ...
Read More
Preventing Retail Theft: Strategies for Loss Prevention
Written by: James Hart Shoplifting is one of the most persistent threats to retail businesses — and one of the toughest to solve. Fortunately, you can substantially lower your company’s risks with ...
Read More
Mature manager meeting with warehouse worker to discuss supply chain security procedures
Supply Chain Security: Protecting Logistics Operations
By: James Hart Recent years have provided almost constant reminders about the importance of supply chains — and just how fragile they can be. Pandemics, shutdowns and natural disasters have all interrupted ...
Read More
Political unrest prevention, Community safety during elections
Last-Minute Security Tips for Election Season
Ensuring Safety and Reducing Disruptions With Election Day only a week away, businesses and community leaders are in the final sprint to prepare for any potential disruptions. While there may not be ...
Read More
Preventing mail room theft: tips for securing business mail and protecting sensitive information
Mail Room Theft and Fraud: Securing Your Business’s Mail Handling Processes
Your office building’s mail room could be an unexpectedly easy target for thieves looking to steal everything from banking information to brand-new electronics worth thousands of dollars. “In many properties, the mail ...
Read More
Workplace safety, standards, safety measures, employee training
Ensuring Workplace Safety: Best Practices for Protecting Employees
Written by: James Hart In a world like ours, businesses can’t afford to take workplace safety for granted. There’s a long list of reasons why preparedness and planning must be a priority ...
Read More
Crisis communication in action standing near a firetruck. Emergency safety. Protection, rescue from danger.
Building a Crisis Communication Strategy: Effective Communication During Emergencies
Written by: James Hart During a crisis, good communication can save lives. That’s especially true for larger office buildings.  Some properties hold thousands of people during a typical workday. If there’s a ...
Read More
de-escalation training: An image of a young woman at the center of a crowd feeling overwhelmed practicing de-escalation techniques
Effective De-escalation Techniques: Conflict Resolution Strategies
Written by: James Hart If your job requires you to talk to other human beings, then you could probably benefit from de-escalation training.  De-escalation is a conflict resolution strategy where security officers ...
Read More
a consultant and an executive walking the property discussing Residential Security
Home Security Tips: Safeguarding Residential Properties
Written by: James Hart Everyone deserves to feel safe in their own home.  Unfortunately, that can be harder for corporate executives, celebrities, wealthy families and others with high profiles or high net ...
Read More
businesswomen on the street - premium security at trophy property security
How Premium Security Services Set Trophy Properties Apart
Written by: James Hart It’s one of the most frustrating, longest-lasting effects of the pandemic: The market for office space continues to struggle as companies keep using hybrid or fully work-from-home schedules.  ...
Read More
Outsourced. Exposed. Out of Time.