The Missing Link in Every Workplace Violence Prevention Program

A written workplace violence prevention program satisfies regulators. It does almost nothing to stop an attack. The gap between the two is behavioral threat assessment: the discipline of noticing, reporting, and acting on the concerning behaviors that precede nearly every act of targeted workplace violence, months before the policy binder is ever opened.

What Is a Workplace Violence Prevention Program, and Why Isn’t Compliance Enough?

A workplace violence prevention program is a written plan, required by law in California and recommended everywhere else, that defines how an employer identifies, reports, investigates, and responds to violence risk. Under California’s SB 553, every covered employer must maintain one, complete with a violent incident log, hazard evaluation procedures, and documented training. California’s Occupational Safety and Health Standards Board is required to formally adopt its general industry standard no later than December 31, 2026, with enforcement expected to follow closely behind, according to the California Department of Industrial Relations.

That deadline is why most companies currently building a program are focused on the document. Names and titles of responsible parties. Reporting procedures. A training log. All of it defensible in an audit, none of it aimed at the actual mechanism of violence.

The federal data on where violence in the workplace originates is unambiguous about the mismatch. Over the 2023–2024 period, private industry recorded 78,340 nonfatal violent-act cases resulting in days away from work, restriction, or job transfer, an annualized rate of 3.7 per 10,000 full-time workers with a median of 11 days lost per incident, according to the Bureau of Labor Statistics. Those numbers describe outcomes. A compliance plan describes paperwork. Neither one, on its own, describes the person of concern six weeks before the incident, which is where prevention actually happens.

What Warning Signs Does Behavioral Threat Assessment Actually Catch?

Behavioral threat assessment catches the pattern of observable behavior that precedes violence: not a single red flag, but a cluster of them building over time. The FBI’s Behavioral Analysis Unit, studying active shooter incidents between 2000 and 2013, found that attackers displayed an average of four to five concerning behaviors observable to others before they acted, most frequently tied to deteriorating mental health, breakdowns in interpersonal relationships, and “leakage” (the intentional or unintentional disclosure of violent intent).

None of those signals show up on an OSHA log. A previously engaged employee who abruptly withdraws from colleagues. A grievance that calcifies into fixation rather than fading. A divorce or custody dispute that HR already knows about but never flags to security. Individually, each looks like an HR matter, a performance issue, or none of the company’s business. Assessed together by a team trained to connect them, they form a recognizable pathway. The FBI’s follow-on report on threat management found that people of concern are roughly 16 times more likely to escalate toward violence when they display these behaviors to bystanders who never intervene, according to the FBI Behavioral Analysis Unit’s findings as reported by ASIS International’s Security Management magazine. The absence of intervention, not the absence of warning, is usually the failure point.

Why Do HR and Security Operate in Separate Silos, and What Does That Cost?

HR and security operate in separate silos because their systems were never built to talk to each other, and that separation is precisely what lets warning signs go unconnected. HR holds the personnel history: the disciplinary record, the leave-of-absence pattern, the exit interview nobody escalated. Security holds the incident data: the access anomaly, the parking lot altercation, the visitor who won’t leave. A functioning threat assessment program needs both data sets in the same room, evaluated by the same team, on a recurring cadence, not reconstructed after the fact during an incident review.

In the assessments we run for mid-market clients rebuilding their workplace violence program from scratch, the finding that surprises HR leaders most isn’t a missing policy. It’s that three or four people across the organization each held one piece of a pattern that, assembled, would have qualified for intervention months earlier. No process existed to assemble it.

This is also where a compliance-driven build tends to stall. A workplace violence prevention program gets written to satisfy the statute, then filed. What’s actually needed is a standing, cross-functional team with defined intake, evaluation, and escalation authority, the kind of structure ASIS International’s forthcoming Workplace Violence Prevention and Intervention Standard, open for public comment through July 2026, is attempting to formalize industry-wide.

What Does the SB 553 Deadline Mean for Employers Outside California?

The SB 553 deadline is a California-specific mandate, but it functions as a national preview: it is the clearest signal yet that regulators expect behavioral threat management, not just a policy document, to sit underneath workplace violence compliance. California Labor Code section 6401.9 took effect July 1, 2024, and the Occupational Safety and Health Standards Board must adopt a corresponding general industry standard by the end of this year.

No other state currently mandates a program with this level of specificity. That will not last. Multi-site employers with any California footprint are already building their programs to the SB 553 standard rather than maintaining two versions, and a handful of other states have workplace violence legislation moving through committee. Waiting for a home-state mandate to force the issue is a bet against the direction every serious regulatory and insurance body is currently heading.

Who Should Own Your Workplace Violence Prevention Program?

Ownership belongs with a named, credentialed individual who has both the security judgment to assess threat severity and the standing to pull HR, legal, and facilities into a room on short notice — not a shared responsibility scattered across departments that each assume someone else is watching. Most mid-sized organizations don’t have a full-time chief security officer role to give that person, and building one for this purpose alone rarely pencils out.

A fractional chief security officer engagement solves that gap directly: an experienced security executive who builds the threat assessment structure, trains the intake team, and stays accountable for the program’s effectiveness, not just its paperwork, without the cost of a full-time hire. Pairing that leadership with structured workplace threat and vulnerability assessment work and formal workplace violence prevention plan development and training turns a compliance document into an operating program. For the behavioral indicators HR teams are best positioned to catch first, see our related analysis on behavioral early-warning indicators in workplace violence prevention.

Executive Takeaway

In the next 30 days, name one accountable individual for your workplace violence prevention program and give that person explicit authority to convene HR, security, and legal on short notice. Audit whether your current program exists only as a document or functions as a standing behavioral threat assessment process — most fall into the first category. If you cannot say who reviewed a concerning-behavior report in the last 90 days, you don’t have a program. You have a policy.

Frequently Asked Questions

What should be included in a workplace violence prevention program? An effective program includes a written policy, a named responsible party, reporting and investigation procedures, a violent incident log, and recurring training. Beyond the required elements, it needs a standing cross-functional team empowered to evaluate reported concerns and intervene before behavior escalates — the piece most compliance-only plans omit entirely.

Is a workplace violence prevention plan legally required? Yes, in California, where SB 553 requires nearly all employers to maintain a written plan as of July 1, 2024. No federal mandate currently exists, though OSHA’s general duty clause obligates every U.S. employer to maintain a workplace free of recognized hazards, which increasingly includes violence risk.

What’s the difference between a workplace violence policy and a behavioral threat assessment program? A policy is a document describing procedures and responsibilities. A behavioral threat assessment program is the operational practice of identifying, evaluating, and intervening on specific individuals showing concerning behavior. Employers frequently have the first without the second, which limits the policy’s practical effect.

Who should be responsible for workplace violence prevention at a company? A named, credentialed security leader with cross-departmental authority should own the program, supported by a threat assessment team spanning HR, legal, and facilities. Diffusing ownership across departments without a single accountable leader is one of the most common reasons programs fail during an actual incident.

How do you identify warning signs of workplace violence before an incident occurs? Warning signs cluster rather than appear in isolation: withdrawal from colleagues, fixation on a grievance, deteriorating mental health, and leakage of violent intent. FBI research found active shooters displayed an average of four to five such behaviors beforehand, which is why cross-functional reporting matters more than any single indicator.

Does workplace violence prevention training actually reduce risk? Training reduces risk when it teaches employees to recognize and report specific behavioral patterns, not just policy awareness. Programs that stop at “know your emergency exits” leave the behavioral detection gap wide open; programs that train managers and HR to recognize and escalate concerning behavior close it.

Building or auditing a workplace violence prevention program that goes beyond the compliance document requires the kind of judgment a checklist can’t provide. Read Outsourced. Exposed. Out of Time. for a fuller look at where security programs are structurally exposed, and what closing that gap requires.


Sources

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

Securing Office Buildings - The façade of a class A office tower - best practices for commercial building security
Securing Office Buildings: Best Practices for Property Managers Seeking a Safer, More Secure Environment
Written by: James Hart As competition for tenants remains high, property managers must not overlook the importance of effectively securing their office buildings, according to experts from Chesley Brown International, the security ...
Read More
Picture of a man (Director Ray Strobel) wearing a suit standing in front of a Chesley Brown Flag.
Introducing Ray Strobel: Director of the Waterfront
We're thrilled to announce the promotion of Ray Strobel to the role of Public Safety Director at the Waterfront in Pittsburgh's Steel Valley! Ray brings with him a wealth of experience and ...
Read More
Isabella Mazza - Business Development Analyst
Employee Spotlight: Isabella Mazza
We're thrilled to introduce Isabella Mazza, the newest rockstar on our team at Chesley Brown International. Ready for some real talk and a sneak peek into Isabella's world? Well, you're in for ...
Read More
how security enhances Commercial Property Values
The Economic Benefits of Private Security: Enhancing Commercial Property Values
As the world becomes increasingly unpredictable, it’s no surprise that businesses are focused on protecting their assets. While public security initiatives have long been at the forefront of ensuring public safety, private ...
Read More
Maximizing security with a limited budget
Maximizing Security Without Breaking the Bank: Practical Tips for Organizations with Limited Budgets
In today's digital landscape, security threats are everywhere and no organization is immune to them. However, with limited budgets for security measures, organizations often face a tough challenge in ensuring that they ...
Read More
Electric vehicle charging station. Image is used to show EV fire hazards
The Hazards of EV Charging Stations
Written by: Andy Marsh Fire and Life Safety Manager Chesley Brown International Technological advances have been the driving force behind the way we communicate, the way we work, and possibly even the ...
Read More
An engineer and the safety team walking a construction site discussing risk awareness and executive protection
How to Foster a Culture of Risk Awareness and Responsibility
In a world where new threats seem to emerge every single day, how can businesses protect themselves from the next danger hiding around the corner?  Technology can help. So can guidance from ...
Read More
Two young professionals working on Organizational Resilience
Organizational Resilience: How Companies Can Navigate Security Threats — and Even Grow Stronger as a Result
It’s impossible to prepare for every single security threat facing your business. You can identify all the potential dangers that you’ve seen before —- petty crime, fire, natural disaster, fraud — and ...
Read More
Woman unlocking a door with a key card - The best Business Security Systems for Property Managers
Secure Your Business: The Top Business Security Systems for Property Managers
As a property manager, you are responsible for the security of your business premises and the assets that are within it. With criminal activities on the rise, ensuring maximum safety for your ...
Read More
businessman man handing a tenant keys to their new property. How Security Can Help Property Managers Combat High Tenant Vacancy Rates.
How Security Can Help Property Managers Combat High Tenant Vacancy Rates
Across the country, office occupancy rates are the worst they’ve been in years. According to Cushman & Wakefield, national vacancy rates rose to 18.6% during the first quarter of 2023 — similar ...
Read More
Outsourced. Exposed. Out of Time.