We’ll be at Compliance Week National 2024 in Washington, D.C., April 2-4. Learn more or schedule a time to meet with us at the show here.

#Article

Pandemic Violence has Shown That Vulnerability and Threat Assessments Are More Important than Ever Before


Pandemic Violence has Shown That Vulnerability and Threat Assessments Are More Important than Ever Before

Knowing the threats you face can help you prevent violent workplace incidents

As COVID-19 continues to ravage our way of life, it seems that there are more acts of violence in the workplace. We hear of workplace shootings, bombings, and more acts of violence in businesses every day.

No matter the size or type of business, you have a responsibility to your employees and to your clients and customers to keep everyone as safe as possible. The frustrations, anger, fear and layoffs from the pandemic are creating a perfect storm of volitivity and potential violence.

It is more important than ever that your business understands the risks and the steps you can take to conduct security vulnerability and threat assessments in order to mitigate potential violence as much as possible.

Identify and track your risks even better with our free risk assessment tools

This risk assessment form will help you define the scope; identify your threats or hazards; calculate likelihood, consequences and risk ratings; and create an action plan. Use the risk matrix to communicate your findings quickly and easily.


Get the Template

What is a Vulnerability Assessment?

A vulnerability assessment is a methodical and logical process in which specific tools and techniques are used to assess systems, technologies and procedures in order to identify weaknesses and vulnerabilities to potential attacks. They are also used to improve security and to provide counter-measures to risks.

A vulnerability assessment should be conducted at regular intervals. Vulnerabilities are always present in many ways and they continually change over time. You can’t eliminate them entirely, you can’t use a software package to find them, and you can’t just walk around with a checklist and find them.

Most importantly, you can’t assume that since you haven’t had an incident that you are secure.  While most vulnerability areas can be found and eradicated, they can’t all be fully eliminated.

RELATED: How to Use a Risk Assessment Matrix

Vulnerability Assessment vs. Threat Assessment

The differences between a vulnerability assessment and a threat assessment are important to understand.

A vulnerability assessment identifies weaknesses and vulnerabilities, where a threat assessment is a method of assessing and anticipating who might attack, what/where they might attack, what goals they have, and the probability of a “when-where-and-why scenario”.

It helps you decide what kind of and how much security is needed. You cannot determine the details of a possible attack, but you can use the intelligence data to become proactive to develop countermeasures in order to protect your buildings, infrastructures, data, personnel, etc.

The purpose of a vulnerability assessment is to improve security by finding and identifying weaknesses, while the purpose of a threat assessment is to determine exactly what type of security is necessary. Each is important and necessary to protect your employees, clients, and your physical premises.

While it is not possible to achieve zero vulnerability, these assessments go a very long way to protecting and preventing an incident of violence.

RELATED: Protecting Your Organization with Vulnerability and Threat Assessments

Recognize Your Company's Vulnerabilities

The most important thing in conducting vulnerability and threat assessments is that you have them done by assessors who are both competent and who are willing to be honest with you. Remember, it is not bad news to find vulnerabilities or to determine possible threats. It is the best way of being proactive to protect your company, your employees, your customers, and your assets.


Timothy Dimoff
Timothy Dimoff

President, SACS Consulting & Investigative Services

Timothy A. Dimoff, CPP, president of SACS Consulting & Investigative Services, Inc., is a speaker, trainer and author and a leading authority in high-risk workplace and human resource security and crime issues.
He is a Certified Protection Professional; a certified legal expert in corporate security procedures and training; a member of the Ohio and International Narcotic Associations; the Ohio and National Societies for Human Resource Managers; and the American Society for Industrial Security. He holds a B.S. in Sociology, with an emphasis in criminology, from Dennison University.