Workplace Violence and Threats
Workplace violence and threat events involve threats, intimidation, coercion, stalking, harassment, physical harm, or behaviors that may create safety risk for people, facilities, or operations.
Incident Case Analysis & Real-World Context
Case basis: Notional composite. After a disciplinary action, an employee made threatening comments about a supervisor, attempted to access a restricted work area after hours, and posted hostile statements on a personal account. Coworkers were unsure where to report the concerns, and the first reports were handled separately by management, HR, and security. The case shows why threat-related insider events require coordinated intake, documentation, safety planning, access decisions, and privacy-aware review.
Why This Event Pattern Matters
Violence and threat cases matter because insider risk includes harm to people as well as harm to systems and data. These events require multidisciplinary coordination and careful documentation of objective behavior, not unsupported conclusions.
Common Event Scenarios & Progression Path
Triggering workplace event such as discipline, termination, grievance, conflict, or role change.
Threatening, intimidating, or coercive statements or behavior.
Potential facility, badge, schedule, or executive-location exposure.
Fragmented reporting across HR, management, security, and legal channels.
IRCF™ Capability Alignment
Lessons from this event pattern directly map to the following canonical Insider Risk Capability Framework™ (IRCF™) components for organizational capability improvement:
Insider Threat Matrix Alignment
Matrix mapping may involve motive and means, but the Matrix should not replace threat-management expertise. Use it only to describe supported behavior such as unauthorized access, coercion, or attempts to reach people or facilities.
Controls & Safeguards to Leverage
Relevant Program Metrics & KPIs
Legal, Privacy, and Ethical Cautions
Threat and violence cases require Legal, HR, privacy, safety, and threat-management review. Content should not provide legal, clinical, or law-enforcement advice. Protect privacy and avoid unsupported labels.
Source References & Investigation Fact-Verification
Related BoK Hub Reference Pages
Operationalize This Learning
Need to evaluate whether this scenario is covered in your environment? Use RiskTKO® or request a Guided Exposure Assessment to evaluate your current control coverage, capability maturity, and exposure trends.