​Recent guidance from the U.S. Secret Service, Enhancing School Safety Using a Threat Assessment Model: An Operational Guide for Preventing Targeted School Violence, offers baseline information for developing a threat assessment team (TAT) to mitigate potentially violent or devastating events at K-12 schools in the United States. 

The Secret Service advocates for a five-step process to establish a TAT with a multidisciplinary approach to information sharing. For each step, the author will provide guidance that extends beyond the scope of the Secret Service report with additional threat prevention measures.

1. Establish a multidisciplinary team.

The TAT is designed to direct, manage, and document threat assessment processes. Assemble a team from a variety of disciplines, which may include teachers, school guidance counselors, coaches, school resource officers, mental health professionals, and school administrators. Have a designated leader with the authority to act immediately in cases where time is of the essence. Meet on a regular basis and when needed if there is an emergent concern. These meetings should include dealing with potential threat indicators, training and role-playing focused on building confidence and capability, and building rapport and confidence in other team members.

Additional guidanc​e: Threat assessment is an intelligence-led activity and requires a certain skill set to synthesize information. Schools could partner with an agency or consider employing an employee with an intelligence background. The Multi-State Information Sharing and Analysis Center (MS-ISAC) also offers valuable trend information on physical and cyber threats that could be useful for the TAT. 

2. Define prohibited and concerning behavior.

Concerning behavior progresses through a continuum, and policies must consider warning signs, which include “a marked decline in performance; increased absenteeism; withdrawal or isolation; sudden or dramatic changes in behavior or appearance; drug or alcohol use; and erratic, depressive, and other emotional or mental health symptoms,” according to the report. Policies and procedures should be set in place to monitor and direct action to collect additional information to consider if these are indeed a concern.

Additional guidance: The Secret Service does allude to a continuum, but there is no specific guidance on how to categorize threats. A more in-depth understanding of transient and substantive threats is needed. It may be advisable to develop a tailored process map for each TAT, which describes each step and indicates responsibility in each phase to avoid anything falling through the cracks. 

3. Create a central reporting system.

Establishing a central reporting system is crucial to all other threat assessment activities. Schools should establish multiple streams of information that could include online reporting, email, phone, and face-to-face communication. No reporting should be dissuaded but educating the school community on what to report will increase the validity of information. Document thoroughly when responding to each report, categorizing threats, and determining whether to act. Anonymous reporting should be an option for those who are uncomfortable coming forward in a formal or public way. It is important to handle each case with professionalism, considering privacy and confidentiality concerns.

Additional guidance: Consider partnering with an Information Sharing and Analysis Center (ISAC), which is a nonprofit organization that provides an avenue for two-way sharing between the public and private sectors. Though ISACs have traditionally dealt with cyber and physical security, the model could be used to develop information sharing practices related to threat assessment. ​

4. Determining the threshold for law enforcement intervention.

Law enforcement intervention may be needed in some cases, though it may not be involved in all threat assessment efforts. Create policies and procedures to indicate when law enforcement should be involved—for example, in cases that deal with weapons, threats of violence, and physical violence. Law enforcement should be involved when elements of a crime are present.

Additional guidance: Certain privacy laws set limitations on law enforcement activity when it comes to minors. School administrators and the TAT should familiarize themselves with state law before developing policies and procedures around law enforcement response.

5. Establish assessment procedures.

Establishing threat assessment procedures will help paint an accurate picture of the student’s thinking and behavior, formalize a reporting structure, and identify appropriate interventions. Documentation is once again stressed, with creation of forms and templates to capture necessary information. The report recommends a community-wide approach and encourages a brainstorming exercise on sources of potentially helpful information. This exercise can be repeated once an individual of concern is identified for information more specific to that person. Additionally, social media should be examined to gain information, interviews should be conducted, and the student’s locker should be searched. 

Additional guidance: The Secret Service guidance seems to only consider internal threats—mainly students—but narrowing the focus is a risk in and of itself. A threat could be anyone: a teacher, contractor, administrator, or someone not associated with the school. 

Threat assessment is a necessary part of threat prevention at every K-12 school. Threat assessment programs and teams will be more successful if they are a function of an overarching enterprise risk management process, fueled by both internal and external sources of information.

Cody Mulla, CPP, has 20 years of experience in security and crisis management. He has worked supporting both the private and public sectors and is a member of the ASIS International School Safety and Security Council and the Utilities Security Council.​