Identifiable Risks Are Manageable Risks

by | November 17, 2021

Editor’s note: This article is part of a series. Click here for the previous article.

Gordon Graham here and again thanks for taking the time to read these brief articles on the 10 Families of Risk. This series has been in the making for four years now—my gosh, how time flies! As I think about this though, it should not have surprised me. I write one piece a month and we are closing in on “half a hundred.” (I remember reading that phrase in a poem as a kid—“half a hundred bridges”—and it sounded pretty cool to use that phrase instead of “50,” but enough of that.)

And again, thank you for your emails (and occasional phone calls) regarding how this series of writings has made you think differently or how a specific article helped you in some manner. This follow-up on your part is so much appreciated. Knowing the articles provide an immediate benefit makes the monthly effort worthwhile.

In my opening article of this series, I introduced you to the 10 Families of Risk. The idea to organize risk in this manner came from the questions I repeatedly received from attendees of my live programs way back in the early ’80s. “Gordon, I like what you are saying, but where do we get started?” This question (in different forms) was not occasional—I heard it in program after program—and I was frustrated I did not have the answer.

Please remember that “way back then,” there was no one else talking about risk management in public safety operations. While there are a lot of speakers talking about this discipline today, back then it was just me and my lonesome. I was using my background and education at the Institute of Safety and Systems Management (coupled with my experience as a cop and a supervisor and my legal education) and trying to build “control measures” to prevent problems from occurring. This was uncharted territory.

I knew that risk management worked, and it finally hit me in the late ’80s that I could put together a system to simplify the thinking on this complex area of concern.

Not to bore you, but there was so much going on in my life back then with my full-time California Highway Patrol job as a Sergeant in Central Los Angeles (putting out a crew of recent academy graduates every day on afternoon shift), trying to build my law practice, and trying to do the best I could do as a husband and father.

Regarding the law practice, I knew I wanted to defend cops and law enforcement agencies, so I began to look at how we get sued. I quickly learned that too much of our litigation comes from inside our departments—the HR and personnel issues. Job-based harassment was a huge issue back then, particularly sex and race harassment allegations. Narrowing it down further, too many of these allegations alleged “hostile work environment.”

What is a hostile work environment? One of the definitions is “severe, pervasive, pattern and practice of misconduct directed at individuals in a protected class.” If I was a plaintiff lawyer and I was suing a police or fire department in this type of case I would have to prove five things to a judge and/or jury:

  1. My client is a member of a protected class.
  2. There are bad behaviors going on adverse to my client’s protected class status.
  3. The department knew or should have known this was going on.
  4. No one in the department did anything to stop this inappropriate behavior.
  5. As a result of the department’s failure to address this behavior, my client suffered a terrible harm or loss.

And if I could prove all five elements, you would owe my client a ton of money—and I would take 40%.

In law talk, this is called the burden of proof. It is on the plaintiff lawyer to meet the burden of proof. In risk management, it is called an identifiable risk—and every identifiable risk is a manageable risk!

With all of this in mind, 35 years ago I put together a control measure and I called it APE—mandatory review of the harassment policy with all personnel during their APE (annual performance evaluation).

I mention APE I my live programs and I have been sending out this control measure to leaders in organizations for almost four decades—and it works. You can access a copy of APE (it is free) here.

But getting back to the past, I knew that risk management worked, and it finally hit me in the late ’80s that I could put together a system to simplify the thinking on this complex area of concern. I do my best thinking on airplanes and on a flight one day, I took all the risks and put them into families (it ended up being 10).

Using this structure, I realized that if I could…

  • Get people to think about their specific organization (and this is not limited to public safety; I have worked with most of the high-risk professions); and
  • Identify the risks they face in each of these 10 families (both systemic—those that apply to every organization in that profession—and idiosyncratic—risks specific only to you because of something unique in your locale or environment); and
  • Then put together viable control measures (policies, procedures, protocols, rules, directives, SOs, GOs, programs, initiatives); and
  • If these control measures are properly designed, kept up to date and fully implemented …

THEN we could prevent problems proactively! APE is one such control measure.

Now I recognize the above paragraph is one heck of a run-on sentence and that even after separating it into bullets and adding ellipses and parentheses and semicolons, Madame Editor is still a little bit uncomfortable with it—BUT, it accurately describes what I am trying to do. And to have this forum where I can spread my thinking throughout the profession is just wonderful.

So with this in mind, let’s take a look at our progress so far. We have discussed (in some detail) and you have thought about the first five of these 10 families. We are at the halfway point in this series:

10 Families of Risk Management in Public Safety

Once again I am way over my word limit. In my next article, we will move onto some thoughts on information risks. Thanks for your continued support—it is so much appreciated!

TIMELY TAKEAWAY—I highly recommend an annual review of your agency’s harassment policy. However, I am not your lawyer, so please run this by her/him and do something proactively to address inappropriate behavior in your workplace.

GORDON GRAHAM is a 33-year veteran of law enforcement and the co-founder of Lexipol, where he serves on the current board of directors. Graham is a risk management expert and a practicing attorney who has presented a commonsense risk management approach to hundreds of thousands of public safety professionals around the world. Graham holds a master’s degree in Safety and Systems Management from University of Southern California and a Juris Doctorate from Western State University.

More Posts
Share this post:

The Briefing – Your source for the latest blog articles, leadership resources and more