Key Principles of Security Threat Group Intelligence Operations in Jails

by | April 23, 2021

Editor’s note: This is the third article in a three-part series on security threat group intelligence gathering in corrections. Read the first article here and the second article here.

In the first article in this series, we examined the “why” of security threat group intelligence operations in jails, and in the second article, we defined the “what”—the mission and process. To come full circle, we must discuss the “how.”

The Importance of Policy

Any security threat group intelligence operation must be conducted in accordance and compliance with your agency’s operational policies and procedures. If your agency is using the security threat group intelligence information in conjunction with a single or multi-jurisdictional database, I highly recommend developing your database and collection of STG intelligence information in compliance with 28 CFR part 23, a federal regulation that provides guidance to law enforcement and correctional agencies on implementation standards for operating multi-jurisdictional criminal intelligence systems. The purpose of this regulation is to ensure the protection of constitutional (civil rights and civil liberties) rights and further an individual’s reasonable expectation of privacy.

All security threat group intelligence operations in jails must absolutely comply with constitutional requirements, statutes, and policy and procedural guidelines. Agencies should develop policy to address all elements of the intelligence process; audit guidelines should be developed to measure compliance and aid in program review.

When analyzed in abstract terms, the intelligence process sounds vague, complicated and difficult to execute. This need not be the case.

Once you have established a good security threat group intelligence collection plan and have properly staffed your intelligence gathering unit with competent, productive and ethical correctional professionals, you still have not met all of the base requirements for a good intelligence operation. Don’t confuse activity with action. Without evaluation, collation, skillful analysis and appropriate dissemination, collected security threat group intelligence is of little importance.

Once analyzed, intelligence must flow back to those officers on the front line. In the last article, I noted the difference between strategic intelligence and operational intelligence. Strategic security threat group intelligence must be placed in the hands of strategic decisionmakers, department heads and the Security Threat Group Coordinator. Operational intelligence must be fed into the actual investigative process. Every security threat group intelligence operation requires time and commitment to mature into an integral element of the correctional management system. Such operations soon will become indispensable in facing today’s emerging security threat groups and their members.

Incorporating Intelligence into Strategic Planning

Improved security threat group intelligence is needed not only in daily jail operations, but in the strategic planning process. Budgetary constraints, political realities, the site acquisition process and similar concerns must be considered when managing existing security assets and forecasting the need for additional facilities. Specifically, strategic intelligence helps establish a balance of institutions with features such as drone deterrence, perimeter breach deterrence, underground intrusion detection such as tunnel systems and other similar security systems.

Another integral element of the strategic planning process is staff training. Every staff member, vendor, contractor and volunteer who works with your inmate population must be sensitized to the emerging security threats and develop sight recognition skills to detect and deter threats as they occur. This should not be an add-on program, but an integral continuous element of the agency’s staff training programs.

Agencies should develop policy to address all elements of the intelligence process; audit guidelines should be developed to measure compliance and aid in program review.

Finally, the contingency planning element of strategic planning must be adjusted to contemplate sophisticated threats, such as outside assault coordinated with outside hostage-taking to carry out the escape of highly sophisticated criminals. We must also take into consideration threats from “home grown” domestic terrorists and extremist groups, both within our walls and outside in our communities. The current unrest across the nation has brought to light an increase in domestic terrorism and extremist group operations. Many of these groups are targeting law enforcement and correctional officers. Modern contingency planning must also provide extremely well-coordinated multiagency responses to both foreign and domestic terrorist threats targeting correctional institutions.

Extreme care must be taken to protect intelligence assets, interagency relationships and confidential informants. The subjects of your intelligence-gathering efforts are interested in what you know, how long you have known it and who was your source. A basic element of counterintelligence is “counter-surveillance,” the art of detecting who is collecting information on your efforts.

A vital application of the intelligence process is the continued production and review of strategic intelligence. The process allows correctional professionals to understand the scope of a particular security concern and how it may be only a facet of a larger pattern of activities by threat groups. The ability to conceptualize security threats, to challenge previously held assumptions, to re-evaluate and reorder priorities, and to establish mission-oriented objectives directly supports institution security and the strategic planning process. The allocation of security resources, the deterrence of criminal activities, and the evaluation of security procedures can be managed through this process.

A test of security-related strategic planning and its effective use of intelligence is its capacity to establish a pattern of response—a routine—for the most likely threats.

Security Threat Group Intelligence in Action

Let’s move from theory to practice. What do security threat group intelligence operations in jails look like? Put another way, what is the role of applied intelligence in a correctional setting?

After evaluating the specific security threat posed by an individual or group (threat analysis), an intelligence unit or gang task force can issue a “threat assessment” indicating the perceived threat level as well as key information to be considered in continued strategic planning.

Effective intelligence gathering operations in jails can consist of commonsense observations within the walls of the institution as well as out in the community.

To illustrate, assume strategic intelligence indicates that growing numbers of a specific outlaw motorcycle club members are entering the general population in the jail. While they are feuding with one other outlaw motorcycle club, they tend to be compatible with most outlaw motorcycle clubs and with white supremacy and extremist groups. Operational intelligence indicates specific members of the outlaw motorcycle club have been repeatedly approached by members of a white supremacy group requesting that they carry out contracts, but thus far the gang has declined to do so.

A threat assessment should be issued to staff, indicating a “moderate threat” level based on the fact that while violence does not appear imminent, the outlaw motorcycle club’s strength, its propensity for violence, and its history of being approached to commit planned violence warrant further monitoring, an active collection plan and general staff awareness.

While threat assessments tend to evaluate activities that occur on the initiative of inmates or their outside contacts, risk assessments evaluate specific correctional institution activities. For example, would it be risk-effective to escort a specific gang leader into a volatile area of the community for a funeral? A similar process might be used to evaluate which inmates are assigned to work late-night shifts on work details.

Beyond Investigations

When analyzed in abstract terms, the intelligence process sounds vague, complicated and difficult to execute. This need not be the case. Effective intelligence gathering operations in jails can consist of commonsense observations within the walls of the institution as well as out in the community. Informed decisions regarding inmate classification, housing assignments, work opportunities or security precautions for medical or court transports can be made based on this intelligence information.

The collection phase, for example, involves a coordinated and informed effort by intake screening staff, unit officers, work detail supervisors, teachers, correctional counselors and other line staff to make and report observations regarding unusual inmate groupings, affiliations, tattoos, apparent alliances and similar pieces of readily available information.

But staff at all levels must also be out in the institution, making observations and reporting them to the staff member identified as the collection point for this information—the Security Threat Group Coordinator. This data, when merged with similar security threat group intelligence from other agencies, will help us to better understand and meet the challenges of an increasingly sophisticated population.

To the extent possible, the intelligence process must become a proactive tool for correctional management, as opposed to merely a reactive tool used in investigations. Every effort must be made to enlist the support of law enforcement officials at all levels to alert correctional staff regarding potential threat groups now being prosecuted—specifically, the identity of leaders or members of these groups who have skills or characteristics that pose a special threat. Law enforcement efforts are incomplete if we do not truly “incapacitate” security threat group members and groups once they are in our custody.

Every correctional staff member should be a trained security threat group intelligence gatherer. Using your eyes and ears is the first principle of correctional work; learning to interpret what you see comes with experience. The entire concept of the “intelligence network” and strategic intelligence gathering grows from these seemingly simple principles of good correctional practice. After all, it is correctional staff members who have daily, face-to-face contacts with inmates—and staff members who are trained to communicate on a personal level with the most dangerous people in less-than-ideal circumstances.


CHRISTOPHER J. MUNLEY has served as a deputy director of public safety for the Sandy Pines Recreational Community in Hopkins, Mich., since 2019. He is a former U.S. Department of Justice-certified Prison Rape Elimination Act (PREA) auditor, providing policy consultation, development and auditing services to adult prisons and jails, lockups, and community confinement facilities. In 1996, Christopher began working at the Ottawa County Sheriff’s Office in West Olive, Mich., retiring as a sergeant and operations supervisor with the Ottawa County Sheriff's Office Correctional Facility in December 2018. He is a military veteran who served a combined 13 years in the US Army, the US Army Reserves and the US National Guard. Christopher is a graduate of the Northwestern University School of Police Staff and Command and a certified “gang expert” through the National Gang Crime Research Center (NGCRC) in Chicago. In August of 2011, the NGCRC presented Christopher with the prestigious Frederic Milton Thrasher award for Superior Accomplishments in Gang/Security Threat Group Intelligence and investigations. Christopher is also a past president of the Michigan Chapter of the Midwest Gang Investigators Association. He joined the Lexipol team as a content developer in December 2018.

More Posts
Share this post:

The Briefing – Your source for the latest blog articles, leadership resources and more