What is Risk Management in Corrections?

Risk assessment is the process of identifying risks and assessing the magnitude of those risks. It is typically conducted through a written document that breaks down each risk into two broad categories: high-level risks (known as threats) and low-level risks (known as vulnerabilities). A threat is defined as any condition or situation that can potentially cause harm or loss. Threats include such things as natural disasters, inmates, staff members, and gangs. A vulnerability is defined as any weakness or deficiency in a system that may be exploited by a threat. Vulnerabilities include access controls, policies, procedures, and people. The assigned level of risk for each threat is determined by its likelihood of occurring and the potential impact it may have on the facility’s operation. The severity of each vulnerability is determined by its susceptibility to exploitation by a threat.

Custom, Pre-Built, and Configurable interfaces that work the way you want them to.

Risk Management in Corrections – Vulnerability Analysis

A vulnerability analysis allows an organization to identify its key vulnerabilities and develop strategies to mitigate those vulnerabilities. Vulnerability analysis can be conducted by either: 1) conducting an internal vulnerability analysis or 2) by conducting an external vulnerability analysis (also known as threat modeling). In both cases, at least three factors must be considered: 1) physical security; 2) operational procedures; and 3) cyber security. These three factors are discussed in more detail below: Physical Security: The physical environment includes all areas that are physically accessible to both inmates and staff members. Areas where inmates are allowed to freely roam (e.g. working yards) are considered high-risk areas because they allow inmates greater access to areas with vulnerable equipment (e.g., electrical equipment). However, physical security is only relevant when an inmate has breached one of your perimeter fences because when your perimeter fences are intact then you can rest assured that your high-risk areas are secure. Operational Procedures: This factor includes all procedures relating to how staff members interact with inmates in various situations such as meal time, exercise time, showers/bath times, etc… Inmates have a greater opportunity to exploit your procedures when they are supervised by a single staff member, when they are allowed more freedom of movement, and when there is an inadequate number of staff members to supervise a certain number of inmates. Cyber Security: This factor includes all systems that rely on advanced computer technologies such as the internet, cell phones, tablets, etc… Cyber security is a high-risk vulnerability because inmates have a greater opportunity to exploit your cyber systems when they are allowed access to these systems.

Risk Management in Corrections – Risk Mitigation

Risk mitigation is the process of reducing risks to an acceptable level. Risk mitigation can be conducted by either mitigating the probability of an event or mitigating the severity of an event. Risk mitigation strategies can be implemented at three different levels: 1) tactical; 2) operational; and 3) strategic. Tactical Risk Mitigation: Tactical risk mitigation involves reducing risks at the tactical level by implementing specific procedures or systems. Tactical level risk mitigation strategies include things like additional locks and security cameras. Operational Risk Mitigation: Operational level risk mitigation involves reducing risks at the operational level by implementing general procedures for conducting daily operations. Operational level risk mitigation strategies include things like requiring all staff members to take a course on how to reduce inmate violence and requiring that all staff members carry personal pepper spray. Strategic Risk Mitigation: Strategic level risk mitigation involves reducing risks at the strategic level by developing policies, procedures, and standards that will be used throughout the entire agency or system. Strategic level risk mitigation strategies include things like setting up a committee dedicated to reviewing existing policies and procedures for compliance with state laws and federal regulations and creating annual training requirements for new staff members and re-training requirements for existing staff members.