This column is supposed to be about risk management. Granted, that's a pretty wide open arena, but sometimes the exact scope of the topic defies description.
Just about everyone that has anything to do with law enforcement knows that it is a risky profession, and that we need to take steps to reduce that risk. But that is where the agreement ends. Exactly what is risky, and how risky is it? What things are riskier than others? How much importance should we place on certain risky activities, and how many resources should we expend in our collective attempt to manage our risks? Should we only do things that will totally do away with certain risks, or should we take incremental steps? What happens if, on the way to reducing one risky thing, we create another? How culpable are we if that happens? What if we just do nothing, and trust to luck?
As you can see, the idea of managing risk is not a simple concept. The very act of risk management brings with it a host of other problems - or at least additional nuances of the current problem - that must be managed. How do we do that? Who among us is tasked with that chore? Are we even capable of dealing with it?
Everybody Knows What the Problem Is
The problems that we have in law enforcement - as a profession - are not a secret. We all know what they are, because generally we all have the same problems.
A few years ago, I spent a significant amount of my professional life traveling around assisting agencies in managing their risk. I visited several hundred police agencies and jails, and interviewed hundreds of Chiefs, Sheriffs, Directors, command officers, supervisors, and trainers. I reviewed several hundred policy manuals. This effort spanned agencies of many different sizes and types in several states. I have attended national and international conferences of law enforcement executives and trainers for years, and have had discussions with many of them regarding the state of policing, and conditions at their departments.
Here is what I know: We all have the same issues to deal with, regardless of size or location. Oh, there are regional differences, and some agencies have issues that others don't have because of agency size or budget. But, generally, we all have the same core problems.
We are all concerned with enhancing officer safety and we all want to reduce liability exposure. That is it - those are our two problems.
Along the way to dealing (or not dealing) with those two issues, we run into all sorts of community pressures, budgetary issues, politics, legal wrangling, and the like. But those two core problems are what drive almost everything we do. They are, in effect, our greatest risk exposures. They must be managed. The question, of course, is "How?"
Pseudo Solutions
Usually we blame our inability to manage our risks on lack of money. Even when we chalk it up to not enough personnel, or outdated equipment, or fear of litigation, or some other reason, it all usually comes down to lack of money.
Most law enforcement managers and trainers recognize that the solution to managing our risk is three-fold; policy, training and supervision. First, we need to address the risks in our professional environment by developing a set of procedures that can provide guidance to our people in the field. Secondly, we need to make sure that our people have the appropriate training - in both an operational sense and in a policy sense - for dealing with the risk in their working environment. Lastly, we need to direct, supervise and manage the efforts of our people, so that their efforts are as effective and efficient as possible from an organizational standpoint.
In order to meet these three goals - policy, training and supervision - we know that we need to focus resources, or at least management effort, in their direction. And therein lies the rub. We know what we need to do, at least generally, but we perceive that we can't do it because we don't have the time, money, or other resources.
Sometimes this leads us to do nothing, and other times it leads us to make decisions that - given another time and place - we would probably see as flawed. Consider these two real-life examples:
Back when I was doing my risk management thing, I visited a suburban department in the Midwest. I had a great meeting with the Chief, and he was very open to my suggestions on how to manage his risks. His department seemed to have a pretty good handle on things, but there are always a few little things that can be tweaked, and he was very interested in making things better.
We were talking about his department's firearms training and qualification program, and I asked him how often they qualified, to which he replied that they went to the range four times a year. Then I asked him how often they qualified with their off-duty guns, and he said, "Oh, we don't qualify with our off-duty guns."
As you can imagine, I was a little stunned. When I asked him why, he told me that the city's lawyer had told him that if they did qualify with their off-duty guns, then the city would be responsible if an officer went out and shot someone while off duty.
I think you can quickly see the problem with that line of reasoning. We resolved it by having the attorney for the risk management group talk with their part-time city attorney. Things got straightened out after they made lawyer-talk.
Another time, I was conducting a risk assessment of a more rural department. I asked the Chief if his department used Stop-Sticks, or anything similar. He told me they did not, and that he didn't see any reason why they should. His reasoning was that, since controlled deflation devices don't stop pursuits, they wouldn't really solve his problem. And besides, he told me, putting devices in his patrol vehicles wouldn't solve his department's pursuit problem, since they only had one car on most nights. The devices he deployed would only be used to stop other departments' pursuits. He told me he needed to spend his money on a solution that would help his department to reduce their pursuit risk.
Again, you can see the problem. He was focused on solving the problem, not managing it. He lost sight of the fact that, while controlled deflation devices may not stop a pursuit, they usually slow one down - and further, if his and other departments all had devices, then they could assist each other.
Both of these Chiefs thought they were practicing risk management. The first was doing so by relying on legal advice that literally any other chief or sheriff could have told him was flawed, and the second had decided that, unless he could swallow the elephant whole, he wasn't going to eat it at all. He forgot that the best way to eat that elephant - solve a big problem - is by taking little bites.
These are just a couple of the ways we as a profession fail to manage risk. It is not that we don't want to, or don't realize that we need to - it is more that we lose sight of what we're trying to accomplish, due to a lack of information or knowledge, or a lack of time and resources.
Risk Management Rules
Most of us don't have the time to undertake formal studies in the management of risk, and that's okay because we don't need to. Risk management is pretty simple in theory; it's getting results that's hard. That, however, is not usually because risk management doesn't work, it's because we get impatient, or that our expectations are too high, or unrealistic.
Here, then, are a set of Risk Management Rules of Thumb:
- Use common sense;
- If it sounds too good to be true, it probably is (too good to be true);
- You can have it cheap, fast, or good, or a combination of any two - you can't have all three;
- Don't try to swallow the elephant whole, eat it one bite at a time;
- "Out of sight, out of mind" is not an acceptable method of managing risk;
- Listen to your gut;
- Get a second opinion;
- Hurry up slowly;
- Focus most of your resources on what your people do every day. Don't ignore potentially catastrophic problems, but realize that you'll get more benefit from resources spent on reducing the likelihood that something that happens all the time will turn into something really bad, than if you try to address those rare, catastrophic occurrences head-on.
True, there are some things you can do as a law enforcement officer, trainer or manager, to avoid certain types of risk. If you're a Chief, you can avoid the risk inherent in having a SWAT team by NOT having a team. As an officer, you can avoid the risk of drowning during a water rescue by NOT jumping into the water. As a trainer... well, you get the idea.
However, there are other risky things that we do in policing that we cannot avoid, such as hiring and promoting (if you're the boss) or making traffic stops (if you're an officer). Since you cannot avoid those risks, you take steps to reduce the potential for harm. And, often, you put measures in place to reduce the damage if something does go wrong, i.e. wearing your vest, or having a written procedure for interviewing new applicants.
By the way, if you are engaged in attempts to avoid risk (like in the examples above), remember that many things you do in order to avoid risk actually create or exacerbate other risks. If you avoid the risk of having your own SWAT team, you take on the risk of using - and relying upon - some other department's team, and you probably lengthen the response time. If you avoid the drowning risk by not jumping into the water, you may increase the likelihood that the victim will drown because rescue may take too long.
That's not to say that you shouldn't avoid these types of risk, just that you need to acknowledge that avoiding one risk often entails creating another. If you go that way, plan on taking steps to mitigate the additional risk, as well.
So is it all hopeless? Are we unable to manage the risks inherent in law enforcement? No; of course not. But we do need to approach them differently. We need to think more like risk managers.
Stay safe, and wear your vest! (That's risk management, too!)
