GA Police Chief Logo

Risk Management

2024 | WINTER

Risk Management in Law Enforcement Agencies

AdobeStock_262175021-Risk management forecasting evaluation financial business concept on virtual screen.

Natalie Sellars

Risk Management

2024 | WINTER

Risk Management in Law Enforcement Agencies

Natalie Sellars

Law enforcement risk management guru Gordon Graham, once said, “We don’t know jack about risk management, and worse than that, we think we do.” The theory of risk homeostasis states that everyone has an acceptable level of risk they are willing to tolerate.  Since law enforcement is inherently dangerous and involves facing unpredictable situations as well as injuries, one could argue that law enforcement knows risks, but is not good at managing them. 


With the day-to-day surplus of priorities involved in effectively managing a police department, it is easy to downplay the need for risk management. Downplaying the need can be risky itself.  While it might seem like an unnecessary hassle, shifting from a reactive to a proactive mindset, and utilizing a risk management approach is like upgrading from playing catch-up to staying ahead of the game.


Anticipating potential risks, putting preventive measures in place, and having a strategic plan for handling uncertainties will move the focus from the obstacles being faced to the actions that can be taken to get past those obstacles and achieve results. It’s all about being one step ahead rather than constantly reacting to issues as they arise. While it might seem like additional effort upfront, risk management can save resources in the long run by preventing costly legal battles, injuries, damage to equipment and automobiles, and protecting the department’s reputation.


By prioritizing risk management, law enforcement agencies can work towards enhancing public safety while maintaining accountability and transparency. This includes proper training, clear protocols, and ongoing evaluation of procedures to ensure they align with legal and state standards, as well as with community needs and expectations.  Focusing on the need for risk management is not about creating unnecessary bureaucracy, but rather about ensuring the well-being of the agency, its personnel, and the community it serves.

AdobeStock_151423753-Problem Solving,Close up view on hand of business woman stopping

It takes strong leadership to build a culture of risk management. The concept must be taught, reinforced, and consistently branded throughout systems in an agency through policy, training, supervision, and corrective action. 


Law enforcement risk management involves identifying, assessing, and mitigating potential risks that agencies may face in their day-to-day activities. This proactive approach requires utilizing data and analytics to identify patterns and trends that may pose safety and liability risks to personnel, the agency, and the office of the chief. Having a holistic approach considers various factors, such as organizational culture, human factors, and external influences.


It has been said, “that you can manage your culture, or it will manage you”.  Every department has a culture that either came about by a methodical process to build it or it developed arbitrarily.  Organizational culture that doesn’t embrace evidence-based practices might rely more on tradition, intuition, or personal beliefs rather than on empirical evidence. In such a culture, decision-making might be influenced by subjective opinions or established norms rather than by data-driven insights.


A lack of emphasis on research, experimentation, or learning from past experiences leads to decisions being made based on what has “always been done” rather than on what has been proven effective through careful analysis. There can also be a struggle to adapt to changing circumstances or take advantage of innovative approaches in a weak culture.


The human element is a dynamic and influential factor in risk management. Human decision-making is influenced by cognitive biases, emotions, and individual perspectives. These factors can also impact the identification and evaluation of risks. In some cases, individuals may underestimate or ignore certain risks, leading to inadequate or no risk management strategies.

AdobeStock_576376679-Businessman protect data investing economic from dangerous infor

Complacency can arise from a sense of routine or a belief that certain risks are unlikely to occur.  High levels of stress or fatigue can impair cognitive function and decision-making, making it more challenging for individuals to effectively identify and respond to risks.


Finally, external influences can also play a significant role in risk management strategies. External factors are the most difficult because they are outside the span of our control. For example, economic downturns or fluctuations can increase various risks. When the price of gas soars, it will impact departmental budgets.  When there is a pandemic, everyone’s economic conditions change as well as the safety of personnel. Sometimes we forget that history is full of surprises. The COVID-19 pandemic took the world by storm, serving as a stark reminder that unexpected events can still shape our lives in significant ways. It’s a testament to the unpredictable nature of the world we live in.


Changes in regulations and compliance requirements can introduce new risks or alter the existing risk landscape. Rapid technological changes can introduce risks such as cybersecurity threats or disruptions due to technological failures.


The public’s perception of an organization, which is also an external force, can affect its reputation. Negative publicity, social media backlash, or public controversies can result in reputational damage, which, in turn, poses a risk to the organization.


When there are risks coming from every direction, a threat assessment is a systematic process of identifying and prioritizing potential threats or risks that may impact an organization. The goal is to understand the nature and severity of these threats to develop effective strategies for prevention, mitigation, and response.

LAW Publications PG 1 2023

A well-executed threat assessment helps the organization proactively manage risks, enhance security, and respond effectively to potential threats rather than react to them.


Evidence-based processes provide a clear picture when identifying threats/risks. Taking a deep dive into the agency’s prior activities and past claims history affords using the best available evidence to guide actions.


The identification of risk is single-handedly the hardest step.  Willful blindness or an unwillingness to admit departmental problems will result in not properly identifying and mitigating risks.  It’s easy to become complacent when things are going smoothly, but life has a way of throwing curveballs when we least expect it. It’s a good reminder to stay prepared and appreciate the moments of calm while being aware that challenges may arise.


Pursuits have long been a part of any law enforcement duties.  “Let’s chase them until the wheels fall off” is a form of backward-looking accountability. Police culture dictated the need for chases, but rarely the manner or reason for it.  If someone ran away, a chase ensued whether in the car or on foot. As a result, people were hurt or killed, lawsuits and injuries followed, and the demand for change was forced on the profession. Forward-thinking accountability would dictate identifying the reasons for the pursuit, the training needed to pursue, the manner and who is involved in the pursuit, the need to continue/end the pursuit, and how to end it to avoid the risk of injury or harm to the public. 


Operational risk management refers to the risk of a specific event or incident causing harm such as pursuits, use of force, misconduct, technology breach and misuse of information, cybersecurity, and failure to effectively respond to a crisis like a school shooting which are all stories that make headlines on televisions and in newspapers.  

On the other hand, organizational risks involve the overall risk to an organization that does not have systems in place for dealing with the day-to-day operations.  Risks related to the recruitment, training, and management of personnel. Issues such as inadequate training, insufficient staffing levels, or front-line supervisor challenges will impact overall organizational effectiveness.


Budget limitations may affect the ability of an agency to maintain staffing levels, acquire necessary equipment, and invest in training and technology. 


Effectively managing operational and organizational risks requires proper development and full implementation of systems.  Organized and established procedures that are both comprehensive and proactive.  Systems of ongoing training and what type of training that needs to be done, adherence to best practices through accreditation, and continuous improvement in policies, procedures, and corrective action can make an agency more defensible. 


Regular review of data analytics to identify trends, assess metrics of officer performance, and community feedback can help develop strategies for improvement. By regularly evaluating these metrics to identify areas for improvement, agencies can track progress over time.


Conduct regular internal audits and reviews of policies, procedures, and practices. Identify areas of non-compliance, inefficiencies, or opportunities for enhancement, and implement corrective actions.


Invest in ongoing training and professional development for law enforcement officers. Ensure that training programs are up-to-date, relevant, and address emerging challenges. Encourage a culture of continuous learning.

LensLock - 2024 GA Chief Full Page Ad

Conduct thorough after-action reviews following critical incidents, emergencies, or large-scale events. Evaluate the response, identify areas for improvement, and incorporate lessons learned into future planning and training.


Leadership plays a crucial role in driving continuous improvement. Foster a leadership culture that encourages innovation, values feedback, and prioritizes continuous learning and development.  If risk management concepts drive police performance, two things will happen: liability will decrease, and organizational professionalism will increase.


By integrating risk management mechanisms, law enforcement agencies can create a dynamic and adaptive environment that is committed to continuous improvement, transparency, and responsiveness to the needs of both officers and the communities they serve.  Without such systems in place, missed opportunities for learning from incidents and enhancing procedures may occur, hindering the overall effectiveness of the agency.


Modeling behavior is like setting the tone for a new culture. People tend to follow examples more than they follow instructions. When leaders and individuals demonstrate positive behavior, it creates a ripple effect, influencing others to adopt similar attitudes and actions. It is the secret sauce to transforming a culture and risk management is one of the main ingredients of that secret sauce.


Taking a risk management approach in law enforcement can be a game-changer. It allows for anticipating potential issues, developing strategies to mitigate risks, and overall promotes a more proactive and preventative mindset. It is about staying ahead of the curve and ensuring the safety and well-being of both law enforcement personnel and the communities they serve.

Natalie Sellers

Natalie Sellars

Natalie Sellars has served as a Senior Law Enforcement Risk Consultant with Local Government Risk Management Services (LGRMS) for the past 10 years.  She holds a Bachelor of Arts in Criminal Justice from Augusta State University and a Master of Arts in Criminal Justice from Troy University. Previously she served as a parole officer, academy instructor, and Assistant Chief with the Georgia State Board of Pardons and Paroles.