Framework for Risk Assessment

FRAMEWORK FOR RISK ASSESSMENT OPEN CONTROL POST IN THE SECURE UNIT (This document was scanned and reformatted for easier use)

Purpose

The purpose of this document is to present a framework for conducting the risk assessment of the open control post (OCP) in the new Secure Units in the regional women's institutions. All institutions have expressed concern over the fact that the post is open in a unit housing maximum security inmates.

It is also recognized that a degree of risk is inherent in working in a correctional environment; however, the risk must be managed so it is no greater than what is normally expected.

Introduction

The new Secure Units will have cell accommodation (wet cells) in pods of 4-6 cells. Each pod will have a full bathroom, living and dining space and a lunch counter. There are 2 pods in Joliette and Nova (10 cells) and 3 pods in EIFW and GVIW (15 cells). A 3-4 bed segregation unit is also part of the Secure Unit.

Each Secure Unit has a central kitchen, 2 or more program rooms and several staff offices. Because of the initial configuration of the Enhanced Units, each Secure Unit design is different; however, each incorporates the elements described above.

The OCP is situated in the rotunda of the unit, near and within direct visual range of the entrance to the Secure Unit. The post is open, but raised. It has a direct view on all housing pod entrances (and to some extent into the pods as well), the exercise yard and all office, program and kitchen areas. Control panels and cameras are located in the post but hidden from view. The post responsibilities' include but are not limited to:

 control of all activities in the Secure Unit and the segregation wing;  remote control of access doors to the Secure Unit status of cell doors;  remote locking/unlocking of cell doors; status of doors to each pod;  reponse to cell calls;  monitors segregation cell camera;  monitors exercise yard cameras;  monitors other cameras within the Secure Unit.

All posts have an emergency kill switch to turn off all systems and all have a secure emergency escape route for staff. Reasons for the Open Control Post

The approach used in the Intensive Intervention Strategy is one of sufficient, well-trained staff to ensure dynamic supervision and interaction. An OCP allows for increased dynamic supervision and increased interaction and communication with the inmates. The more static security, the more likelihood that staff and offenders won't communicate (which usually results in a decreased awareness by staff to the atmosphere of the unit and/or an increased risk of incidents). The increased staffing level, the increased level of staff training and the inter- disciplinary team approach all serve to support the use of an OCP.

The Task Force on Security addressed the positive benefit of increased interaction with inmates in several areas of their report; specifically, that traditional cell blocks, long ranges, barriers and armed posts remove the opportunity for making responsible living choices [p20]. The women who will be housed in our Secure Units are the most difficult to manage women and those with the most volatile behaviours. It is recognized that the OCP requires staff to be more vigilant in their duties and observations. While a closed post provides additional protection to the security and communication equipment, with an OCP, the possibility of barricading the post does not exist, which allows for constant vision of and communication with the inmate should an assault or hostage-taking be attempted.

A closed post can also contribute to entrenching an "us vs. them" mentality between inmates and staff and could also result in decreased communication between security and non-security staff within the Unit as their roles may begin to appear restricted and defined. Our Primary Workers have much to offer and need to be integral members (not just on security matters) of the interdisciplinary team.

Risk Management - Overview

Taken from and based on the Risk Management Policy, Treasury Board of Canada; and from the Threat and Risk Assessment of the New Housing Units at the Edmonton Institution for Women, December 2000

Risk management is a process designed to protect and minimize risks to employees, property, and interests; 'forewarned is forearmed." Risk includes both the chance of damage to or loss of property/life and the chance of incurring liability.

In the risk management process, all assets are identified. A determination is then made as to what degree of protection each of the assets requires. This is done by identifying the potential threats to the assets and the related risk given the proposed safeguards in place to protect the assets. The safeguards are then reviewed to determine if they are satisfactory or if they need to be improved. Following this, we can determine if the level of risk may be assumed. The elements are inter-related and overlap in many areas.

There are 4 phases of risk management:

Before the Incident

Phase 1: identify risks, those exposed to risk and in control of risks Phase 2: minimize risks and their cost (in human and monetary terms) [pre- plan]

During an Incident

Phase 3: contain the effects of damaging or harmful incidents [control the incident and resolve the situation]

After an Incident

Phase 4: compensate, restore, recover after the incident; provide feedback to improve the management of the system. [What did we do well? What did we learn?]

Each phase has several elements to be assessed (a complete list is in the Annex). Only those which appear relevant to the OCP are included in this framework.

For the purposes of this exercise, we are most concerned with Phase 1 and Phase 2. [See Overview Chart at the end of the document.]

Phase 1 - Identifying Risk

1.1 Identify the operations and the assets at risk

The operational area we are assessing is the OCP within the Secure Unit. The assets include the staff who operate the post, security systems, monitors, keys, security and communication equipment, computers, protected information (paper or on computer). 1.2 Perils (e.g., violence, security leaks, destruction of property, fire, theft, etc.)

Each peril should be identified to establish the degree of risk, to determine alternatives to minimize the risks and to develop control procedures. For example:

Identified Peril Degree of Risk a. Attempt to take over control of the Moderate; but volatility of a few inmates post could increase the risk on a periodic basis (physical danger is inherent in working in corrections) b. Violence against staff in post (e.g. Moderate; but volatility of a few inmates assault, inmate jumping the counter could increase the risk on a periodic basis or entering the post) (physical danger is inherent in working in corrections) c. Verbal threats, abusive language Low to moderate d. Security leaks Low to moderate e. Destruction of property/Fire Low to moderate (non-combustible construction) f. Theft Low to moderate (see c. Security leaks)

What are the safeguards?

The safeguards include:

 Staff training (Women-Centred Training, specialized mental health training, non-violent crisis intervention training, CTP/security training, Orientation for Non-CX, etc.);  Post Orders and other policies and procedures;  Knowledge and experience in security issues;  Communication and observation between staff and between staff and inmates;  Small population (staff will be aware and knowledgeable of the treatment plans, appropriate  Intervention approaches, and knowledge of the risks and needs of all the women in the unit);  Visibility/presence of the Team Leader (management) in the Unit,  etc. 1.3 Factors

Examples of factors that could influence the risk include: negligence, error, willfulness; availability and quality of materials; state of a particular technology; acts of nature; human inefficiency. To help reduce these factors:

 The Post Order should be detailed and all staff must be aware of their responsibilities while in the OCP and to the OCP while on the floor; they must be willing and able to fulfill their responsibilities; they must have knowledge and experience in security issues. All non-CX staff will have knowledge of basic security practices.  The weekly inter-disciplinary team meetings can be used to discuss the operation of a the post on a periodic basis and any changes that could be made to make procedures more effective (including, for example, specific movement procedures for certain women who pose a higher risk).  Operational reviews and unit profile should be completed at least quarterly for the first year of operation.  Communication is essential to ensure all staff are aware of the institutional atmosphere (Unit profile) and to share information. For example:

• Mandatory shift briefings at the beginning of each shift (including all members of the inter-disciplinary team) to share information and to designate staff assignments and set priority tasks for completion during the shift; • Sign-in book for any staff member or visitor to the unit (must check in at OCP upon entry to the unit and OCP must ensure the individual is wearing their PPA or they will not be permitted in the Unit); • Weekly inter-disciplinary team meetings; • Binders/log books for each woman to briefly document daily interventions or unusual behaviours [alternatively a Unit log book and individual, detailed case work record entries]; • Weekly security check to verify that all communication and security systems are functioning; • Etc.

1.4 Types of Risk

These include those activities that are either internal to the institution/CSC; or partly or wholly related to actions or omissions. The distinctions are important in order to determine:

 the degree of control that can be exercised over the probability of chance occurrences;  the effect these occurrences may have on the institution/CSC; and,  CSC's obligations or potential liabilities. In the case of the OCP, the activities are internal to the institutional. Actions or omissions that could increase risk should be minimized through:

 selection of qualified staff who want to work in the Secure Unit;  security training, specialized mental health training and ongoing coaching by the Team Leaders; inter-disciplinary team approach;  refresher training; and,  constant communication and observation.

CSC can exert a certain amount of control in order to prevent chance occurrences (like an attack on the post) through:

 good security practices;  dynamic security and supervision and positive interaction;  policies and procedures specific to the Unit that are understood and implemented;  consistent interventions to minimize frustration of both staff and inmates;  controlled movement of inmates;  institutional contingency plans;  etc

However, it is also recognized that not every contingency can be anticipated. It is clear that should a staff member become a victim of violence perpetrated by an inmate, there would be an substantial impact on the entire Unit staff (and institutional staff as a whole). As per CSC policy, CISCO will be implemented in the event of such an incident.

1.4 Risks to employees and their personal property

There is an inherent risk to employees who work in correctional institutions. The goal is to minimize this risk to ensure that the situation poses no more danger than is inherent in the normal daily operations of a correctional institution.

Phase 2 - Minimizing Risk

2.1 Minimization

By completing a thorough analysis of the risks, the potential threats (to persons, assets and operations) can be assessed in order to determine the likelihood of their frequency and severity.

We can either avoid the risk by eliminating it; we can radically reduce the risk through alternatives to proposed activities; or, if we accept the risk is inevitable, we can develop and implement risk control practices to prevent loss and to reduce the risk (e.g., safety training, early detection, security precautions, emergency procedures, etc.). In this instance, the third option would likely apply.

Below is a Risk Management Decision Matrix that helps to assess the impact of risks by frequency and severity. The identified perils in the previous section (and others), are assessed using this matrix.

Risk Management Decision Matrix

Severity or Magnitude

Low High

Spitting on the officer ,throwing liquids Attempt to take over control of the OCP, at staff (liquids that land on electronic violence against staff in the OCP, equipment could have more serious hostage- taking, riots, security leaks, consequences). destruction of property/fire, thefts.

Prevention is the key to minimizing Reduce the risk: we must work to L these risks; however, there may be little reduce these risks. need to control these risks as the O frequency and severity are low though Policies, procedures, plans must be F W the situation would be unpleasant. developed and all staff must be fully R cognizant of them. Good, effective E Though this type of unpredictable security practices should be used at all Q behaviour can and will likely occur, staff times by all staff (not just security staff). U have been trained to both prevent and address this type of behaviour. Communication, observation and staff E training increase prevention skills and N observation skills as does knowledge of C the women themselves. Emergency Y responses and institutional contingency plans must also be kept up to date and staff trained to implement them.

Abusive language, verbal threats 4. Avoid, abandon, re-design.

Prevention and appropriate responses There is a low probability of such (that do not escalate the situation) are situations occurring because the first H the keys to minimizing these risks, i.e., time an incident occurs, it will be I how to respond to verbal threats. addressed through the various G interventions available. H These situations are addressed through prevention and training, as well as through specific interventions (e.g., Behavioural contracts, mediation, programs, disciplinary process).

3 Saliva: exposure would have to be significant and it would have to be into mucus membranes (eyes, mouth) or onto open skin abrasions. Hepatitis B has a higher concentration in saliva than Hepatitis A, C or HIV; however, staff are immunized against Hepatitis B. 2.5 Political and diplomatic considerations

The women's portfolio remains high profile and corporately, CSC must continue to be aware of this.

2.6 Administration

The organization and people responsible for the management of risks should be identified - i.e., Warden and Team Leader of the Secure Unit; staff of the Unit. Institutional Contingency Plans must be updated to include the Secure Unit. Specific staff roles and responsibilities during a crisis need to be identified as well as ensuring these key staff have completed Crisis Management Training and that a sufficient number of trained negotiators are on staff.

In risk management the experiences and practices of other government agencies should be taken into account as well as the need for their involvement and maintaining necessary relationships with them. This could include HRDC-Labour Canada, and the RCMP.

Phase 3 - Containment

Containment is the third phase of risk management. Its purpose is:

 to respond quickly to and control damaging incidents while they are happening;  prevent the effects from spreading; and,  to continue to provide services during the emergency; and  the safe resolution of the incident.

Containment includes making every effort to keep the incident from escalating and is integral to any emergency response in CSC. Response to emergencies is addressed through initial training, ongoing training, ERT interventions and institutional contingency plans by the Crisis Management Team. If an incident can't be contained and does escalate, contingency plans are implemented. Emergency procedures and responses, physical systems and procedures are all activated.

Policy dictates that contingency plans and systems must be reviewed and updated annually, all staff must be trained and procedures rehearsed. Phase 4 - After the incident: Compensation, restoration and recovery

4.1 General

 Restoration (part of recovery) is the use of approved funding to repair or replace damaged, lost or stolen Crown property.  Recovery is the completion of the longer term measures initiated during containment to safely return to normal operations as quickly as possible.  Compensation is the settlement and payment of claims by or against the Crown or its servants (though compensation is an element to be addressed, it is outside the scope of this paper).

For our purposes, the main items for institutional staff to consider are: staff safety, replacing damaged property, returning to normal operations as quickly as possible, ensuring all staff and inmates are debriefed and the former are able to return to duty.

4.2 Investigation and assessment

This is part of CSC policy; reviewing incidents, whether at the institutional, regional or national level and is detailed in Commissioner's Directive 41.

Conclusion

When a Part 11 of the Canada Labour Code is called, HRDC asks for the Post Order (and related policies) to ascertain if CSC is complying with our own policy. The Post Order is presumed to be based on a risk assessment.

With the information and examples provided, each institution should be able to review the operations of the control post in their Secure Unit to determine whether it can be managed as an OCP (complete a risk assessment exercise).

Following each risk assessment exercise, each institution should have sufficient information to create their Post Orders (as well as other, related Secure Unit operational policies and if necessary, training exercises) that will determine how the control post will be managed to ensure the safety of staff, inmates and all security equipment.

See Overview Chart on the next page. The chart provides examples of the identified perils, the risk they pose, the safeguards in place and how the safeguards can reduce the risk (Phase 1 and Phase 2). What is the What is the degree, What are the How does the safeguard reduce the risk? identified peril? frequency and safeguards? severity of the risk? A. Attempt to Moderate degree of Controlled  Controlled movement of inmates outside the take over control risk; but volatility of a movement of pods; of the post few inmates could inmates  reduce the number of inmates moving at one increase the risk on a time; periodic basis  more volatile inmates can be moved on their own;  inmates will not be permitted to just hang around in the rotunda (If they are in the rotunda it will be for a specific purpose – passing through to go to the program area or Low frequency but to an office or being escorted to another area high severity of the institution – as such, no more than a couple of inmates should be in the rotunda, at the OCP at one time) Policies and  Staff should be fully trained and procedures knowledgeable of all policies and security procedures relating the OCP and to the Secure Unit;  staff know their role and responsibilities when in the OCP and to the OCP when on the floor. Staff presence  Other / high staff presence in the rotunda and when inmates are moving; communication  constant communication between security and non-security staff;  inform Team Leader or officer in charge of the unit immediately if the risk appears heightened;  PPAs are mandatory and to be worn at all times by all staff;  shift briefings;  weekly interdisciplinary team meetings;  consistent communication / messages between staff and inmates;  regular presence of Team Leader (visible management) in the unit Searches  Regular searches of inmate cells and inmates themselves;  being cognizant if inmates are carrying items which could be used to destroy property;  minimize access to breakable or other items;  keep counter of OCP clean;  minimize access to OCP counter and to security equipment (increase the height of the OCP / add a type of backslash to the top of the counter) etc. What is the What is the degree, What are the How does the safeguard reduce the risk? identified peril? frequency and safeguards? severity of the risk? Staff Training  Security training (both CTP and Non-CX orientation);  non-violent crisis intervention training; specialized mental health training. Small population  All staff will be knowledgeable about women;  inter-disciplinary team meetings to ensure all staff are aware of the risks and needs of all women and the most effective interventions for each woman B. Violence Moderate degree of Controlled As above against staff in risk; but volatility of a movement of post (e.g. few inmates could inmates assault, inmate increase the risk on a jumping the periodic basis. Policies and As above counter or procedures entering the post)

Low frequency but high severity.

Staff presence and As above communication Searches As above (or may not be applicable) Staff Training As above. Through non-violence crisis intervention staff will have the skills to respond in a manner that does not escalate the situation. Small population As above