Once upon a time, pastors thought their churches were safe and secure places that even criminals would respect. Unfortuantely, that’s no longer the case (or perhaps, that always was a fairy tale). Regardless, part of your responsibility as a church leader is to take prudent measures to protect your congregation. As we’ve addressed previously, there are many actions you can take to accomplish that goal. However, a key first step is to assess what risks your church could face. From there, you can determine what to do that will improve church safety and security. What is a Risk Assessment? The assessment step is really a deep-dive look at potential risks to your church. It involves asking some uncomfortable questions such as: What event might occur that could take down the church? How would we respond if a tornado siren went off during a service? Have we provided staff and volunteers with training on how to react in an active shooter situation? What would our teams do if the fire alarm went off? Drop any of those questions at the next staff meeting and you’ll feel the tone of the room take a nose-dive. No one likes to talk about the bad things that could happen within or to our churches. Unfortunately, this is an important issue that we must seriously consider. We’ve all heard of the church or ministry damaged by scandal, fraud, natural disaster, or other difficult events. A trusted bookkeeper siphoned funds into his account, a former member files a lawsuit, or someone is hurt while at a church function. These situations really do happen, yet we tend to think that as a church we’re immune from these issues. That’s simply not the case. We have a responsibility to consider the risk events that could harm our congregations and take appropriate actions to improve church safety and security. A risk is simply the chance that something could go wrong. The fallout from that event could be minuscule or catastrophic, depending on the situation. Fortunately, there are steps we can take to prevent a risk from occurring and minimizing the impact if it does occur. The process of identifying, assessing, and mitigating risk is commonly referred to as a risk management program. I’ve managed that function for a large company and on individual projects. The following is an overview of the process and how to get started. Step #1: Identify the potential risks to church safety and security This step involves gathering your senior leadership team and asking that uncomfortable question, “What event(s) might occur that could take out our church?” Explain that the reason for this discussion is to ensure you’re doing everything needed to prevent these risks. Here are a few additional questions to use that can get the conversation going: Your list of potential risks may include the following: Step #2: Assess the likelihood and potential impact of each risk As you discuss each risk, talk through the scenario and what might happen. Assess each risk for how likely it is to occur and what the impact would be to your church if it did happen. For the risk of natural disasters: Are you in an area prone to tornados? If so, then the likelihood may be rather high. Should a tornado damage your building, that could lead to physical injuries if anyone is present at the time. Additionally, extensive damage to the building could mean you won’t be able to hold services there for several weeks (or more). While you can’t reduce the likelihood of a tornado, you can take steps to reduce the impact. Examples include purchasing insurance, proper building construction, developing and communicating safety procedures, and scouting temporary facilities before they’re needed. Step #4: Determine what processes are already in-place to prevent each risk Do you have policies and processes in-use to prevent the risk? For example: Do you require that at least two people count and sign-off on the offering total for each service? Is each volunteer working with children required to pass a criminal background check and attend training prior to serving? Do you have insurance coverage on your facilities and the contents? Have you documented these policies and do you communicate them to staff on a regular basis? You may want to seek out legal counsel regarding certain risks to confirm that you’re in compliance with applicable laws and regulations. These are all steps that can reduce the likelihood and/or impact of various risks. Step #5: Identify gaps and take action to further mitigate risks If you determine that the mitigations in-place aren’t sufficiently reducing a particular risk, then you need to develop a plan to close that gap. This may include getting additional insurance coverage, implementing background checks, or developing a security threat response plan. The key to this step is to document the actions required and assign a single leader responsible for ensuring that the tasks are completed by a certain date. This leader should report back to you on a weekly basis until all tasks are complete. Step #6: Communicate the risks and mitigating actions Just having your senior leadership team aware of the risks isn’t sufficient. Discuss these risks with staff and volunteers who are directly responsible for carrying out the risk mitigation actions or who may be impacted by a risk event (such as an emergency evacuation). Summarize each risk into a sentence or two and review the list with your staff. Get their input on the list and ask if they have any ideas for how to prevent these risks. Discuss any existing policies or procedures that prevent each risk such as background checks or safety rules. Make sure they understand that you’ve put those policies in place for a purpose and what the consequences to the church could be if one is violated and the risk occurs. Communicate applicable risks while training volunteers and discuss which policy or procedure you’ve designed to prevent those risks. When people understand why they’re required to
