4. The Assessment And Management Of Risk
Levels at which risk is assessed and managed in MAPPA
4.1 This section identifies the 3 levels  at which risk can be managed under MAPPA and outlines the risk assessment and management framework.
The 3 management levels in MAPPA are:
- Level 1: Routine Risk Management;
- Level 2: Multi-Agency Risk Management;
- Level 3: Multi Agency Public Protection Panels ( MAPPP)
4.2 The adoption of the three management levels allows for a consistent approach to MAPPA throughout the country. Each area has discretion in deciding which cases to refer at which level based on the experience and expertise of the agencies involved, but every area must establish arrangements based on the three levels.
4.3 The risk management structure is based on the principle that cases should be managed at the lowest MAPPA level commensurate with delivering a defensible risk management plan designed to address the risk of serious harm posed by the offender.
4.4 Risk of serious harm is defined as: the likelihood of harmful behaviour of a violent or sexual nature which is life threatening and/or traumatic, and from which recovery, whether physical or psychological, may reasonably be expected to be difficult or impossible.
4.5 For MAPPA purposes the imminence and likelihood of risk of serious harm is classified as follows:
- Very High: there is an imminent risk of serious harm. The potential event is more likely than not to happen imminently and the impact would be serious;
- High: there are identifiable indicators of risk of serious harm. The potential event could happen at any time and the impact would be serious;
- Medium: there are identifiable indicators of serious harm. The offender has the potential to cause such harm, but is unlikely to do so unless there is a change in circumstances, for example failure to take medication, loss of accommodation, relationship breakdown, drug or alcohol misuse; and
- Low: current evidence does not indicate likelihood of causing serious harm.
4.6 Where an offender is subject to management by MAPPA and is also serving an OLR sentence the responsible authorities will have regard to the requirements as detailed in the Standards and Guidelines for Risk Management (Risk Management Authority 2013). These standards and guidelines are for the active and alert risk management  of those who pose a risk of serious harm and also provide practical guidance on the application of those standards in relation to those who are subject to an Order of Lifelong Restriction (OLR).
Level 1: Routine Risk Management
4.7 The largest proportion of all MAPPA offenders are managed at Level 1. This level of risk management is used in cases where the risks posed by the offender can be managed by one agency without actively or significantly involving other agencies (as was the case prior to the commencement of sections 10 and 11 of the Management of Offenders etc. (Scotland) Act 2005). This is an operational matter for the responsible authorities.
4.8 Level 1 Management is not applicable to Other Risk of Serious Harm Offenders, as this category requires that a significant risk of serious harm exists which requires active multi-agency management at MAPPA levels 2 and 3.
4.9 It is essential at Level 1 that each agency has in place processes to ensure information sharing takes place, disclosure is considered, and there are discussions with DTC agencies as necessary. Details of information shared and decisions made should be recorded on ViSOR by the lead agency.
4.10 Whilst the management of offenders at Level 1 is an operational matter for the responsible authorities, they must have arrangements in place to review cases managed at this level to confirm that the risk management arrangements remain appropriate. The timing of this review should be based on the risks posed by the offender (see Standard 2, Planning and Responding to Change, Standards and guidelines for Risk Management (Risk Management Authority 2013).
4.11 Some cases relating to Registered Sex Offenders ( RSO) being managed at Level 1 may require a multi-agency meeting to share information to ensure that all the risk factors are identified and the risks are being effectively managed. The lead responsible authority managing the case will identify when a meeting is necessary and will coordinate it, recording the decisions made on the relevant case management records and ViSOR. It is likely that offenders will be managed at different levels throughout their period of notification or supervision. Therefore if it is considered that the identified risks require more complex multi-agency management then the offender should be referred to Level 2 or Level 3.
4.12 The management of an RSO at Level 1 is not the sole preserve of the lead agency; it is for all the responsible authorities to be actively involved in the monitoring of an RSO made known to them, and they should report changes to the respective lead agency when they become aware of them.
4.13 If factors change which may affect the risk and the risk management planning of any offender in MAPPA then it is vital that there are effective information sharing processes in place to ensure that these factors can be taken into consideration by the responsible authorities.
Level 2: Multi-Agency Risk Management
4.14 Level 2 risk management should be used where the active involvement of multiple agencies is required to manage and actively reduce the risk of serious harm posed, but where either the level of risk or the complexity of managing the risk is not so great as to require referral to Level 3.
4.15 It is vital to understand that risk can and will change, so the means of managing risk must be capable of reacting to and reflecting risk accordingly. It is possible for Level 2 cases relating to an RSO to be referred to Level 1, or Level 3 when, for example, the likelihood and impact of the risk has diminished or increased and the management requirements of that risk have changed. Equally other types of offenders being managed under MAPPA can be referred to another level, or exit the arrangements, where the likelihood and impact of the risk has increased or diminished and the management requirements of that risk has changed.
4.16 The responsible authorities, through the MAPPA Coordinator, are responsible for convening and supporting the Level 2 arrangements. Depending upon the needs of the case, the following agencies/organisations should routinely play an active role in Level 2 management:
- Local authority - CJSW; children and families or youth justice social work teams; adult services; housing Sex Offender Liaison Officers (SOLOs) and, where appropriate, education;
- Scottish Prison Service ( SPS)
- the relevant health board, including mental health services; and
- other agencies, e.g. voluntary sector providers.
4.17 Level 2 arrangements are more than ad hoc groups, which change with each case. A permanent representative from the relevant agencies, supplemented by representatives from other organisations as needed, will provide effective oversight of risk management plans.
4.18 Multi-agency risk management may mean a significant caseload of offenders requiring active management and review by the responsible authorities. To achieve this, the responsible authorities must ensure that the meetings are effectively managed and supported.
4.19 The responsible authorities are charged with the statutory function for ensuring the efficient and effective operation of MAPPA. For this reason it is important that the Level 2 meetings are chaired by a suitable representative of either police, the local authority, SPS or Health (see Chapter 7, Para 30-32).
4.20 The frequency of these meetings is a matter for the lead agency in liaison with the MAPPA Coordinator and partner agencies. However, setting regular meetings will allow the opportunity for the systematic review of risk management plans, and in any case, Level 2 cases must be reviewed no less than once every 12 weeks.
Level 3: Multi-Agency Public Protection Panel ( MAPPP)
4.21 The MAPPP is responsible for the management of offenders at Level 3. It is recommended that each Community Justice Authority area identifies at least 1 Level 3 Chair. The MAPPP members must possess the relevant experience and seniority to understand the requirements of Level 3 management and to commit resources to it.
4.22 The criteria for referring a case to the MAPPP are where the offender:
- is assessed as presenting a high or very high risk of serious harm; and
- presents risks that can only be managed by a plan which requires close cooperation at a senior level. This would be due to the active multi-agency involvement in the case and/or because of the unusual resource commitments required;
- although not assessed as presenting a high or very high risk of serious harm, the case is exceptional because the likelihood of media scrutiny and/or public interest in the management of the case is very high and there is a need to ensure that public confidence in the criminal justice system is sustained.
For clarity high and very high risk are defined in MAPPA as:
- High: there are identifiable indicators of risk of serious harm. The potential event could happen at any time and the impact would be serious; and
- Very High: there is an imminent risk of serious harm. The potential event is more likely than not to happen imminently and the impact would be serious.
4.23 Although the offenders managed at Level 3 are not exclusively those assessed as high or very high risk of serious harm, in almost all cases they will be.
4.24 While most are offenders being released from prison, or already being managed in the community, it may also include:
- an offender on discharge from detention under a hospital order (with the health board as the responsible authority);
- an offender arriving from overseas (whether immediately following their release from custody or not); and
- an offender in the community whose assessment of risk of serious harm was categorised as low or medium, comes to present a high or very high risk as the result of a significant change of circumstances.
4.25 Level 3 cases may be referred to Level 2 when for example, the likelihood and impact of risk has diminished or where the management requirements of the case have reduced.
Representation at Level 2 and Level 3
4.26 Key to the effectiveness of Level 2 and Level 3 arrangements is identifying and ensuring the right multi-agency representation and involvement. In determining the level of the representation and the nature of that involvement three factors must be considered:
- The representatives must have the necessary level of seniority and possess the authority to make decisions which commits their agency's involvement and resources. This is important as deferring such decisions will impact negatively on the effectiveness of the multi-agency operation.
- The representatives require the relevant knowledge and experience in risk/needs assessment and management, as well as in partnership working.
- The effectiveness of Level 2 and Level 3 arrangements depends in large part upon establishing continuity. Multi-agency work is often complex and benefits greatly from the continuity of personnel and their professional engagement.
Risk Assessment and Risk Management
4.27 The following information provides an initial reference point and a link to further sources of information either within this guidance or elsewhere.
4.28 The Standards and Guidelines for Risk Management (Risk Management Authority 2013) are for the active and alert risk management  of those who pose a risk of serious harm.
4.29 Risk assessment will:
- involve identification of key pieces of information, analysis of their meaning in the time and context of the assessment, and evaluation against the appropriate criteria;
- be based on a wide range of available information, gathered from a variety of sources;
- be conducted in an evidence-based, structured manner, incorporating appropriate tools and professional decision making, acknowledging any limitations of the assessment;
- be communicated responsibly to ensure that the findings of the assessment can be meaningfully understood and inform decision-making. Risk will be communicated in terms of the pattern, nature, seriousness and likelihood of offending.
4.30 To meet these standards an assessment underpinning a risk management plan will evidence:
- a thorough review and evaluation of information gathered from interviews, file reading, chronologies, multi-disciplinary discussion and collateral sources;
- the use of appropriate risk assessment tools to provide a sound empirical basis for the identification of risk and protective factors;
- detailed analysis of past and current offending in terms of its pattern, nature, seriousness and likelihood;
- an offence analysis that examines how, why and when offending occurs and begins to identify the relevance of risk and protective factors in episodes of offending;
- a formulation of risk that offers an understanding of the interaction and respective role of risk and protective factors in an episode of offending, and helps to identify triggers and early warning signs which may assist in recognising and responding to imminence;
- an evaluation of the current level of risk of serious harm;
- recognition of the limitations of the risk assessment and identification of any case specific issues that may extend beyond the boundaries of professional training, qualification and expertise.
4.31 Risk management will ensure that:
- Risk strategies of monitoring, supervision, intervention and victim-safety planning, and the associated activities which are used to manage the risk posed by offending behaviour, will be tailored to the needs of the individual;
- Measures should be proportionate to the level of risk, defensible, and consistent with the remit of the responsible agencies.
4.32 To meet these standards measures to manage risk of serious harm should:
- be tailored to the individual;
- comprise a balance of preventive, supportive and contingency measures;
- target the specific risks, needs and scenarios identified within the risk assessment and formulation;
- be delivered by means of the risk management strategies of monitoring, supervision, treatment or intervention and victim-safety planning;
- be co-ordinated within a risk management plan which is shared with key partners;
- be regularly reviewed to evaluate progress and ensure the on-going appropriateness of measures.
4.33 A risk assessment and risk management template, including completion guidance, is included within the document set of this guidance.
Defensible Decision Making
4.34 The Framework for Risk Assessment, Management and Evaluation (FRAME) published by the Risk Management Authority (2011) provides an outline of the agreed guiding principles of risk management. This includes a definition of defensible decision making.
4.35 In terms of FRAME a decision is deemed defensible if an objective group of professionals would consider that it meets the following criteria:
- Staff involved have appropriate levels of knowledge and skill and an investigative stance and proactive approach;
- The decision or action is based upon appropriate use of collected and thoroughly evaluated information and a risk assessment using reliable methods grounded in the evidence;
- Planning demonstrates risk management strategies matched to risks and risk level and all reasonable steps have been taken;
- Throughout the process there is communication with relevant others, decisions are recorded, and policies and procedures followed.