Workplace Harassment: 7 Governance Tests for 2026

Workplace harassment is often treated as an HR conduct issue after the complaint arrives, although ILO Convention 190, adopted in 2019, treats violence and harassment as a work-related risk that leadership must prevent. This article gives executives and EHS managers seven governance tests to decide whether their prevention system can detect harm early or only document it late.

Why harassment prevention belongs in safety governance

Harassment prevention belongs in safety governance because the exposure is created by work design, reporting channels, supervision habits, and power relationships, not only by individual misconduct. When leaders isolate harassment inside HR case files, they often miss the organizational conditions that made silence rational.

On the Headline Podcast, co-hosts Andreza Araujo and Dr. Megan Tranter often connect leadership behavior with the conditions that shape better workplaces and better lives. That point matters here because harassment is rarely solved by one policy update. It requires a governance model whose routines make intimidation, retaliation, sexual harassment, bullying, and exclusion visible before the most harmed person has to carry the whole burden of proof.

As Andreza Araujo argues in The Illusion of Compliance, formal compliance can create a false sense of safety when leaders confuse documented intention with operated reality. The same trap appears in harassment prevention. A signed code of conduct may satisfy a file review, while the organization still teaches people that reporting a powerful manager is career risk.

Each quarter without a governance review lets informal power patterns harden, while complaints, absenteeism, turnover, and silence keep accumulating outside the executive safety agenda.

1. The board sees harassment as material risk

Boards should treat workplace harassment as material safety and governance risk because it can damage health, retention, reporting trust, operational attention, and corporate reputation at the same time. ILO Convention 190, adopted in 2019 by the International Labour Conference, established violence and harassment in the world of work as a topic that belongs in prevention, protection, remedy, and enforcement.

The weak pattern is delegating the whole topic to HR after a complaint has already escalated. What most safety systems miss is that harassment can suppress every other risk signal. A maintenance technician who fears humiliation will not challenge a weak permit. A contractor who expects retaliation will not report pressure from a supervisor. A young engineer who is isolated after raising concerns will learn to choose silence.

Executives should require a quarterly view that includes complaint trends, anonymous speak-up themes, high-turnover pockets, unresolved manager conduct cases, and any evidence of retaliation. This is not a request to expose confidential details. It is a request to see whether the system is reducing risk or only protecting the organization after harm becomes formal.

2. The policy names power, not only behavior

A harassment policy is weak when it lists prohibited behaviors but does not explain how power affects reporting, evidence, retaliation, and credibility. The same conduct has different consequences when it comes from a peer, a supervisor, a senior executive, a client, or a contractor who controls access to work.

Across 25+ years leading EHS in multinational environments, Andreza Araujo has repeatedly pointed to the gap between what procedures say and what people believe they can safely do. That gap is central here. A policy can invite reporting, although employees may still read the power map and decide that the safest path is silence.

The practical test is direct. Read the policy and ask whether it tells a worker what happens when the alleged harasser controls scheduling, promotion, overtime, immigration vulnerability, contract renewal, or technical evaluation. If the answer is vague, the policy is written for the average case, while the highest-risk cases remain under-governed.

3. Reporting channels protect weak signals

Reporting channels protect workers only when they make early signals usable without forcing people into a formal accusation before they are ready. Many systems offer a hotline, but the system still fails when the first response is slow, skeptical, exposed, or legally narrow.

This connects directly with receiving bad news at work. Leaders reveal culture through the first response to uncomfortable information. In harassment cases, that first response must protect the person, preserve facts, avoid retaliation, and clarify next steps without promising outcomes the investigation cannot yet support.

EHS and HR should map reporting options by severity and confidence. A worker may need advice, informal risk assessment, formal complaint intake, emergency protection, or external escalation. If every path starts with the same form, the system is administratively tidy but humanly brittle.

4. Retaliation is measured as a leading indicator

Retaliation risk should be measured as a leading indicator because many people fear the aftermath more than the original misconduct. If workers believe reporting will cost them shifts, reputation, promotion, assignments, or social belonging, the organization has a prevention failure before any case is investigated.

The strongest signal is not only whether retaliation was proven. The stronger signal is whether people expect it. That expectation can be detected through exit interviews, pulse surveys, skip-level conversations, grievance themes, and the pattern of who reports versus who stays silent. The Headline article on speak-up metrics gives a useful adjacent lens because harassment prevention depends on whether people believe hard information can move upward safely.

One practical measure is to review every harassment-related report at 30, 60, and 90 days for changes in schedule, supervisor treatment, peer behavior, performance ratings, and assignment quality. 90 days is a useful review window because retaliation often appears after the formal intake, when the organization thinks the immediate risk has passed.

5. Investigations look at systems, not only incidents

Harassment investigations are incomplete when they identify only whether one allegation is substantiated and ignore the conditions around it. The investigation must still answer what made the conduct possible, repeated, tolerated, hidden, or minimized.

James Reason's work on latent conditions helps safety leaders avoid the shallow conclusion that harm begins and ends with one actor. That does not excuse misconduct. It means leaders also ask whether performance pressure, isolated work, leader favoritism, poor contractor control, weak supervision, or previous ignored complaints created a context in which harm could continue.

The better investigation report separates individual accountability from system learning. It asks what happened, who was affected, what protection is needed now, what previous signal existed, which control failed, and who owns the fix. That approach aligns harassment prevention with serious safety practice rather than treating it as a private dispute.

6. Psychosocial risk assessment includes harassment scenarios

Psychosocial risk assessment should include harassment scenarios because ISO 45003, published in 2021 as guidance on psychological health and safety at work, connects workplace conditions with psychological harm. A risk assessment that only measures workload and fatigue misses the relational exposures that make work unsafe.

The existing article on impossible deadlines as psychosocial risk assessment shows how organizational pressure can become health exposure. Harassment adds a different pathway. The exposure sits in intimidation, humiliation, sexual pressure, social exclusion, abusive supervision, client aggression, and repeated disrespect that the organization normalizes through weak response.

HR, EHS, legal, and operations should build scenario reviews for higher-risk contexts such as night shifts, isolated work, travel, field service, temporary labor, customer-facing roles, apprenticeships, and contractor interfaces. The test is whether controls are specific enough to change the work setting, not merely remind people to behave respectfully.

7. Corrective actions change the environment

Corrective actions should change the environment because harassment risk does not disappear when one person receives coaching, warning, transfer, or termination. The organization must test whether the conditions that allowed the harm have actually changed.

In more than 250 cultural transformation projects connected to Andreza Araujo's broader work, one recurring lesson is that culture changes when consequences change. If the workplace still rewards intimidating managers for output, still isolates complainants, or still treats silence as calm, the corrective action has closed the case but not the risk.

The closeout review should include three questions. Did the affected person receive protection and follow-up? Did the team understand what changed without violating privacy? Did leadership adjust incentives, supervision, staffing, or reporting routes that contributed to the exposure? If the answer is no, the action is legal closure, not safety improvement.

Comparison: policy compliance vs governance prevention

Conclusion

Workplace harassment prevention becomes credible when leaders govern it as a psychosocial safety risk, because policies only matter when reporting, protection, investigation, and corrective action work under real power pressure.

For more real conversations on leadership, safety culture, culture diagnosis, and the decisions that shape better workplaces and better lives, follow Headline Podcast and bring these seven tests to your next executive safety review.