KRI is a metric that provides information on the level of exposure to a given operational risk which the organization has at a particular point in time. Key Risk Indicator can be measured in terms of percentages or numbers.
KRIs are measures that enable risk managers to identify potential losses before they happen. KRI’s must regularly be monitored, and reported to organisation’s management so that they are informed to take informed strategic decisions. The primary role of a KRI is to track trends over a period of time, these trends are then converted into early warning signals.
Once the KRIs are selected, the management defines the thresholds basis which the risk mitigation plans will be triggered.
KRIs are an important tool within risk management and are used to enhance the monitoring and mitigation of risks and facilitate risk reporting
Key Characteristics of Effective KRIs
Types of KRIs
Leading KRIs : These KRIs are measures that are considered predictive in nature. They are derived from metrics that can help to forecast future occurrences.
Lagging KRIs : These KRIs are metrics based on historical measures. These help to identify trends in the firm.
Advantages of KRIs
Enhanced understanding of risk dynamics: Defining and monitoring KRIs provides a deeper insight into the key threats to the organization
Proactive risk strategies: With a greater understanding of the risk dynamics the management team can define more accurate methods to assess and minimize potential risks
Well Defined Risk tolerance levels: Using KRIs, the management can define the company’s tolerance threshold and the risk limits that trigger a corrective action
Deeper insight into past and emerging risk trends: Periodic and regular monitoring of KRIs provides the organisation with a more accurate view of the risk trends. These might be used to determine which activities or business lines are more vulnerable and need further monitoring, as well as new opportunities for growth.
Examples of Key Risk Indicator (KRI)
System Availability – Up Time
Total number of service request opened
Percentage of Requests Not Resolved within SLA
Capacity Management – Number of Instances Where Systems Exceeded Capacity Requirements
Percentage of System/Application Unplanned Downtime
Percentage of Changes Considered Emergency Changes
As we would not want to completely avoid operational risks, it is impossible, but there are several options to minimize their impact as much as possible.
As we would not want to completely avoid operational risks, it is impossible, but there are several options to minimize their impact as much as possible.