This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
4. - Risk management terms for CIOs: Read more in this section
Explore other sections in this guide:
- 1. - Enterprise risk management is not to be overlooked
- 2. - Risk advice from Baroness Pauline Neville-Jones
- 3. - Innovative enterprise risk management strategy for new technologies
A key risk indicator (KRI) is a metric for measuring the likelihood that the combined probability of an event and its consequence will exceed the organization's risk appetite and have a profoundly negative impact on an organization's ability to be successful.
If an organization specializes in retail sales, for example, a key risk indicator might be the number of customer complaints because increase in this KRI could be an early indication that an operational problem needs to be addressed. The challenge for an organization is not only to identify which risk indicators should be identified as being key (most important) but also to communicate that information in such a way that everyone in the organization clearly understands its significance.
Identifying key risk indicators requires an understanding of the organization's goals. Each KRI should be able to be measured and accurately reflect the negative impact it would have on the organization's key performance indicators (KPIs). Key performance indicators, which are often confused with key risk indicators, are metrics that help an organization assess progress towards declared goals.