Key Risk Indicators -A Powerful Tool to Anticipate Your Risk Within the Enterprise

Key Risk Indicators -A Powerful Tool to Anticipate Your Risk Within the Enterprise

Vinod Menon
Head – Customer Success
Vinod Menon
Head – Customer Success

In simple terms, Key Risk Indicator (KRI) is a metric used to measure the level of exposure to risk. These are indicators that denote the unfavourable situation or troubles ahead which could have a negative impact on the enterprise.

KRIs are important

  • As they help in highlighting a trend and predicting the potential high-risk area.
  • Highlighting the weakness in the controls
  • Take corrective action like strengthening the controls, proactively implementing a remediation plan, etc.

 

Key features of a good KRI include the following:

  • KRIs to be mapped to each major risk faced by the enterprise. For example, If Technology Risk is one of the major risks faced by the enterprise, then KRI should be defined to address this specific issue.
  • KRIs should be well defined and relevant to provide meaning full insight to the risk.
  • KRIs should be measurable and should not be based on subjective judgement.
  • Ability to define multiple levels of KRI viz. Acceptable level, Warning level, and danger level. (Green/Amber and Red Zone)
  • The business team should have absolute clarity on the rationale of the KRI.

 

Risk teams to ensure that, while defining a KRI the following details should be part of the definition:

Risk Name Technology Risk
Risk Sub Classification Technology – Development Risk
KRI Name Percentage of Scheduled Maintenance Activities Missed
KRI Description The number of scheduled maintenance activities related to company devices (workstations, network equipment, servers) that did not take place on or before their scheduled date as a percentage of all maintenance activities scheduled to occur over the same period of time.
KRI Objective This metric measures the IT function’s adherence to preventative and scheduled maintenance plans. Missed scheduled maintenance activities increase the likelihood of service interruptions, productivity losses, and security incidents. Instances of missed schedule maintenance activities should be traced back to the responsible party to identify and correct the root cause.
Computation Formula (Number of Scheduled Maintenance Activities Carried Out On-Time / Total Number of Scheduled Maintenance Activities to be Carried Out) * 100
Level Definitions Acceptable Level – above 75%, Warning level – 60% – 75%, Danger level- below 60%

Though the importance of defining a KRI was explained earlier, it is also important to make the team members aware of the same. There needs to be a clear-cut alert and notification mechanism to ensure that the responsible officer is alerted on the same and also the remediation plans need to be well documented.

Are you interested to know how the Key Risk Indicator feature works in GIEOM Risk Central? Request a demo here.

Recent Blog’s

Share

Explore more

Simple steps to Automate and Standardise your Risk & Control Self Assessment (RCSA)
Risk Management

Simple steps to Automate and Standardise your Risk & Control Self Assessment (RCSA)

Risk and Control Self Assessment process is a widely accepted methodology used by banks, financial companies, insurance companies and others to identify and assess the …

Hongkong’s Regulations for Operational Resilience
Operational Resilience

Hongkong’s Regulations for Operational Resilience

On 22nd December, 2021 HKMA (Hong Kong Monetary Authority) came up with a Supervisory Policy Manual for Operational Resilience to provide Authorized Institutions (AI) with …

Irelands’ Financial Service Sector Guidance on Operational Resilience
Operational Resilience

Irelands’ Financial Service Sector Guidance on Operational Resilience

The Central Bank of Ireland`s objective of this guidance is to communicate to industry how to prepare for, respond to and recover and learn from …

New Operational Resilience Regulation
Operational Resilience

New Operational Resilience Regulation for Financial Institutions in United States (USA)

The Federal Reserve, the Central Bank of the United States in August 2021 has released a paper intended to help community banks assess threats when …

Process Mapping is an important step in building an Operational Resilience Framework
Operational Resilience

Process Mapping is an important step in building an Operational Resilience Framework

The Covid -19 pandemic has clearly shown two trends within firms: The intensified use of technology and Operations can be managed through digital work force …

What is Game-Based Employee Onboarding? Tips and tricks to implement the right gamification strategy
Game-based Learning

What is Game-Based Employee Onboarding? Tips and tricks to implement the right gamification strategy

Learning begins with joining. Effective Onboarding contributes to a newbie commencing with confidence, feeling supported, and acclimatizing much sooner. Conversely, employees who spend weeks and …

Strategies for Improving Banks’ Operating Efficiency
Digital Transformation

Strategies for Improving Banks’ Operating Efficiency

Banks occupy a place of pride because of its structure of undivided attention and contemporary functions. They have come an extended way from merely performing …

Get started with Digital Identity Verification
Digital Identity

Get started with Digital Identity Verification

In a growing interconnected digital economy, identity verification of an individual’s real-world identity against their digital one has become ever critical in fraud detection. The …

Growing Importance of Operational Resilience in the Digital Era
Operational Resilience

Growing Importance of Operational Resilience in the Digital Era

Operational Resilience assumes that things will go wrong, and it will force organizations to plan on how to recover from the disruption. It is a …

Why are organizations jumping onto the AI-enabled Identity verification bandwagon?
Digital Identity

Why are organizations jumping onto the AI-enabled Identity verification bandwagon?

Who has not experienced being asked to show some kind of government ID, be it to receive your courier, or check into a hotel, or …

What is Identity Proofing?
Digital Identity

What is Identity Proofing?

As per the Digital Identity Guidelines published by NIST, a US agency, Identity Proofing is verifying the claimed identity of an applicant by authenticating the …

New Amendment to KYC Regulation by RBI
Digital Identity

New Amendment to KYC Regulation by RBI – 10th May, 2021

In Jan 2020, Reserve Bank of India amended the KYC norms allowing banks and other lending institutions to use Video based Customer Identification Process (VCIP) …

5 Steps to a Successful Execution of a Digital Transformation Project
Digital Transformation

5 Steps to a Successful Execution of a Digital Transformation Project

Digital Transformation is bringing about a radical shift in the way you run your business, deliver services or manage your customers. The objective of digital …