Key Risk Indicator (KRI)

 

What is KRI?

Key risk indicator is same as key performance indicator. but KRI focus on risk and try to predict the future by raise an early warning and alert the user about the probable risk. while KPI is used to monitor the performance over time and based on the current and history information.

How to define your KRIs [KRI Definition]:

Define a risk: First you need to risks that you want to be alerted for.

Define a metric: the next step is define your metric. a metric is a number that will be use to measure the current risk level

Define a threshold: threshold is a risk apatite that means when your metric reached that level then the risk is most probably will occurs.

Build your KRI: KRI will give you a warning when your metric approaches the limit or risk threshold defined. 

Key risk indicator example:

Define a risk: PC CPU is being damaged due to overheat

Define a metric:

• CPU Usage %
• CPU Temperature.

Define threshold:

• CPU Usage % : 90%
• CPU Temperature: 120 C

Build KRI:

• CPU Usage %
• OK [Green] < 50%
• Take Care [Yellow]: between 50% and 80%
• Take an action [Red]: > 90%
• CPU Temperature:
• Ok [Green] < 90 C
• Take care [Yellow]: Between 90 And 110
• Take an action [Red]: >110 

 

Early warning system:

Early warning system is a set of KRI defined to watch or monitor set of risk and send an early warning or alert when the probability of risk occurring is increased. Usually for each identified risk a risk owner should be assigned. Risk owner is the person who should know the response plan for a specific risk if the alarm from that risk happen. he should follow the process and the pre-define plan to overcome the risk.

For extreme important risk you should build a fast alerting methods than displaying the KRI results in a dashboard. you don’t want to wait till some one open his PC and start looking in risk dashboard for warnings. in extreme cases you configure your system to send e-mail or SMS message to risk owner and other related stakeholder.

You need to differentiate between warning messages, Information messages and alarming messages.

Risk Management Process:

Identify risks: In this step you need to list all risk that may affect your goal.

Sort risks: after that you need to assign an impact and probability for each risk. then you have to rank them based on that.

Identify the risks to be monitored: Based on the last step you will make a sort list of the important risks that really will cause you a problem if they occurred. and make another watch list with the excluded risks. 

Create a response plan: For the final risk list you need to assign a risk owner and create an associated risk plan for each. The risk owner should know exactly what he should do when a risk occurred .

Create your KRI: to monitor your risk and give the warning when an action need to be taken.

 

References & other links:

• What is Dashboard?[http://business-intelligence-and-dw-concepts.blogspot.com/2013/10/what-is-dashboard.html]
• What is Key performance Indicator? [http://business-intelligence-and-dw-concepts.blogspot.com/2013/10/what-is-key-performance-indicator-kpi.html]