Acrónimo: KRI
Un indicador
de riesgos clave (KRI) es una métrica para determinar qué tan posible es que la
probabilidad de un evento, combinada con sus consecuencias, supere el apetito
de riesgo de la organización (es decir, el nivel de riesgo que la compañía está
preparada para aceptar), y tenga un impacto profundamente negativo en la
capacidad de tener éxito de una organización.
Si una organización se especializa en ventas al por menor, por ejemplo, un
indicador de riesgo clave podría ser el número de quejas de los clientes,
porque el aumento de este KRI podría ser una indicación temprana de que hay que
resolver un problema operativo.
El desafío
para una organización no es solo identificar cuáles indicadores de riesgo deben
ser identificados como claves (los más importantes), sino también comunicar esa
información de tal manera que todo el mundo en la organización entienda
claramente su significado.
Identificar indicadores de riesgos clave requiere la comprensión de las metas
de la organización.
Cada KRI
debería ser capaz de ser medido con precisión y reflejar de manera precisa el
impacto negativo que tendría sobre los indicadores de desempeño clave de la
organización (KPI). Los indicadores de rendimiento clave, que a menudo se
confunden con los indicadores de riesgos clave, son las métricas que ayudan a
una organización a evaluar el progreso hacia los objetivos declarados.
http://searchdatacenter.techtarget.com/es/
A subset of risk
indicators that are highly relevant and possess a high probability of
predicting or indicating important risk
ISACA,
Cybersecurity Glossary, 2014
An enterprise may
develop an extensive set of metrics to serve as risk indicators; however, it is
not possible or feasible to maintain that full set of metrics as key risk
indicators (KRIs). KRIs are differentiated as being highly relevant and
possessing a high probability of predicting or indicating important risk.
The Risk IT
Practitioner Guide. November 2009.
A key risk
indicator (KRI) is a metric for measuring the likelihood that the combined
probability of an event and its consequence will exceed the organization's risk
appetite and have a profoundly negative impact on an organization's ability to
be successful.
If an
organization specializes in retail sales, for example, a key risk indicator
might be the number of customer complaints because increase in this KRI could
be an early indication that an operational problem needs to be addressed. The
challenge for an organization is not only to identify which risk indicators
should be identified as being key (most important) but also to communicate that
information in such a way that everyone in the organization clearly understands
its significance.
Identifying key
risk indicators requires an understanding of the organization's
goals. Each KRI should be able to be measured and accurately reflect the
negative impact it would have on the organization's key performance indicators
(KPIs). Key performance indicators, which are often confused with key
risk indicators, are metrics that help an organization assess progress towards
declared goals.
http://searchcio.techtarget.com/
A Key Risk
Indicator, also known as a KRI, is a measure used in management to indicate how
risky an activity is. It differs from a Key Performance Indicator (KPI) in that the latter is meant as a measure
of how well something is being done while the former is an indicator of the
possibility of future adverse impact. KRI give us an early warning to identify
potential event that may harm continuity of the activity/project.
http://en.wikipedia.org/wiki/Key_Risk_Indicator
Temas relacionados