Skip to content
Skip to main content

About this free course

Download this course

Share this free course

Risk management
Risk management

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

1.2 Risk key performance indicators (KPIs)

Good risk review meetings often look to key performance indicators (KPIs) to help inform the debates and discussions.

There are many risk KPIs: some measure the process, some measure the result, some measure the amount (or value) at risk. Others look to be leading indicators predicting the direction of travel that a risk is likely to take. The key thing is to have a range of metrics that cover the breadth and depth of activity. Here are a few of the common areas to measure:

Table 1 KPIs
The amount of risk being taken

Value at risk (see Session 4)

Risk profile and details of any risks out of appetite

Change of risk levelKey risk indicators (KRIs)
Risk treatment compared with plan

Amount of risk reduction achieved (compared to plan)

Performance of controls (e.g. internal audit and other assurance findings)

Timely completion of mitigation actions

Compliance metrics

Completion of risk training

Compliance with risk management policy and other directives

Coverage metricsAreas of the organisation performing or not performing risk management
Measure of incidents

Incidents (and re-occurring incidents)

Health and safety performance (e.g. HPI (or fatality rates) per million working hours)

MaturityIs the approach to risk management comprehensive and effective?