← Cybersecurity Alphabet Soup

KRI

Key Risk Indicator

governancehard

A metric that signals rising risk exposure before an incident happens, such as the number of unpatched critical vulnerabilities or overdue access reviews. KRIs give risk committees early warning, in contrast to KPIs which measure performance. Choosing KRIs tied to actual loss scenarios is a core skill in risk management programs.

Sources

More in governance