Key risk indicator KRIs are indicators or metrics used to measure the risks a business is exposed to. Think of KRIs as an early warning system, like an alarm that goes off when the company’s risk exposure exceeds tolerable levels. In this way, KRIs help you to monitor risks and take early action to prevent or mitigate crises.
KRIs should be measurable and quantifiable. Examples might include:

  • Financial KRIs: economic downturn, regulatory changes
  • People KPIs: high staff turnover, low staff satisfaction
  • Operational KPIs: system failure, IT security breach

KRIs aren’t about monitoring every single risk facing the business but focus on the most critical indicators for managing the highest risks – and these will vary from business to business in line with the company’s objectives and priorities. What constitutes a key risk for one business may not be important for another. Or what was a key risk for your business last year may not be a key risk this year, and so on.
KRIs are typically measurable, i.e., they can be quantified in terms of percentages, numbers etc. They are predictable and are often used as early warning signals, while also tracking trends over a period of time.
In a certain sense, KRIs could be understood as the antithesis of Key Performance Indicators (KPIs). While KPIs show how well a company is doing, KRIs are designed to warn management about potential sources of risk.