- Report this article
Marco Nutini 
Marco Nutini
Risk modeling and uncertainty visualization for decision-making. RISK LEAP Methodology Founder.
Published Aug 29, 2022
+ Follow
The standard answer for that question is: KPIs measure positive things that you want to happen, while KRIs measure negative, undesirable events. Hence, KPIs have more “status” in strategic planning meetings and KRIs are suited for the Risk Committee.
For example:
KPI = Customer satisfaction
KRI = Customer complaints
There are also KCIs: Key Control Risks, that measure if the controls are being applied effectively, such as "mean time to respond to a customer complaint".
If customer satisfaction is at risk, going down the drain, may we declare it is also a KRI? Surely, it would be a case of KPI with a dual personality.
And what if there is a goal for reducing complaints? Could the KRI also be declared a KPI as well? Of course, because we are dealing with expected performance and that is a positive thing.
In both situations, the two indicators will be managed at distinct instances: performance management and risk management. OK?
No, not OK at all. That's the problem of putting similar things in different buckets with labels in them.
That debate is quite useless, agree? Monitoring indicators is a crucial management activity, no doubts, but nobody should feel compelled or obliged to maintain a separate KRI dashboard with a minimum of one indicator per identified risk. This “rule of thumb” only stresses the problem of managing risks one-by-one and missing the bigger picture.
Performance and risk are inseparable but, for many historical reasons, companies have experts in each area, sometimes with poor integration. Risk management is being bolted on bottom-up, instead of built in top-down, that’s the point.
I am not against KRIs as a concept. If we visualize an airplane's dashboard, there are some critical “business” instruments—speed, altitude, angle of attack, wing inclination, direction of flight—and some “technical” alarms, such as stall warning, fuel, oil pressure, etc., which make up the KRI set.
Now, let’s separate the crew into 2 teams, one monitoring KPIs and another following the KRIs. This latter crew will sit in the back of the plane and will cry wolf in the microphone when an alarm goes on. Not a very smart thing to do, right? To fly the plane safely, the pilot needs to understand the entire system, and she should not worry at all if an indicator is a KPI or a KRI.
In a utopian parallel universe, Performance Management and Risk Management would form a cohesive body of knowledge, because you can’t forecast or evaluate performance if you don’t adjust for risk.
In this real universe we live in, though, time lags create conflicts of interest between short and long term. Add to that power plays; a mindset plagued by the Flaw of Averages (1); and the misunderstanding of uncertainty, and it becomes easy to figure out why we see two disciplines where there is only one.
Recommendations
(1)Title of the excellent book by Sam Savage about (the problem of) making decisions based on deterministic information and planning based on expected value.
Help improve contributions
Mark contributions as unhelpful if you find them irrelevant or not valuable to the article. This feedback is private to you and won’t be shared publicly.
Contribution hidden for you
This feedback is never shared publicly, we’ll use it to show better contributions to everyone.
Risk is not a Number
Risk is not a Number
2,033 followers
+ Subscribe
Like
Celebrate
Support
Love
Insightful
Funny
82
29 Comments
Charles Schrock
𝙃𝙚𝙡𝙥𝙞𝙣𝙜 𝙖𝙪𝙙𝙞𝙩𝙤𝙧𝙨 𝙜𝙚𝙩 𝙨𝙩𝙧𝙖𝙩𝙚𝙜𝙞𝙘
1y
- Report this comment
Marco Nutini - Thanks for your post. You're right. Buckets are a huge waste of time. And, unfortunately, they seem to be a foundational part of risk management. I'm glad you're working to help rid us of these troublesome creations. I don't care what you call them. Metrics are established and monitored as an important governance tool -- an early warning that something might warrant looking into. I've had great success explaining that there are two basic types of metrics that should be tracked. Those that relate to fundamental assumptions and form the underlying validity of a strategy (e.g., economic assumptions) which I usually refer to as "KRI" (just because people expect us to use this acronym). And the other relates to performance metrics, which I usually refer to as "KPI". If any metric is going south, it simply indicates that the associated strategy may be at risk. So go take a look.
1Reaction
Sabrina M. Segal JD MIP CFE
🤝 Third-sector Integrity, Risk, and Compliance Advisor | 🎙 Tolerable Risk podcast host | 🎓 Doctoral candidate at the University of Bath
1y
- Report this comment
What a mess! Just focus on the objectives and leave the alphabet soup behind 👍
1Reaction 2Reactions
Jamie Marzonie, PMP
Delivering VALUE from Uncertainty
1y
- Report this comment
Agree with lots of this and the comments. I am an advocate of KPM - Key Performance Metrics to help drive that risk is related to business and performance objectives that should be quantified in the same way we do other quality work. The KPM should set the boundaries for when a process is in control, the warning boundaries, and the "Oh No" trigger the contingency plan boundary. As should be +/-, to also provide some feedback if our approaches to opportunity performance are working.
1Reaction
Adrian Clements
Chief Risk Officer | Enterprise Risk Manager | Board Adviser | Strategy Management | International | Production Enhancement | ESG | Sustainability
1y
- Report this comment
Nice article. I dont believe we can get away from reporting on some sort of indicators and I really dont mind what name you give them. Leading is better than lagging but regardless there is a tendency to use traditional indicators. Ones that everyone uses and ones that are supported by the software we use or the technology. I believe risk managers need to help risk and opportunity owners to define these indicators better. Create new ones through driver trees or some other format. I have seen so many times that people manage the index used rather than whats behind it. So if we are creative in managing the KPI we should put the same energy in gettering the right KPI in the first place.
1Reaction 2Reactions
See more comments
To view or add a comment, sign in
More articles by this author
No more previous content
- The UK National Risk Register and Its Heat Maps Sep 19, 2023
- GAME OVER FOR COLOUR CRITERIA? THE RISE OF “AS WE SPEAK MONTE CARLO SIMULATION” Apr 29, 2023
- DON’T ASK FOR A NUMBER, ASK FOR A MODEL! Apr 10, 2023
- SCREAMING RISK INDICATORS AND OTHER SIMILARITIES... Mar 20, 2023
- ARE YOU NUTS? A RISK QUANTIFICATION TRAINING PROGRAM IN BRAZIL? Oct 28, 2022
- You have a chance to see the Future Oct 12, 2022
- ENTERPRISE RISK MANAGEMENT: A PANACEA OR JUST A WAY OF RUNNING BUSINESS? Oct 3, 2022
- THE QUESTION THAT WON’T GO AWAY: WHAT IF WE JUST ABANDON “RISK MANAGEMENT”? Jul 28, 2022
- RISK AND DECISION: EGG OR CHICKEN? Jun 29, 2022
No more next content
Sign in
Stay updated on your professional world
Sign in
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Insights from the community
- Sampling How do you use sampling to support decision making and risk management?
- Problem Solving How can you balance risk management and problem solving in retail?
- Quality Improvement Tools How do you use affinity diagrams to organize and group risks into categories and themes?
- Risk Management How can risk management and sales teams collaborate to mitigate financial risks?
- Enterprise Risk Management How do you use value stream mapping to identify and prioritize key risks in your enterprise?
- Risk Management How can you become an IT risk management specialist in retail?
- Operations Research What are the most common statistical models for analyzing operational risks?
- Risk Management How can you differentiate between correlation and causation when assessing risks?
- Systems Engineering How can you use risk analysis to improve system requirements?
- Product Road Mapping How do you incorporate risk analysis and mitigation into your product road map process?
Others also viewed
- Barcode Quality is Risk Management John Nachtrieb 9y
- Delivery risk management-2 Saurabha Majumdar 7y
- Conduct risk: aligning product, customer, and value Dilip Mohapatra 5y
- Delivery Risk Management – 4 Saurabha Majumdar 7y
- How to craft a TPA Questionnaire: A 3rd Party Risk Management Primer Aaron Kraus 🍪 8y
- Risk Management Is A Necessary Evil, But The True Art Is TakingRisks Tom Vogel 7mo
- Risk in Focus: Director of Customer Success at Galvanize | Asia Victoria Robinson FCIM 4y
- The Evolution of Risk Management Natalie Henfrey FCIPS ExDip Chartered 6y
- Round Table Discussion of CROs and CCOs on Challenges - to meet Stakeholder Expectations! Sonjai Kumar, CFIRM, SIRM, Certified Risk Management Professional, IRM 5y
- Risk Management - Why it is a Must! Huynh Thien An APRM™ MBA 8y
Explore topics
- Sales
- Marketing
- Business Administration
- HR Management
- Content Management
- Engineering
- Soft Skills
- See All
