What are the 4 keys to identify risk used to develop controls?

Answer 1

Before any reaon answer can be given it has to be remembered that within the development of the KRI (key risk indicators) each company with a specific business model with have differing risk issues to consider. There are no real generic KRI's. There are however, KRIs that can be seen as similar across many different companys but these will have a differnet structre to them.

Possible indicatiors you could yuse are:

1 Does the indicatior allow you to drill right down through the base cause of the problem.

2. Does your selected indicatior actually detect a risk?

3. Does the indictor you selct actually allow you to monitor the risk?

4. Is it a lead indictor (one the allows for sub indictors to be created thus allowing for wider vision of a threat appearing

5 If the indictor you choose to use show any shortfall in the controls you put in place

6 Does the control help you measure the extent of the rick. i.e. will it reporg back a green risk - low and controlled - yellow risk need more control and will have medium impact on your business or at worse red control - the business is in trouble if this happens and the controls - actions will not be enough to stop the issue

7. will the control help manage the exposure to the risk?

8 is the indicator a trending indicator - thus showing you a pattern to the issue occuring.