Risk indicators, Key Risk Indicators (KRI) They are a very valid instrument when evaluating the status of a specific risk that the organization is interested in having more control over and over which it wants to carry out more detailed monitoring. As they say, KRIs serve to “measure the temperature” of risks on a periodic basis.

Within a Management System Compliance, the indicators are the parameters that inform about the operation of the QMS itself. It is very important that, prior to establishing indicators, the Control Function Compliance has carried out a detailed analysis of the potential risks of compliance in all departments, areas and work centers, detecting and analyzing where there are higher risks.

The function of Compliance You will have to decide which risk indicators are to be monitored, defining the risk indicator, the way in which it will be measured, the size of the samples to be taken and the establishment of tolerance thresholds. All of this work will be key for the Function of Compliance can obtain relevant conclusions about the risk status.

Of course, the definition of risk indicators will vary from one organization to another and will depend on the characteristics of each one. Among others, the Function of Compliance will take into account elements such as the following to define the indicators:

The activity carried out by the organization.
The applicable regulatory and legislative framework.
Supervisors' priorities.
Incidents previously detected in the organization and in organizations in the sector.

Measurements of the indicators should be carried out with a short periodicity, for example, once a month or semiannually, to be able to effectively monitor the evolution of risk indicators and their tolerance thresholds.

If the risk indicator deviates from the tolerance threshold then that risk should be monitored more closely and, if the deviation between both values is repeated over several periods of time, it will allow possible control deficiencies to be identified and corrected early.

The internal procedures will establish the actions that the Compliance Officer will have to be taken into account when monitoring risk indicators.

You will be able to learn about all these concepts and many more and specialize in them through the indispensable Master in Compliance & Data Protection Management of the EIP International Business School.

Subscribe to our newsletter to stay up to date with all the news

Name and surname *

Email *

*I give my express consent and accept the Privacy Policy.

Basic information on data protection.
Responsible for the treatment: Mainjobs Internacional Educativa y Tecnológica SAU
Purpose: Manage your subscription to the newsletter.
Legitimation for processing: Explicit consent of the interested party granted when requesting registration.
Transfer of data: No data will be transferred to third parties, except under legal obligation.
Rights: You may exercise the rights of Access, Rectification, Deletion, Opposition, Portability and, where applicable, Limitation, as explained in the additional information.
Additional information: You can consult additional and detailed information on Data Protection at https://www.mainfor.edu.es/politica-privacidad