CRISC - Risk Response and Reporting - Section 3.10
Report risk and control status to stakeholders using metrics such as KPIs, KRIs and KCIs and appropriate visualisations.
Report risk and control status to stakeholders using key risk indicators (KRIs), key performance indicators (KPIs), and key control indicators (KCIs) presented in appropriate visualisations such as heat maps and dashboards. Design each metric to be actionable, distinguishing lagging indicators that confirm past outcomes from leading indicators that signal emerging risk.
Key risk indicatorsKey performance indicatorsKey control indicatorsRisk reporting
More in this domain
Back to all Risk Response and Reporting objectives, or the CRISC cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.