Risk Metric denotes any condensed assessment of risk that distils a quantitative, qualitative or hybrid Risk Analysis into a simple indicator or value that aims to express a degree of risk. Risk metrics are the primary means by which an organization communicates, debates and decides on risk management actions.
More specifically a risk metric may be used to measure:
- The amount of exposure to a given risk or set of risks
- The effectiveness of any controls that have been implemented to reduce or mitigate a given risk exposure
- The performance of the risk management framework
- Quantitative, qualitative or hybrid. Quantitative metrics may involve a more or less complicated Risk Model.
- Addressing individual risks or portfolio risks. In the later case the more technical term Risk Measure denotes a risk metric derived from a Risk Distribution
- Institute of Operational Risk, Key Risk Indicators, Nov 2010