Il governo della performance dei processi di business : dai Key Performance Indicators ai Key Risk Indicators

The recent paper issued by COSO ["Developing Key Risk Indicators to Strengthen Enterprise Risk Management" (Coso, 2010)] is the starting point of this article whose aim is to discuss the relevance of the business process dimension in the design and implementation of Key Risk Indicators. The Authors analyze the reasons of the systematic underestimation of the business process dimension in the COSO papers and debate the implications that the explicit consideration of the business process dimension has on the design of KPIs and, consequently, of KRIs. A framework for the design of a system of KRIs is proposed, into which risk indicators are classified both according to their external versus internal genesis and to the type of risk factors they monitor (human resources, work processes and methodologies, technology and information systems). The proposed framework is illustrated by means of a case study. In the concluding pargaraphs, guidelines are suggested in order to integrate the proposed framework and the COSO KRIs’ framework, in the light of both its contributions and its limitations.