Risk Insight dashboard
13 min
this dashboard helps spot risks early and take action faster by combining performance, health, and risk insights in one view overview risk insights within the framework are level 3 correlation indicators that provide early warnings and actionable intelligence by combining operational performance, control of health and risk signals the model is built on three levels kpis measure process performance, kcis assess control effectiveness and kris deliver strategic risk views together, these insights translate complex data into scenario‑based intelligence, enabling leaders to identify emerging risks and take proactive action before issues materialize users can access the risk insights dashboard from by following these steps from the main menu , go to services → kyndryl services → → risk insights configuration drift risk index (cdri) the configuration drift risk index (cdri) dashboard highlights critical configuration risks and recommends immediate escalation actions to reduce potential impact the following three sections are displayed on this dashboard key risk indicators the following key risk indicators are displayed to users total risk score risk scores show the percentage level of risk detected chi (compliance health index) it is calculated as the average of the organization’s compliance posture and depth view scores ncr (non compliance risk) measures the proportion of assets that do not meet defined compliance requirements sce (scan coverage effectiveness) measures how thoroughly security scans cover the organization’s identified assets weightage considered graph the weighting considered graph illustrates how each key indicator is weighted to calculate the overall risk score level 1 indicators the level 1 indicators table on the right side of the graph enables users to analyze the following indicator name identifies the specific metric used to track compliance, risk, or asset coverage within the environment the following categories are available overall compliance posture non compliant asset count compliance depth view scan coverage adherence total managed assets value represents the quantitative measurement associated with the indicator, expressed as a percentage or numeric count compliance posture indicates the classification used to group the indicator value into predefined compliance categories for improved visibility and prioritization internet facing exposure risk index (iferi) the internet‑facing exposure risk index (iferi) dashboard indicates a high‑risk condition, requiring remediation within 30 days to reduce exposure the following three sections are displayed on this dashboard key risk indicators the following key risk indicators are displayed to users total risk score risk scores are categorized into four severity levels to guide prioritization and response actions ici (internet facing compliance index) compliance level of internet exposed assets ifvr (internet facing vulnerability risk) risk from vulnerabilities on internet exposed assets ifpg (internet facing patch gap) missing security patches on internet exposed assets weightage considered the weighting considered graph illustrates how each key indicator is weighted to calculate the overall risk score level 1 indicators the level 1 indicators table on the right side of the graph summarizes the organization’s overall compliance status and enables users to analyze the following indicator name identifies the specific metric used to track compliance, risk, or asset coverage within the environment the following categories are available internet facing assets internet facing non compliant assets internet facing vulnerable assets internet facing unpatched critical assets total internet facing compliant assets value represents the quantitative measurement associated with the indicator, expressed as a percentage or numeric count compliance posture indicates the classification used to group the indicator value into predefined compliance categories for improved visibility and prioritization vulnerability exposure index (vei) the vulnerability exposure index (vei) dashboard indicates a low‑risk condition ongoing monitoring is recommended on a quarterly basis the following three sections are displayed on this dashboard key risk indicators the following key risk indicators are displayed to users total risk score risk scores are categorized into four severity levels to guide prioritization and response actions vsi (vulnerability severity index) overall severity of identified vulnerabilities kevr (known exploited vulnerability risk) risk from vulnerabilities that are actively exploited scg (scan coverage gap) difference between expected and actual scan coverage rli (remediation lag index) time delay between detection and remediation weightage considered the weighting considered graph illustrates how each key indicator is weighted to calculate the overall risk score level 1 indicators the level 1 indicators table on the right side of the graph summarizes the organization’s overall compliance status and enables users to analyze the following indicator name identifies the specific metric used to track compliance, risk, or asset coverage within the environment the following categories are available kevs vulnerabilities per scan oldest critical unscanned assets critical value represents the quantitative measurement associated with the indicator, expressed as a percentage or numeric count compliance posture indicates the classification used to group the indicator value into predefined compliance categories for improved visibility and prioritization patch management effectiveness index (pmei) the patch management effectiveness index (pmei) dashboard indicates a medium‑risk condition, with remediation recommended within 60 days the following three sections are displayed on this dashboard key risk indicators the following key risk indicators are displayed to users total risk score risk scores are categorized into four severity levels to guide prioritization and response actions psci (patch sla compliance index) measures how consistently patches are applied within defined sla timelines cpbr (critical patch backlog risk) indicates the volume of critical patches that remain unapplied over time pldl (patch deployment lag) measures the average delay between patch release and deployment pse (patch sucess effectiveness) indicates how successfully patches are deployed without errors or rollbacks weightage considered the weighting considered graph illustrates how each key indicator is weighted to calculate the overall risk score level 1 indicators the level 1 indicators table on the right side of the graph summarizes the organization’s overall compliance status and enables users to analyze the following indicator name identifies the specific metric used to track compliance, risk or asset coverage within the environment the following categories are available average time to patch ( mttp) patch backlog low patch backlog medium patch backlog high patch backlog critical value represents the quantitative measurement associated with the indicator, expressed as a percentage or numeric count compliance posture indicates the classification used to group the indicator value into predefined compliance categories for visibility and prioritization asset lifecycle risk score (alrs) the asset lifecycle risk score (alrs) dashboard indicates a critical risk condition, requiring immediate escalation to mitigate potential impact the following three sections are displayed on this dashboard key risk indicators the following key risk indicators are displayed to users total risk score risk scores are categorized into four severity levels to guide prioritization and response actions eap (eol/eos asset prevalence) indicates the proportion of assets that have reached end‑of‑life (eol) or end‑of‑support (eos) bcer (business critical eol risk) measures the risk posed by eol or eos assets that support business‑critical services ifee (internet facing eol exposure) indicates the exposure risk of internet‑facing assets that are at eol or eos rui (remediation urgency index) reflects how urgent remediation actions are required based on risk severity and exposure weightage considered the weighting considered graph illustrates how each key indicator is weighted to calculate the overall risk score level 1 indicators summarizes the organization’s overall compliance status level indicators offer comprehensive information regarding indicator name identifies the specific metric used to track compliance, risk or asset coverage within the environment the following categories are available total eol/eos assets software eol percentage hardware eol count hardware eos count average age of eol assets value represents the quantitative measurement associated with the indicator, expressed as a percentage or numeric count compliance posture indicates the classification used to group the indicator value into predefined compliance categories for improved visibility and prioritization