KPI (Key Performance Indicator)

Key performance indicators measure whether a management system is achieving what it set out to do. In security, a KPI might track patch timeliness, phishing simulation results, or the percentage of assets with an assigned owner.

KPIs make performance visible and support continual improvement. They differ from key risk indicators, which warn about rising exposure rather than measuring delivery.