An alert triggered by exceeding network bandwidth usage is a key risk indicator (KRI). It's an indicator that something unusual is happening on the network that could be a sign of an increased risk, such as a denial-of-service attack or unauthorized activity.
It's not a threat (A) itself, but a potential sign of a threat. It's not a risk event (B) yet, but it could indicate an increased likelihood of a risk event. It's not a lag indicator (C) because it's alerting in real-time, not after the fact.
[Reference: ISACA materials on risk monitoring and KRIs, often within the Risk IT Framework and related publications, provide examples of KRIs. Network activity, including bandwidth usage, is often cited as a potential KRI for various IT risks., ]
Submit