You can derive many metrics for your portfolio depending on your need. For example:
(1) Number of risky projects - a simple measure
(2) Number of cross-project risks - those risks that are capable of causing risks in other projects
(3) Depth of related risks tree - if you have (2), then you can estimate how deep a risk trigger could go
I understand that some project risks could also be portfolio-level risks. But, the PM has to ensure the success of each project. Therefore, I don't think that there is a way out of risk assessment for each project within the portfolio.