HOME OF FAIR

THE STANDARD QUANTITATIVE MODEL FOR INFORMATION SECURITY AND OPERATIONAL RISK

Join leading information risk, cybersecurity and business executives to collaborate on the development and the sharing of industry-leading best practices for quantifying and managing information risk.

A STANDARD BY
partners_12
TECHNICAL ADVISOR
partners_09
SPONSORS
partners_09
EDUCATION PARTNERS

partners_03      partners_06      partners_17       FAIR_yellow_49                        

RECENT BLOGS

Now Available: Practice FAIR with Our Free Training App

Big news if you’re a student of FAIR, an organization evaluating FAIR before taking the plunge on a paid risk analysis solution, a do-it-yourselfer who’s been running FAIR on a spreadsheet, or just curious about the buzz around the quantitative model that’s shaking up the risk-analysis profession. The FAIR Institute has just released FAIR-U, the first officially sanctioned training app for FAIR. The tool is offered free of charge by RiskLens, Technical Advisor to the FAIR Institute.

Read More >>

A Crash Course on Capturing Loss Magnitude with the FAIR Model

In the FAIR model for risk analysis, Loss Magnitude—i.e. the monetary impact of a loss event—is bucketed in six Forms of Loss: Productivity, Response, Replacement, Competitive Advantage, Fines & Judgements, and Reputation.

Read More >>

ADP's Roland Cloutier and Bank of America's David Sheronas Honored with 2017 FAIR Awards

Two pioneers of quantitative risk management based on the FAIR risk model were honored by their peers in information and operations risk this week at the FAIR Institute's 2017 FAIR Conference in Dallas.

Read More >>

SEE ALL BLOGS

POPULAR BLOGS

Post Image
5 Must Read Books to Jumpstart Your Career in Risk Management

What are the must have resources for people new to operational and cyber risk? This list outlines what books I would recommend to new analyst or manager.

They’re not ranked by which book is best....

Read More >>
Post Image
NIST CSF & FAIR - Part 1

The question often arises, “How is FAIR different from (or better than) a framework like NIST’s Cybersecurity Framework (CSF)?” The simple answer is: FAIR isn’t inherently better or worse; it is...

Read More >>
Post Image
What is a Cyber Value-at-Risk Model?

Over the past year, executive teams and board members across multiple industries have started to ask questions more forcefully about the risk posed by cybersecurity attacks. They are no longer...

Read More >>