FAIR Institute Blog

No Data? No Problem

[fa icon="calendar'] Apr 18, 2017 6:05:40 PM / by Jack Jones posted in Risk Management

[fa icon="comment"] 0 Comments

One of the most common questions I hear is, “ What if there’s no historical data to base an estimate on?”  A close cousin to this question is the statement, “ Historical data isn’t necessarily a good representation of the future, so you can’t rely on it for your estimates.”  Both of these are reasonable concerns that deserve good answers. 
Read More [fa icon="long-arrow-right"]

Jack Jones Risk Summit Message: Focus or Fail

[fa icon="calendar'] Apr 5, 2017 8:48:10 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

“Think of all the advantages the bad guys have,” FAIR Institute Chairman Jack Jones tells an audience this week at the InfoSecWorld 2017 Risk Management Summit in Orlando.

“We have to protect a very complex and dynamic landscape. The bad guys can pick and choose what they want to go after. And we are giving them a gift.

Read More [fa icon="long-arrow-right"]

What Belongs in a Risk Register?

[fa icon="calendar'] Mar 31, 2017 11:16:51 AM / by Jack Jones posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment


A member of the FAIR Institute LinkedIn forum asked an important question the other day: 

“I was wondering if there are any guidelines, rules-of-thumb, etc. on how to decide when something should end up in a risk register or should be handled differently. 

Read More [fa icon="long-arrow-right"]

How FAIR Can Ensure The Success of COSO Risk Management Programs

[fa icon="calendar'] Mar 30, 2017 1:38:10 PM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

NYSE-listed organizations are extending the use of the COSO standard and framework beyond the management of financial reporting risk as mandated by section 404 of the Sarbanes-Oxley Public Company Accounting Reform and Investor Protection Act (SOX).

Read More [fa icon="long-arrow-right"]

How to Spot Data Breaches in Audit Trails?

[fa icon="calendar'] Mar 27, 2017 10:23:13 AM / by Jack Jones posted in Risk Management

[fa icon="comment"] 0 Comments

Jack Jones led the discussion at this month’s meeting of the FAIR Institute’s Data Utilization Work Group, including fielding this question from a FAIR Institute member about data breaches. Jack is the Institute’s Chairman and the co-author of Measuring and Managing Information Risk: A FAIR Approach.  

Read More [fa icon="long-arrow-right"]

Top Operational “Risks” for 2017?  –  Part 1

[fa icon="calendar'] Mar 22, 2017 12:26:31 PM / by Evan Wheeler posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

During the March meeting of the Operational Risk Workgroup, the members took on a project to recast a list of top operational risks using the FAIR risk model.  Every year, you’ll find numerous lists of supposed “top risks” from analysts, surveys, professional organizations, etc. with something in common: They don’t actually provide true risks. 

Read More [fa icon="long-arrow-right"]

How to Think About Likelihood, Probability and Frequency

[fa icon="calendar'] Mar 15, 2017 10:53:05 AM / by Stephen Poppe posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

“Likelihood” is one of those words, like “risk” itself, that appears repeatedly in the risk management literature but casts as much shadow as light on the subject.  In this article, we’ll see that likelihood is a probability, and why it is sometimes best expressed as an expected frequency of occurrence. 

Read More [fa icon="long-arrow-right"]

[VIDEO] New to FAIR? Start with this High-Level Introduction by Jack Jones

[fa icon="calendar'] Mar 13, 2017 12:00:00 PM / by Jeff B. Copeland posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

In this short 5 min video, FAIR author Jack Jones gives an overview of the FAIR model for risk measurement and management, the training opportunities for FAIR and the professional organization, the FAIR Institute.

Read More [fa icon="long-arrow-right"]

RSAC 2017 – The Year of Risk

[fa icon="calendar'] Mar 10, 2017 8:00:00 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

Listen carefully around the halls of the Moscone Center and you could hear a shift in the buzz at this year’s RSA Conference, compared to years past.

Read More [fa icon="long-arrow-right"]

Interval Estimation – Play a Game You Can Win

[fa icon="calendar'] Mar 6, 2017 8:30:00 AM / by Steve Poppe posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

“When will you be home?” 

I have finally learned how to respond to text messages like this – and more pointedly how not to.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts