In a blog post for ISACA, FAIR™ model creator Jack Jones reviews the recently released Risk IT Framework, 2nd Edition and Risk IT Practitioner Guide, 2nd Edition, and finds them “revitalized.”
The 2020 FAIR Conference (FAIRCON2020), the premiere global conference for quantitative risk management, will be held digitally on October 6 & 7 (Tues. and Wed.). FAIRCON2020 will provide groundbreaking keynote addresses, engaging C-suite panels, and expert case study sessions through a cutting edge virtual event platform.
Vienna, VA – June 30th - ISSA, the prominent global association for cyber professionals, is pleased to announce a strategic alliance with the FAIR Institute as part of the overall vision of expanding educational resources to the Cyber and IT community.
On July 16, join the Association for Federal Enterprise Risk Management (AFERM) and the FAIR Institute for a webinar that will explain how federal agencies can better meet the requirements of policies to adopt a risk-based approach to cybersecurity
This week, it’s Chapter 6 (Analysis Process) and 7 (Understanding Results) in Measuring and Managing Information Risk, the FAIR book, and now we’re getting hands-on with a working knowledge of quantitative cyber risk analysis.
How do you define key terms such as “inherent risk”, “quantitative risk analysis”, “risk appetite” or “vulnerability”? Do your colleagues define them the same way?
Whether it is difficulty with data gathering, calibrating estimates, or presenting results, problems that come up in FAIR analysis tend to stem from the same source: a lack of a clearly defined risk scenario statement.
The foundation of any good risk analysis is the rationale -- the documentation of the thought process driving the ranges you selected for analysis with the FAIR model.
Microsoft Learn, the software giant’s educational site for developers, architects and IT administrators, now highlights FAIR™ (Factor Analysis of Information Risk) in its tutorials on cloud security.
The FAIR Institute is dedicated to encouraging the community to focus on innovation, education and sharing of best practices to advance the FAIR™ cyber risk model and the risk management profession.
