Enterprises operate their businesses on third-party platforms and services. Outsourcing of systems and services often involves significant risk, bestowing custodial responsibilities of large amounts of sensitive data and transaction capabilities to third-parties.
How much risk is associated with a bald tire? It depends...
In this video, Jack Jones walks you through the classic scenario (from his book Measuring and Managing Information Risk: a FAIR Approach) with a lesson about making assumptions and how that affects risk analysis and communication about risk.
We hope that you're already planning to attend FAIR Institute's annual FAIR Conference, FAIRCON17, later this year on October 16 and 17. Take advantage of our "Early Bird" pricing special, available through June 30, by clicking here.
However, you may be interested in doing more than just attending!
The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.
The Internet Security Alliance and the FAIR Institute called on the National Institute of Standards and Technology (NIST) to convene a process similar to that which resulted in the creation of the NIST Cyber Security Framework (CSF), but this time focusing on implementation of the CSF.
Great opportunity for FAIR beginners and experts alike to join a live, team effort at a high level FAIR analysis in the next meeting of the FAIR Institute Operational Risk Workgroup, Tuesday, April 11, at 4 PM EDT. The analysis will be led by veteran FAIR practitioner and speaker Evan Wheeler.