“This new state of techquilibrium demands an understanding of both the quantitative and qualitative elements of digital risk.”
But, as Wheeler told the 2019 FAIR Conference in his Day Two keynote speech, the legacy GRC approach typically focusses on the qualitative side through highly subjective risk scoring. With Integrated Risk Management (IRM) solutions, he writes, organizations can “improve the qualitative tactical view through risk quantification based on data analysis methods like Factor Analysis of Information Risk (FAIR).
“Many organizations are now utilizing IRM and FAIR to create risk treatment plans for potential data breach events as they optimize their business” – and beyond the tactical level to the strategic to “develop a successful case for digital transformation.”
Read Wheeler’s blog post: Digital Risk “Techquilibrium” Requires IRM.
Related: Gartner Endorses Risk Quantification as Critical to Integrated Risk Management