Jack served on the original ISACA task force to create the Risk IT Framework, which provides descriptions and guidance for the key elements of a risk management program.
He was particularly pleased to see the updates to Risk IT’s section on risk assessment, with “significantly improved” guidance on quantitative vs. qualitative risk measurement
“Of particular importance to me is the fact that Risk IT remains highly compatible with the FAIR risk measurement model,” Jack writes. “If anything, it is even more closely aligned, which further strengthens the utility of both frameworks.”
Jack cites these points of alignment with FAIR:
Read more of Jack’s comments in his ISACA blog post, Risk IT Revitalized.
Related:
How to Clearly Define a Risk Scenario Statement for FAIR Analysis