This week in our reading of Measuring and Managing Information Risk, the book about Factor Analysis of Information Risk (FAIR™), we cover Chapter 8 (Risk Analysis Examples) and Chapter 9 (Thinking about Risk Scenarios Using FAIR), informed by the study guide prepared by FAIR expert consultant Rebecca Merritt.
You'll learn key skills for cyber risk quantitative analysis, such as:
- Scoping - defining the risk scenario to analyze
- Data gathering for Frequency, Magnitude and Vulnerability
- How to review analysis reporting
And get an opportunity to think through how to apply FAIR to. your organization.
Here are all 6 of the study guides:
- Chapter 1, (Introduction), Chapter 2 (Basic Risk Concepts) and Chapter 3 (The FAIR Risk Ontology)
- Chapter 4 (FAIR Terminology) and Chapter 5 (Measurement)
- Chapter 6 (Analysis Process) and 7 (Understanding Results)
- Chapter 8 (Risk Analysis Examples) and Chapter 9 (Thinking about Risk Scenarios Using FAIR)
- Chapter 10 (Common Mistakes) and Chapter 11 (Controls)
- Chapter 12 (Risk Management), Chapter 13 (Information Security Metrics) and Chapter 14 (Implementing Risk Management)
Visit the discussion board
We’re hosting a discussion board in LINK, the FAIR Institute’s community site, for further discussion or posting of questions – FAIR experts and community members will answer. (A FAIR Institute membership and signup for LINK is required to access the discussions. Turn your notifications on in your LINK profile settings to make sure that you receive updates to the discussions.) Visit the FAIR book discussion board