It was a good problem to have: The board at Government Employees Health Association (GEHA) directed the risk team to start presenting on risk in quantitative terms by the next quarter. A good problem because support from the top would open many doors – but still, the team had to adopt and implement a FAIR™ program from nearly a standing start on a tight timeframe.
In his presentation to the 2021 FAIR Conference (FAIRCON21), Seth Mowbray shared a wealth of tactical experience the GEHA team gained that should benefit any project to stand up a FAIR program that crosses business units and risk disciplines, from cyber through operational.
Case Study - Providing Visibility into Operational Risk with FAIR
Seth Mowbray, Senior Risk Analyst, Legal, Risk & Compliance, Government Employees Health Association (GEHA)
FAIR Institute members can watch the video of this FAIRCON21 session in the LINK member community. Not a member yet? Join the FAIR Institute now, then sign up for LINK.
Read more about Seth Mowbray's FAIR journey in this interview
Here’s a selection of the advice you’ll hear in this FAIR Conference session:
Hint: There’s a 90% chance SMEs can’t provide the Most Likely value, Seth said.
Hint: Carefully document your analysis work as you go – you may not remember where you sourced some data points if challenged months later.
FAIR training approved by the FAIR Institute - online courses available now
Hear all of Seth’s tips from GEHA’s FAIR experience: Register now at no charge to view the session on video.