FAIR Institute Blog

When Non-Compliance Is A-OK [Video]

[fa icon="calendar'] Nov 8, 2017 2:50:16 PM / by David Musselwhite posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 2 Comments

“You are clearly out of compliance with a federal law.” When you, as a risk management professional, hear this, what is your first reaction?

A. “Yikes! We better fix that immediately!”
B. “That sounds like a problem for the Compliance Department?”
C. “So what? The government has it’s hand in everything, let us run our business!”
D. “Hmm…let’s perform a risk analysis and see if we should be concerned.”

Read More [fa icon="long-arrow-right"]

Standards Groups and Regulators Recognize FAIR

[fa icon="calendar'] Nov 2, 2017 10:02:24 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The National Institute of Standards and Technology, the Federal Reserve, The Open Group,  PCI – a prestigious list of organizations and agencies cite or suggest FAIR as a leading model for cyber risk analysis and management. Expect this list to grow as more risk professionals and regulators come to the conclusion that simply following risk management frameworks isn't enough–they need quantitative analytical models to make effective decisions on risk. 

 

Read More [fa icon="long-arrow-right"]

A Crash Course on Capturing Loss Magnitude with the FAIR Model

[fa icon="calendar'] Oct 20, 2017 2:32:01 PM / by Teresa Suarez posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In the FAIR model for risk analysis, Loss Magnitude—i.e. the monetary impact of a loss event—is bucketed in six Forms of Loss: Productivity, Response, Replacement, Competitive Advantage, Fines & Judgements, and Reputation.

Read More [fa icon="long-arrow-right"]

Hot Job: Data Protection Officer for the EU’s GDPR

[fa icon="calendar'] Oct 9, 2017 8:25:39 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Look for thousands of job listings next year for “data protection officer” to meet a requirement of the European Union’s General Data Protection Regulation, the privacy law that goes into effect May 18, 2018. Here’s a quick rundown to see if you need to start shopping for a DPO, as well.

Read More [fa icon="long-arrow-right"]

Coming Soon: Try FAIR Risk Quantification on Our Free Tool

[fa icon="calendar'] Sep 29, 2017 8:00:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 3 Comments

UPDATE: The FAIR-U training app is now available. Get access to the web app now 


At the FAIR Conference in mid-October, the FAIR Institute will introduce FAIR-U, our first officially sanctioned training application for running FAIR risk analysis, guaranteed to correctly leverage the FAIR model.

Read More [fa icon="long-arrow-right"]

Q&A: Jack Jones Talks with the Global Association of Risk Professionals (GARP)

[fa icon="calendar'] Sep 20, 2017 6:07:48 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

FAIR Institute Chairman Jack Jones was interviewed by Jeffrey Kutler of the Global Association of Risk Professionals for an article published on the GARP website, “Signs of Acceptance and Maturity for the FAIR Model”.

The article is vintage Jack. A sample:

Read More [fa icon="long-arrow-right"]

Announcing the FAIR University Program - Building the Next Generation of Risk Management Leaders

[fa icon="calendar'] Sep 18, 2017 10:53:42 AM / by Luke Bader posted in FAIR, Risk Management, Fair Institute

[fa icon="comment"] 4 Comments

 Since our founding, The FAIR Institute has received an increasing number of requests to create an information risk management course based on FAIR. We are responding to those personal requests, and to a market demand, to help create risk analysts who are well trained and well versed in quantitative risk analysis. 

Read More [fa icon="long-arrow-right"]

4 Tips for Running Risk Analysis Meetings

[fa icon="calendar'] Sep 15, 2017 7:00:00 AM / by Rebecca Merritt posted in Risk Management

[fa icon="comment"] 0 Comments

As a risk consultant, I run a lot of meetings for project scoping or data gathering that bring together people from around a company, usually with different perspectives and agendas. Often these meetings require that everyone come together and agree on a direction for a risk analysis project.

Read More [fa icon="long-arrow-right"]

Is Cyber Risk Measurement Just "Guessing"?

[fa icon="calendar'] Sep 12, 2017 12:36:29 PM / by Jack Jones posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

I regularly read blog posts or encounter people in our profession who dismiss quantitative cyber risk measurement as “guessing”, or “nothing more than feelings” (cue the Morris Albert song).  Since this is such a common concern, I thought it would be worthwhile to examine this issue of what's subjective, what's objective and what falls between. 

Read More [fa icon="long-arrow-right"]

Benchmark Your Risk Management Team - Take Our Survey

[fa icon="calendar'] Sep 7, 2017 3:24:00 PM / by Luke Bader posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 0 Comments

UPDATE: The survey is now closed. We will be releasing the results at the 2017 FAIR Conference in October. See the FAIRCON17 agenda to learn more.

 

With over 100 responses already, we would like to extend the opportunity to participate in the 2017 Risk Management Maturity Survey to all risk management professionals.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts