Welcome to the FAIR Institute

As organizations increasingly rely on digital processes to run their businesses, the need to cost-effectively manage the associated risks has become critical. As a result, information risk, cybersecurity and business executives have been looking for ways to improve their knowledge, their decision-making and their reporting practices related to information risk.

We have created the FAIR Institute to provide a forum where you can meet with peers of leading organizations to learn about digital risk scenarios affecting your industry; to collect and create information risk management best practices; and to learn how to better communicate with your executive team, your board and other key stakeholders about information risk.

Consider joining the FAIR Institute and let us know what aspects of information risk management you would like to see addressed by sending us a message via the Contact page.

Jack Jones

Chairman, FAIR Institute



Jack is one of the foremost authorities in the field of information risk management. He has worked in technology for over 30 years, the past 28 years in information security and risk management. He has a decade of experience as a Chief Information Security Officer (CISO) with three different companies, including a Fortune 100 financial services company. His work there was recognized in 2006 when he received the Information Systems Security Association (ISSA) Excellence in the Field of Security Practices award. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012, he was honored with the CSO Compass Award for leadership in risk management. Jones, who lives in Spokane, Washington, has served on the ISACA CRISC Certification Committee and RiskIT Task Force, as well as the ISC2 Ethics Committee. He is the author and creator of the Factor Analysis of Information Risk (FAIRTM) quantitative risk analysis model. He writes about that system in his book Measuring and Managing Information Risk: A FAIR Approach, which was inducted into the Cyber Security Canon in 2016, as a must-read in the profession.