The Second Edition of the Award-winning FAIR Book provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity using the Factor Analysis of Information Risk (FAIR) methodology developed over ten years and adopted by corporations worldwide.

This new edition covers such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, and also includes new chapters and essays from industry professionals. It provides a step-by-step guide to help managers make better business decisions by understanding their organizational risk.

• Uses factor analysis of information risk (FAIR) as a methodology for measuring and managing risk in any organization, with insights on how to apply the FAIR methodology based on over 15 years of applied experience
• Balances theory with practical applicability and relevant stories of successful implementation
• Includes examples from a wide variety of businesses and situations presented in an accessible writing style
• New to this edition: new chapters on Standards and Regulatory Alignment, Building Quantitative Risk Programs, and Assessment Automation, as well as significant revisions to cover the new FAIR-CAM standard and short essays from others in the industry

'Measuring and Managing Information Risk' is an essential tool for information risk officers of the digital age who want to help their organizations make smarter and more effective business decisions.