FAIR is a standard quantitative model for information and operational risk that helps information risk, cybersecurity and business executives measure, manage and communicate on information risk in a language that business understands, dollars and cents. To ramp up quickly, take advantage of the following resources.
FAIR empowers risk officers to transform their organizations and to move from a compliance-based to a risk-based approach to information security and operational risk. This is where it all begins: our mission.
The FAIR model defines the necessary building blocks for quantifying information risk and implementing effective information risk management programs. After all, "You cannot manage what you don't measure."
The FAIR book, "Measuring and Managing Information Risk: a FAIR Approach," is the ultimate guide and resource for information risk professionals who want to learn everything there is to know about FAIR and to implement a data-driven, business-aligned risk management program.
If you are still uncertain about what FAIR is and if it is right for your organization, the FAIR FAQ page provides crisp answers to frequently asked questions.
The FAIR Institute Blog is the best resource to stay up-to-date on the latest developments within the FAIR community and to continue learn about the FAIR model and its application to information security as well as operational risks.
Learn from the experts and help your organization adopt FAIR and implement a data-driven, business-aligned risk management program. Get your career to the next level by getting trained and certified by an accredited FAIR Training organization.
The FAIR Institute is proud to offer FAIR-U, a training web application for running FAIR risk analyses, guaranteed to correctly leverage. If you’ve been looking for an easy way to put into practice FAIR concepts, FAIR-U is for you.
The FAIR Institute has partnered with several universities already teaching FAIR based risk management courses to create the best program possible. We are proud to offer the FAIR University Curriculum to all higher education institutions to assist in building future leaders in information and cyber risk management.
One of the valuable benefits of being a member of the FAIR Institute is access to its community of experts in the industry. Collaborate and tap into a wealth of information risk knowledge.