The FAIR™ quantitative risk analysis model defines the necessary building blocks for quantifying cyber risk and implementing effective cyber risk management programs. After all, "You cannot manage what you don't measure."

The FAIR™ book, "Measuring and Managing Cyber Risk: a FAIR Approach," is the ultimate guide and resource for cyber risk professionals who want to learn everything there is to know about FAIR™ and to implement a data-driven, business-aligned risk management program.

If you are still uncertain about what FAIR™ is and if it is right for your organization, the FAIR™ FAQ page provides crisp answers to frequently asked questions.

Learn from the experts and help your organization adopt FAIR and implement a data-driven, business-aligned risk management program. Get your career to the next level by getting trained and certified by an accredited FAIR Training organization.

The FAIR Institute is proud to offer FAIR-U, a training web application for running FAIR risk analyses, guaranteed to correctly leverage. If you’ve been looking for an easy way to put into practice FAIR concepts, FAIR-U is for you.

The FAIR Institute has partnered with several universities already teaching FAIR™ based risk management courses to create the best program possible. We are proud to offer the FAIR University Curriculum to all higher education institutions to assist in building future leaders in information and cyber risk management.

One of the valuable benefits of being a member of the FAIR Institute is access to its community of experts in the industry. Collaborate and tap into a wealth of cyber risk knowledge.

View all of our upcoming in-person and virtual events. These include webinars, speaking events, FAIR Training Courses, breakfast meetings, and FAIRCON.

FAIR-CAM™ is a formal description of how risk management controls operate, both individually and within a system of other controls, to affect the frequency or magnitude of loss.