Frame 54


We provide the resources you need to
learn FAIRTM

FAIR™ is a standard quantitative risk analysis model for cybersecurity and operational risk that helps cyber risk, cybersecurity and business executives measure, manage and communicate on cyber risk in a language that business understands, dollars and cents. To ramp up quickly, take advantage of the following resources.

What is the FAIR Risk Model?

FAIR™ empowers risk officers to transform their organizations and to move from a compliance-based to a risk-based approach to information security and operational risk. This is where it all begins: our mission.

FAIR Risk Management

The FAIR™ quantitative risk analysis model defines the necessary building blocks for quantifying cyber risk and implementing effective cyber risk management programs. After all, "You cannot manage what you don't measure."


The FAIR™ book, "Measuring and Managing Cyber Risk: a FAIR Approach," is the ultimate guide and resource for cyber risk professionals who want to learn everything there is to know about FAIR™ and to implement a data-driven, business-aligned risk management program.


If you are still uncertain about what FAIR™ is and if it is right for your organization, the FAIR™ FAQ page provides crisp answers to frequently asked questions.

FAIR Training and Certification

Learn from the experts and help your organization adopt FAIR and implement a data-driven, business-aligned risk management program. Get your career to the next level by getting trained and certified by an accredited FAIR Training organization.


The FAIR Institute is proud to offer FAIR-U, a training web application for running FAIR risk analyses, guaranteed to correctly leverage. If you’ve been looking for an easy way to put into practice FAIR concepts, FAIR-U is for you.

FAIR University Curriculum

The FAIR Institute has partnered with several universities already teaching FAIR™ based risk management courses to create the best program possible. We are proud to offer the FAIR University Curriculum to all higher education institutions to assist in building future leaders in information and cyber risk management.

Member Resources

One of the valuable benefits of being a member of the FAIR Institute is access to its community of experts in the industry. Collaborate and tap into a wealth of cyber risk knowledge.

FAIR University Curriculum

View all of our upcoming in-person and virtual events. These include webinars, speaking events, FAIR Training Courses, breakfast meetings, and FAIRCON.


FAIR-CAM™ is a formal description of how risk management controls operate, both individually and within a system of other controls, to affect the frequency or magnitude of loss.


FAIR-MAM™ is a standard taxonomy and analysis model for assessing the financial materiality of cyber incidents that is legally defensible and comparable across companies, as required by regulators.