Welcome to the CXOWARE blog. We hope you’ll join us for lively and good natured discussion about risk and risk issues!  We’re risk geeks, plain and simple. We’re big advocates of the Factor Analysis of Information Risk (FAIR) framework for quantifying risk.

FAIR Triage Brings Risk Framework to Information Security Policy Exceptions

By: Bryan Smith

Find me on:

Risk managers enabled to do quick analysis for risk associated with IT and cybersecurity policy exceptions

SPOKANE, Wash., (TBD) – CXOWARE, a cybersecurity risk analysis solutions provider, today announced Factor Analysis of Information Risk (FAIR) Triage, part of the RiskCalibrator 2.0 solution. FAIR Triage has been developed to enable risk managers to rapidly evaluate common risk issues, such as security policy exceptions, audit findings, and technology proposals.

Businesses are constantly trying to strike the balance between the need to maintain strict information security controls and their need for technological agility. In order to do so, risk managers are repeatedly analyzing “what if” scenarios and policy exceptions to identify the possible effects on the company’s exposure. Being able to do rapid tactical analysis allows them to know, within quantitative ranges, what their loss exposure would be, thus more easily identifying areas of concern.

FAIR Triage simplifies the FAIR quantitative framework for everyday use. By keeping the FAIR structure yet adding predefined quantitative ranges, FAIR Triage brings to each analysis:

  • Logical, sound structure – FAIR has been in use for over 10 years and is an international standard.
  • Normalization – Using the same framework for each and every analysis helps to ensure more consistent results.
  • Actionable insights – Because it uses quantitative ranges, the inputs and results are more easily examined to reduce bias and improve accuracy.

To learn more about CXOWARE and the RiskCalibrator 2.0, visit

About CXOWARE Inc.

CXOWARE is a risk analytics software company providing cybersecurity risk analysis solutions. CXOWARE's applications provide Chief Information Security Officers (CISO's) and Risk Officers with a decision-analysis solution that dramatically improves their ability to measure the monetary loss associated with cybersecurity risk.  Decision-makers can efficiently tailor risk mitigation budgets to the highest loss exposure areas, thus saving money and reducing liabilities to the business. CXOWARE's RiskCalibrator software is the only FAIR (Factor Analysis of Information Risk) authorized software and is based on The Open Group Risk Analysis Standard, Factor Analysis of Information Risk (FAIR).

About The Author

Bryan Smith
Bryan Smith is the Chief Technology Officer at RiskLens