CXOWARE is now RiskLens | Learn More

What Is FAIR?


RiskLens is the only cyber risk management software purpose-built on FAIR, the only international standard Value at Risk (VaR) model for cyber security and operational risk.

FAIR: A Methodology for Quantifying and Managing Risk in Any Organization

Factor Analysis of Information Risk (FAIR) is the only international standard Value at Risk (VaR) model for cyber security and operational risk.

  • Provides a model for understanding, analyzing and quantifying information risk in financial terms
  • Unlike risk assessment frameworks that focus their output on qualitative color charts or numerical weighted scales 
  • Builds a foundation for developing a scientific approach to information risk management

A Common Language That All Can Understand

The Benefits of FAIR

  • Speak in one language concerning your risk
  • Consistently study and apply risk to any object or asset
  • View organizational risk in totality
  • Challenge and defend risk decisions using an advanced risk model
  • Understand how time and money will impact your security profile

RiskLens Cyber Risk Quantification Aggregate Distribution


An Enterprise Scalable Risk Model

The FAIR Taxonomy (Basic Version)

Risk Model Components

  • An ontology and standard nomenclature for information and operational risk
  • A framework for establishing data collection criteria
  • Measurement scales for risk factors
  • Integrates into a computational engine for calculating risk
  • A modeling construct for analyzing complex risk scenarios

An International Standard by The Open Group

The Open Group has chosen FAIR as the international standard information risk management model 

  • The Open Group is a global consortium that enables the achievement of business objectives through IT standards
  • More than 450 member organizations that include companies such as HP, IBM, Oracle, Accenture, Cap Gemini and MITRE
  • Selection of FAIR was made following a most rigorous review and comparison with other risk methodologies

RiskLens is officially accredited with The Open Group to provide FAIR training and certification courses.  

Next: Signup for Online Training

The Open Group

The Book - Measuring and Managing Information Risk: A FAIR Approach

Measuring and Managing Information Risk: A FAIR Approach

Provides a practical and credible framework for understanding, measuring and analyzing information risk of any size and complexity

  • Shows how to deliver financially derived results tailored for enterprise risk management
  • Intended for organizations that need to build a risk management program from the ground up or strengthen an existing one
  • Covers key areas such as risk theory, risk calculation, scenario modeling and risk communication within the organization

Measuring and Managing Information Risk is an essential tool to help business executives of the digital age make smarter business decisions.

Next: Order It Now