FAIR training is a unique opportunity to obtain an in-depth look at how Factor Analysis of Information Risk (FAIR) really works. FAIR is the model that powers the RiskLens platform. It’s a beautifully logical way to understand risk by breaking it down into component parts. This enables organizations to quantify risk, that is, communicate risk in financial terms. We really enjoy spreading the word on the power of FAIR – you might even say we’re on a mission.
FAIR training goes in-depth on how to define what a risk really is. That’s not as easy as it sounds. My colleague Chad Weinman has seen a lot of Top 10 Risks Lists created by companies over the years, lists pulled together by surveying IT staff or other methods. As he wrote in a recent blog post:
“None of those methods I believe could be considered systematic. They lend themselves to subjectivity and ‘perceived’ risk. It is my belief that many items aren’t even identified from a true perspective on risk.”
FAIR, on the other hand, is highly systematic, and based on a set of core concepts set out by Jack Jones in the book Measuring and Managing Information Risk: A FAIR Approach. The concepts are shown in this schematic of the FAIR model.
FAIR training leads you through the model, teaching each concept in turn, and preparing you to focus your efforts when conducting a risk assessment. You’ll learn mental disciplines such as how to get better risk analysis results by balancing probability vs. possibility. As my colleague Cody Whelan wrote in a blog post:
“It’s an all too common phenomenon to expand the scope of an analysis, to go beyond what is probable, and include everything possible, because more is often associated with better. I hate to break it to you, but this is very often a false equivalency.”
We’ve heard skeptics about FAIR say, “You can’t measure that”, or “There is not enough data”. In fact, FAIR training shows you how to measure pretty much anything, even using the information you probably didn’t realize you already had.
What does the FAIR training course from RiskLens cover?
The image below outlines what a typical RiskLens Training course includes.
To highlight a few of the course subjects:
Core Measurement Concepts
How to get FAIR training and certification
FAIR is a standard established by The Open Group, a global, not-for-profit consortium that enables the achievement of business objectives through IT standards. RiskLens is officially accredited by The Open Group for providing FAIR training courses.
RiskLens offers FAIR training:
Additionally, RiskLens offers an onsite pilot engagement, with certified RiskLens consultants leading the organization through an entire real-world analysis over the course of the 4 days engagement. This opportunity demonstrates the RiskLens platform and provides a concrete example of the risk intelligence an organization can gain through FAIR.
Finally, the non-profit FAIR Institute offers ongoing educational programs including: