Quantitative risk analysis is far more accurate and useful in aiding decisions than the alternatives but let’s face it – quantitative can be slower than just arranging risks on a heat map or a numeric scale based on “gut instinct” or “experience.”
That said, RiskLens is constantly working to make FAIR™ quantitative analysis faster and easier. Here are some tips on speeding up your risk analysis process.
Leanne Scott is a RiskLens Customer Success Executive
Easy access to data and risk scenarios
RiskLens Data Helpers store data for repeated use in answering risk analysis workshop questions. Recently, RiskLens introduced Data Helpers for loss event frequency, to complement the full suite of helpers on the loss magnitude or impact side of FAIR analysis that have dramatically speeded up analysis. Data Helpers can contain both data specific to your organization and industry data prepared by the RiskLens Data Science team. With the Data Helpers, the RiskLens platform offers pre-formatted risk scenarios to quickly launch an analysis.
Accuracy over precision
Speaking of data, it is far easier to provide accurate results quickly. The precision of hunting down relatively tight ranges from SMEs and SOC engineers is often not necessary to aid decision making. Using Data Helpers is a quick and useful option between an analysis for triage and a more detailed analysis.
Easy integration with reporting tools
Recent advances in the RiskLens API help clients automatically get the analysis details they need to build the kind of dashboards or reports they need. While RiskLens continues to improve out-of-the-box reporting, at a certain point, stakeholder requirements are custom based on company culture and the organizational level of the recipients.
Custom Top Risk Report Made in AirTable with the RiskLens Data Export API
Speaking of automation, your process for accepting risk analysis requests and what data requestors need to provide is crucial. To make scoping the risk scenario easier, ask the right questions on your intake form. Help requestors help you to define the asset, threat, loss event, certain input estimates and the like. The RiskLens API is continually advancing so this information could be used to create and populate RiskLens analyses in the future.
Stakeholders learning FAIR
The more your stakeholders are FAIR-aware, the less risk analysts need to explain it to them just to get a question or two answered.
With risk owners FAIR aware, they become judicious in knowing when a risk is really a risk and when quantitative risk analysis will benefit the decision. Also, they can better describe and scope their risk when making the request to the quantitative risk analysts. Once results are produced, they will also need less explanation from the risk analysts to understand RiskLens output.
With SMEs FAIR aware, the better and faster they can provide the data appropriate for a RiskLens analysis and the scenario at hand.
FAIR training by the RiskLens Academy will prepare your staff for hands-on work in FAIR analysis but for stakeholders, many organizations have found that an informal education in FAIR terminology and concepts gets the whole team on the same page for considering risk.
As RiskLens continues to develop and RiskLens platform users continue to experience and experiment with quantitative risk analysis, quantitative risk analysis will only get faster and easier. For those of you on your quantitative risk analysis journey already, you are well positioned to stay ahead of the curve in getting the value that you can only get with quantitative risk analysis.