FAIR Training and Certification

RiskLens is the world leader in training security and risk professionals on the standard FAIR risk model. We understand that the journey to better cyber risk management involves changing existing thought paradigms, developing a solid understanding of the FAIR model, and adopting a common language around risk across the enterprise. To support you in this journey, we've developed The RiskLens Academy.

Our training programs have been taken by hundreds in both online and live formats.

- The RiskLens Academy provides the following courses designed and taught by RiskLens' FAIR experts:

- FAIR Analysis Fundamentals (offered live and online) and the FAIR Analyst Learning Path (offered online only.)

- A Four Day Course on "Measuring and Managing Cyber Risks Using FAIR" Offered by the SANS Institute

FAIR Analysis Fundamentals

The First Step on Your Journey

FAIR Analysis Fundamentals prepares learners for the OpenFAIR Certification exam by providing a foundational understanding of the FAIR model and the underlying concepts of FAIR analysis. (16 CPEs, study guide and exam voucher included)

FAIR Analyst Learning Path

Refining Your Skills

The FAIR Analyst Learning Path consists of advanced courses designed to give learners who understand the FAIR model the practical skills needed to conduct high-quality analyses in their organizations. (16 CPEs included)

OpenFAIR Certification Voucher

Joining the Revolution

All trainees will have the opportunity to test for formal OpenFAIR certification with a voucher provided upon completion of the FAIR Analysis Fundamentals course. OpenFAIR certification is issued by The Open Group and testing is completed through Pearson VUE, at one of their numerous locations.

FAIR Analysis Fundamentals

The First Step to Better Cyber Risk Management

FAIR Analysis Fundamentals training from RiskLens provides the conceptual foundation and practical experience necessary to competently perform FAIR analyses. Whether online or in-person, RiskLens’ FAIR training courses (accredited by the Open Group) are led by experienced practitioners and will improve participants’ abilities to identify, measure, and communicate risk.

By the end of the course, participants will be able to:

  • Know and apply consistent FAIR-based terminology
  • Know and apply the FAIR ontology to risk scenarios
  • Use various measurement concepts to select scenarios for analysis and estimate risk factors using probability distributions
  • Understand the use of calibrated estimation in quantitative risk analysis
  • Follow a consistent process to scope risk scenarios for analysis
  • Map various controls to corresponding parts of the FAIR ontology
  • Understand and interpret the results of a FAIR analysis
  • Apply their knowledge to case studies, based on real-life analyses

Whether completed in our two-day onsite trainings or online via a self-paced curriculum, FAIR Analysis Fundamentals courses are led by expert FAIR practitioners from the RiskLens team and include:

1) Certificate of Completion

2) 16 CPE credits

3) Voucher that completely covers the cost of the OpenFAIR Certification exam

4) Study guide that prepares you for the exam

Online Training – $1,649 per individual

Live Course –  $1,750 per individual

Onsite Group Training – $10,000 for up to 8 individuals, $19,500 for up to 16 

Purchase Online Training

NEW! FAIR Analysis Fundamentals for Government

The First Step to Better Cyber Risk Management for the Public Sector

Public sector information security and risk management professionals make mission-critical tactical and strategic decisions every day. FISMA, EO 13800, NIST CSF, NIST 800-37, 800-39, and many other standards and frameworks direct agencies to make those decisions in a cost-effective way based on an understanding of the probability/likelihood and impact/magnitude of harm.

So, how are agencies to do that? Does it look like 1-5 rating scales or red/yellow/green heat maps? Is that the best way to cost-effectively manage our limited resources in light of the risks we face? And just what is “risk,” anyway? Different standards provide different definitions, models, calculations, and frameworks — there has to be a better way. Exactly how to meet these requirements is largely left up to the various agencies and auditing authorities are mainly concerned that the work gets done, not how it gets done.

The Factor Analysis of Information Risk (FAIR) model and methods are recognized as an Informative Reference to the NIST CSF, aligned to ISO 31000 and other standards, and backed by a worldwide network of risk researchers, managers, and analysts in the FAIR Institute. FAIR helps provide clarity on the risks you face so you can most cost-effectively manage them. Risk analysts and managers in government and some of the world’s most successful companies are applying FAIR to:

  • Assess cyber and operational risk in financial and probabilistic terms
  • Prioritize remediation efforts based on business impact
  • Justify security investments and demonstrate ROI
  • Communicate with their peers and leaders about loss scenarios and their associated risk directly and effectively

In this course, you will learn the basics of quantitative risk analysis with FAIR. You will see what’s possible when you are equipped with a logical, repeatable, defensible model for analyzing risk in financial and probabilistic terms. High/medium/low or 1-5 ratings and subjective heat maps aren’t sufficient to inform the “efficient and cost-effective risk management decisions” required by the NIST 800 series of documents. FAIR offers “a more scientific approach to estimating likelihood and impact of consequences (…) to better prioritize risks and to prepare more accurate risk exposure forecasts.” (NISTIR 8286)

Join us for a comprehensive course led by experienced risk professionals featuring case studies and example analyses directly relevant to the public sector.

Online Training – $1,649 per individual

FAIR Analyst Learning Path

Advanced Training on FAIR Analyses

The FAIR Analyst Learning Path is designed to take participants with a foundational understanding of FAIR to the next level with four advanced courses, each covering one phase of the risk analysis process.

Through over 2.5 hours of instructional videos, interactive exercises, resource documents, and assessments reviewed by experienced FAIR practitioners from the RiskLens Academy, participants will gain an in-depth understanding of how to scope and prioritize scenarios for analysis, collect data and estimates to input into the FAIR model, perform quality assurance on completed analyses, and present analysis results to decision-makers.

After completion of the FAIR Analyst Learning Path, participants will have the knowledge, resources, and confidence to complete high-quality risk analyses for their organizations and scale a team of well-trained FAIR analysts.

Note: The FAIR Analyst Learning Path assumes foundational knowledge of the FAIR model, calibrated estimation, measurement concepts, and other topics from the FAIR Analysis Fundamentals course. It is only recommended for participants who have already completed that course, either online or in-person, or who have extensively studied FAIR via other means.

Online Training – $500 per course per individual OR $1,200 for all four courses ($800 savings) per individual

Purchase Online Training

FAIR Training FAQs

 

Q: What does FAIR training enable me to do?

A:  On completion of the FAIR Analysis Fundamentals Course, you’ll know the FAIR model and terminology, and the practical steps to apply it to risk analysis, creating risk scenarios, gathering data, and interpreting the results of risk probability distributions.  You will also be prepared to take the Open FAIR Certification Exam.

 

Q: Why should I be FAIR certified?

A:  The FAIR Certification shows peers and employers that you’re keeping your skills at the forefront of cyber risk analysis – advanced companies such as Bank of America, Fidelity, and Walmart are now actively recruiting and promoting based on FAIR Certification status.

 

Q: What is the difference between the different class formats (online, live, group onsite)?

A:  Online – The online course is geared at individuals who would like to go at their own pace in the convenience of an online setting.

Live -The live course is a two-day, workshop-style course for those who do better in an in-person classroom format with an expert instructor to answer questions along the way. We offer courses in various cities, so be sure to check out our events page to find a course in a city near you.

Onsite Group – This option was created for companies seeking to train a group of employees onsite at their own facilities.

 

Q: Is the FAIR Analyst Learning Path course included with the Fundamentals course?

A: They are separate courses. We advise learners to go through Fundamentals and then Learning Path to advance their education on FAIR to the next level; it includes four-course sections, each covering in-depth, one phase of the risk analysis process.

 

Q:  How long does it take to complete a course?

A:  Online and onsite courses are offered for Fundamentals. Users typically complete the online Fundamentals course in 16-20 hours.

The onsite Fundamentals course runs for two days. It’s in-person with experienced RiskLens Academy trainers, very interactive and aimed at helping organizations create and build the culture of FAIR while learning the practical skills of quantified risk analysis.

Learn more about onsite training opportunities in 2020.

The online Learning Path course is 2.5 hours and includes instructional videos, interactive exercises, resource documents, and risk assessments reviewed by instructors.

 

Q: Are there CPE’s and, if so, how many?

A:  Yes. You will receive 16 CPE’s for each of the courses you complete. The CPE’s are accredited by The Open Group.

 

Q: Is the cost of the exam included in the price of the course?

A: Yes. Once you complete the course, a voucher for the exam will be emailed in 1-2 weeks and then you may register with the exam administrator Pearson VUE.

 

We've trained security and risk teams around the world on the FAIR model for cyber risk quantification. All of our clients take FAIR training as part of the pilot and on-boarding processes.

Whether your organization is well versed in risk management or just getting started on the right path to cyber risk management, our training courses are designed to enable and empower your journey forward.

We understand how to fit our training programs to your specific business and industry needs. We've trained hundreds of security and risk professionals from virtually every vertical industry.

The RiskLens Academy - World Leader in FAIR Training

Our online training courses are a perfect way for your team to learn FAIR at its own pace. We’ve designed and refined these courses with you in mind – easy to follow,

The RiskLens Academy - World Leader in FAIR Training

Our online training courses are a perfect way for your team to learn FAIR at its own pace. We’ve designed and refined these courses with you in mind – easy to follow,

"Very good instruction and loved the design of the course: one-third content, two-thirds practice and application."

Risk Analyst, Fortune 500 Bank

"I appreciated the approach to help us understand the FAIR methodology - it helped me understand how risk quantification can be the way forward!"

Director of Security, Leading Manufacturing Firm

"Excellent instruction...one of my favorite things is that both instructors have practical experience. "

Head of Risk, Leading U.S. Healthcare Firm

Request a Demo Today

RiskLens is the partner of choice for better cyber risk management to the largest organizations in the world. Our FAIR training capabilities, our enterprise tested Software as a Service platform, and our extensive Enablement Services offerings will get you on your way to better cyber security operations.

Request a Demo