We all know the FAIR risk analysis process is four steps:
One step that I often see overlooked is the third and sometimes most important step. Once you've fully scoped your scenario and gathered all of your data it is finally time for the third step – Run, Refine, and QA. This can be the easiest part of the entire risk analysis process but sometimes the most vital! We need to make sure that the reporting from the RiskLens platform is consistent with what we have heard from our SME’s and what we believe is true based on past experiences and data within the organization.
The FAIR model has outlined the four-step analysis process. We created a nice and easy one-page guide on how to perform the QA process. I would suggest that any new analysts print this out and keep it at their desks. It is a simple guide but will save you from looking like a fool during the fourth and final step of the analysis process.
Download the QA Guide for FAIR Risk Analysis--and foolproof your cyber risk analysis reporting.