What's new
Resource icon

Measuring and Managing Information Risk (A FAIR Approach) 2017-09-23

No permission to download
The document first defines what risk is. The Risk and Risk Analysis section discusses risk concepts and some of the realities surrounding risk analysis and probabilities. This provides a common foundation for understanding and applying FAIR. The Risk Landscape Components section briefly describes the four primary components that make up any risk scenario. These components have characteristics (factors) that, in combination with one another, drive risk. Risk Factoring begins to decompose information risk into its fundamental parts. The resulting taxonomy describes how the factors combine to drive risk, and establishes a foundation for the rest of the FAIR framework.

The Controls section briefly introduces the three dimensions of a controls landscape. Measuring Risk briefly discusses measurement concepts and challenges, and then provides a high-level discussion of risk factor measurements.

See https://en.wikipedia.org/wiki/Factor_analysis_of_information_risk
David Harper CFA FRM
First release
Last update
0.00 star(s) 0 ratings