The FAIR (Factor Analysis of Information Risk) is a quantitative framework for cybersecurity and operational risk which has been adopted as an international standard by the Open Group. Open FAIRTM is generating much interest and the non-profit FAIR Institute has 6,900 members, representing 30% of Fortune 1,000 organisations and 17 local chapters around the world.
Acuity has licensed Open FAIRTM allowing users of Acuity’s STREAM Integrated Risk Manager solution to perform FAIR risk assessments and use the quantitative results to prioritise risks and actions, evaluate risk mitigations, measure return on investment and in doing so, better inform cyber risk conversations with the board.
Within STREAM, FAIR is one of many supported (quantitative and qualitative) risk frameworks which integrate seamlessly with related applications such as compliance, incident, action and business continuity management.
For further information or a demonstration of FAIR within STREAM, please contact us.
Open FAIR is a trademark of the Open Group in the United States and other countries.