In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.
The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.
By the end of the course, participants will be able to:
- Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
- Explain the FAIR risk analysis process
- Properly scope scenarios for analysis
- Use calibrated estimation in quantitative risk analysis
- Map controls to the FAIR Standard to analyze risk mitigation
- Interpret the results of a FAIR analysis and create reports for stakeholders
- Apply their knowledge to case studies based on real-life scenarios
Course Outline:
- Introduction to FAIR
- The State of Risk Management
- The Profession Today – Prevailing Practices of Risk Management
- Assumptions and Terminology
- Measurement Concepts
- Probability vs. Possibility
- Probability vs. Prediction
- Subjectivity vs. Objectivity
- Accuracy vs. Precision
- Calibrated Estimation
- FAIR Standard Application
- Analysis Scoping
- Quantifying Operational Risk
- Forms of Loss
- Threat Capability Continuum
- Controls and the FAIR Standard
- Reporting Risk Analysis Results
- Case Studies
CPE Credits & Certification:
All participants will receive a certificate of completion, including 16 CPE hours for professional certifications. After training, the participants will be prepared for the Open Group’s Open FAIR Certification exam and will receive a voucher covering the cost of the exam.
Trainers:
Josh Griffis, Trainer, RiskLens Academy
- 13+ years in the Cyber Security Industry with 11 years in the Financial Services Industry and 2 years in the Retail Industry.
- Longtime FAIR Practitioner and Advisor of Informed Risk Decisions since 2007
- CISSP Certified since 2012
- Specializing in Digital Forensics, Incident Response, Security Architecture, Threat Modeling, and Quantitative Risk Analysis
- Managed the SOC for Women's Clothing Retailer
- A Photography Hobbyist
- Hardcore Gamer (PC, Console, Tabletop, Board, Card, etc.)
Bernadette ”Bernie” Dunn, Trainer, RiskLens Academy
- Certified OpenFAIR Trainer, RiskLens
- Technology to Business Communications Expert since 2001
- Pioneer in online career services (CareerBuilder.com)
- Certified Microsoft Licensing Solution Provider (LSP)
- Digital Transformation Software Solutions Executive (SaaS)
- Board Leader, WITI & Advisory Board Leader, Global Won
- Mentor & Advocate for Veterans in transition
- B.A., Organizational Communications, University of Cincinnati, 2001
- Certificate of Mastery, Rhetorical Theory, University of Cincinnati, 2001
- Certified Leadership Development Coach and Trainer, Next Level Trainings (2015) Deep Coaching Institute (2018)