FAIR Risk Management Analysis
Added on - 28 May 2020
Showing pages 1 to 1 of 3 pages
IT governance framework (Question 1)My host company uses FAIR as an IT governance framework. FAIR which stands forFactor Analysis of Information Risk is a framework model that is used to quantify the risk ofinformation loss. Information is vital to every company, and any chance of information loss canlead the company to lose trust of its members. The focus of this model is the risk of losinginformation through cybersecurity and also operation risk. Some of its structural componentsinclude the scope and the input and analysis results. The range defines the extent to which theanalysis is conducted. The input contains the data variables to be analyzed while the analysisresults give the output of the investigation (Aven, 2012).The company information technology administrator can decide to run a FAIR-U toolwhich is a website application designed to analyze the risk of information loss through thewebsite. The IT governance framework is fundamental to this company because it enhancessecurity, reliability, and management of the information. Assessing risk helps the companymitigate any forms of threats that may damage the reputation of the company. FAIR ensures thatthe individuals who may have caused information loss are accountable and responsible for theiractions by identifying them as threats to the company. FAIR enhances decision-making processin the company by exposing all the facts to the company board of governance on the best ways ofmitigating the cyber security issues (Peterson & Fabozzi, 2012).ReferencesAven, T. (2012). Foundations of risk analysis. Hoboken, N.J: Wiley.Peterson, D. P., & Fabozzi, F. J. (2012). Analysis of financial statements. Hoboken, N.J: Wiley.