Skip to content
Log in

FAIR (Factor Analysis of Information Risk)

Definition

A quantitative risk framework standardised by The Open Group (Open FAIR) that decomposes risk into Loss Event Frequency and Loss Magnitude, each further decomposed into sub-factors. Uses probability distributions rather than point estimates, producing a range of probable outcomes.

Related terms

ALE (Annualised Loss Expectancy)
The expected monetary loss from a specific threat over a one-year period. Calculated as: ALE = SLE x ARO (Annualised Rate of...
Qualitative risk assessment
A methodology that rates likelihood and impact on descriptive or ordinal scales (such as 1-5 or low/medium/high) and combines them in a...
Quantitative risk assessment
A methodology that assigns monetary values to threat scenarios using metrics such as asset value, exposure factor, SLE, ARO, and ALE. Outputs...
Risk appetite
The amount and type of risk an organisation is willing to accept in pursuit of its objectives, as defined by its governing...
SLE (Single Loss Expectancy)
The expected monetary loss from a single occurrence of a specific threat event against a specific asset. Calculated as: SLE = Asset...

Explained in

  • Risk Assessment MethodologiesA quantitative risk framework standardised by The Open Group (Open FAIR) that decomposes risk into Loss Event Frequency and Loss Magnitude, each further decomp...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account