Scribd
Upload
127 views

FAIR Template

The document outlines a risk analysis framework including categories for the risk initiator, threat, asset at risk, risk owner, forms of loss, and assumptions. It provides examples for each category such as nation state cyber criminal for threat or availability, confidentiality, and integrity for impact area.

Uploaded by

Dimitris Maketas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
127 views

FAIR Template

The document outlines a risk analysis framework including categories for the risk initiator, threat, asset at risk, risk owner, forms of loss, and assumptions. It provides examples for each category such as nation state cyber criminal for threat or availability, confidentiality, and integrity for impact area.

Uploaded by

Dimitris Maketas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Ver. 0.

1 / Last Update: 14/09/2019

Risk: Threat Community, Action, Asset, Impact


Risk Initiator What triggered the Threat Nation State
analysis? Management Cyber Criminal
request, audit finding, Organized Crime
project, change request, Privileged Insider
incident…
Non-privileged insider
Hacktivist
Act of Nature (Earthquake,
Tornado, Flood etc.)
Asset at Risk Asset, Resource, Process, Impact Area Availability
Capability… Confidentiality
Integrity
Safety
Compliance/Regulatory
…???
Risk Owner The person accountable Threat Type Malicious
for ensuring the risk is
Accidental
managed appropriately.
Snooping
…???
Forms of Loss Productivity Key Controls
Replacement
Response
Competitive Adv.
Reputation
Fines & Judgements
Assumptions:

You might also like