Security Management
B3: Deploying Risk Quantification at Scale
Thursday, September 22, 2022 1:30 PM - 2:30 PM
Room 405
Description
As early as 2017, KP's Technology Risk Management department began exploring a transition to quantified risk management using the FAIR method. This presentation follows that journey from inception, to scaling FAIR for full enterprise use, including as a decision support tool outside the traditional domain of cyber risk. The discussion will cover the history, tools, organization structure and capabilities of FAIR in use at Kaiser Permanente.