CRQ Training

Cyber Risk Quantification Training with C-Risk

Learn the basics of quantitative risk analysis using FAIR methodology or take a deep dive to become a FAIR practitioner. Our expertly developed training courses focus on Cyber Risk Quantification using the FAIR taxonomy and methodology—a logical, repeatable, defensible model for analyzing cyber and technology risk in financial and probabilistic terms.

cyber risk quantification training
cyber technology risk FAIR methodology

Quantify cyber and technology risk using the FAIR™ methodology

Gain a detailed understanding of the FAIR taxonomy and analysis methodology. Learn how to scope risk scenarios, model them in FAIR, estimate the data required to perform financial quantification and interpret the results.

CRQ training benefit

Who will benefit from CRQ training?

Our Cyber Risk Quantification training programs are designed for business and IT professionals as well as other internal and external stakeholders within an organization, including:

  • Risk managers
  • Security analysts
  • CFOs
  • CISOs and cybersecurity senior management
  • Executives and board members
  •  IT and security professionals
Introduction to CRQ for the Non-Practitioner

Learn the basics of risk quantification, gain insights on the FAIRTM taxonomy and ontology, examine the limits of qualitative approaches and discover how FAIR complements other analysis methods.

You don’t need to be an expert in risk management or an information security engineer to follow this course.
A basic understanding of risk management, cyber risk and Information security concepts will be a benefit.

CRQ using FAIR for Practitioners

Learn how to measure and manage risk with the FAIRTM taxonomy and ontology. Delve into risk quantification and explore how to apply CRQ to real-world use cases.

This course prepares participants for the Open FAIR™ certification. The exam is not included in the cost and some additional self-study may be required before attempting the certification.

Master Cyber Risk Quantification and build on your existing cyber risk analysis skill set

Qualiopi certified
The Qualiopi certification

is designed to verify that training institutions adhere to the quality standards set by the French government. The outstanding pass rate of course participants taking the Open FAIR certification exam attests to the quality of our courses.

Satisfaction rate

Training participants consistently express high satisfaction with our CRQ training courses.

pass rate

Open FAIR™ Certification exam

Trained professionals in 6 sectors
Of the 11 Global Industry Classification Standard (GICS) sectors

Cyber and technology risk is business risk. Cyber risk quantification builds resilience with informed decisions.

logo qualiopi

The quality certification was issued for the following category of action: TRAINING ACTIONS.

Would you like to know more about C-Risk's CRQ training courses?

CRQ training will provide you with the tools and processes to analyze cyber risk differently. Learn how quantification can improve your infosec budget decisions and communication with critical stakeholders.

participate training course c risk
CRQ Training advantages

Why should I participate in a C-Risk training course?

Your organization’s cybersecurity governance, business processes and communication will improve with risk-based and data-driven analysis techniques. The quantification of cyber and technology risk using the FAIR methodology allows risk managers, decision-makers, auditors and risk analysts to talk about risk in financial terms.

Gain insights into quantification techniques and modeling risk

You will acquire a broad understanding of the FAIR taxonomy and analysis methodology so that you are equipped to scope risk scenarios using the FAIR methodology, estimate the data required to perform quantification, and interpret the results.

Improve how you communicate about risk

Translate cyber risks into business terms, bridging the gap between IT professionals and executive leadership. With CRQ you can make defendable strategic recommendations while avoiding biases by applying statistical methods to estimate the probability and impact of potential cyber incidents.

Prepare for the Open FAIR certification exam

We provide the materials and support to pass the Open FAIR™ Certification. The certification validates that you have mastered the fundamentals of the Open FAIR Body of Knowledge and understand of the core principles of risk analysis using the FAIR taxonomy.

Introduction to CRQ
CRQ using FAIR™ for Practitioners
Days of training
½ day
Onsite or live online
Onsite or live online
Hours of classroom instruction
4 hours
14 hours
Overview of qualitative and quantitative risk analysis methods
Introduction to Cyber Risk Quantification for strategic decision-making
Introduction to the FAIR™ taxonomy and methodology
Deep dive into the FAIR taxonomy and methodology
Learn cyber risk quantification techniques
Learn how to scope a risk scenario and make calibrated estimates
Introduction to the loss chain and its components
Assess your susceptibility to threat actors
Avoiding pitfalls while performing CRQ
Perform a quantitative risk analysis
Understand how results are presented
Learn how to present results to stakeholders
Covering use cases: optimizing cyber insurance, report to regulators, regulatory compliance, etc.
Preparation for the Open FAIR Certification Exam

(Q&A, Exam preparation materials etc...)

Get started on your path to becoming a FAIR-certified Cyber Risk Quantification practitioner today!

Learn from FAIR-certified trainers, who will equip you with the knowledge and resources to begin scoping risk scenarios.

Book a meeting
CRQ training FAQ

Here you'll find answers to some of your questions.

Why take the Open FAIR Certification exam?

The FAIR certification exam validates that examinees have fully mastered the FAIR taxonomy and the key concepts of the FAIR Standard. It is the only international standard quantitative model for information security and operational risk. As cybersecurity legislation and compliance regulations evolve, your quantification expertise will be in demand.

What materials are provided by C-Risk?

Introduction  to CRQ for the Non-Practitioner participants will be provided with a training manual with training content, exercises and key points, including FAIR on a page.

CRQ using FAIR for Practitioners participants will be provided with a training manual with training content, exercises and key points, including FAIR on a page. You will also receive a multiple choice preparatory test for the Open FAIR™ Certification exam.

Training facility location and accessibility?

Our onsite training facility in Paris is equipped to received disabled participants and our trainers have participated in disability inclusion training.

What skills are required to perform cyber risk quantification?

It is important to start with a solid foundation in cybersecurity, with an understanding of threats, vulnerabilities, and defenses. This is then paired with a quantitative analysis method such as the FAIR methodology, which involves scoping risk scenarios using statistical methods to estimate the likelihood and impact of potential cyber incidents. Integral to this process is a solid understanding of a risk management framework, providing the structure for assessment methodologies.