Perform a FAIR end-to-end risk assessment using the Small Business Risk Analysis Case Study Actions . Your end-to-end assessment should include the following:
Select a risk you would like to assess. Perform your scenario scoping and values selection.
This should include:
1. Scope Table (with your most important scenarios),
2. LEF Table,
3. Primary Loss Table,
4. SLEF Table,
5. Secondary Loss Table.
You must provide your rationale for each value selection. (e.g. why have you chosen a specific asset at risk, why have you chosen a particular threat effect, where did you get a specific loss value, how did you estimate your LEF values, etc.). The justification is more important than the values you select.
Enter your values into the FAIR U tool and run your scenario. Provide your results from the FAIR U tool (you can take and post screenshots) and document any insight into your thoughts on your results (e.g. are they higher than you thought and you suspect you may have some errors in your values/assumptions? If so, what are they? Was anything surprising to you in this process? What was particularly challenging in this process? What would you do differently next time?)
