Open Fair Body of Knowledge: Behind the Certification Curtain


By Terry Rapoch, HealthGuard Vice President of Training & Advisory Services 

As we prepare to launch the fall course offerings for HealthGuard University, it’s a great time to do a deep dive into the concept that provides the foundation for all our classes Open FAIR™ Body of Knowledge (BOK). The BOK is the guiding light for HealthGuard University – the wealth of information it contains is the backbone for everything we teach. And as the only Open FAIR™ certified trainer focusing on the healthcare industry, we strive to offer the very best courses for our participants. From an introduction to the concepts that make up Open FAIR™ to in-depth executive-level training top-notch prep for the Open FAIR™ certification exam, there’s a HealthGuard University course for just about everybody. 

Our next scheduled four-day prep course for the Open FAIR™ certification exam, called Open FAIR™Foundations, is set for September 21-24, 2021, and includes a private study group and a voucher for the exam. Click HERE to register before September 10, and get 25% off our regular price. 

Now let’s dig in. 


The Open Group is a global consortium that seeks to “enable the achievement of business objectives” by developing “open, vendor-neutral technology standards and certifications.” its diverse membership of more than 800 organizations includes customers, systems and solutions suppliers, tool vendors, integrators, academics, and consultants across multiple industries.

One of the key standards and certifications that the Open Group supports is Factor Analysis for Information Technology – commonly known by its acronym, FAIR. Put simply, FAIR defines a method for determining risk using probabilistic models built upon the underlying factors of a given scenario. 

Developed in the early 2000s by industry legend Jack Jones, FAIR is now considered the international industry standard risk measurement model for cyber risk quantification. One of the Open Group’s most notable achievements is the creation of the FAIR Body of Knowledge (BOK). The BOK is now the working standard for training about, certification in, and application of the FAIR method to risk analysis. 


The Open FAIR™ Certification Program is anchored by and based on the Open FAIR™ BOK. The BOK itself is comprised of two standards:

  • The Open Risk Taxonomy Technical Standard (O-RT) defines a standard taxonomy of terms, definitions, and relationships used in risk analysis.
  • The Open Risk Analysis Technical Standard (O-RA) describes the process aspects associated with performing effective risk analysis.

Taxonomy is the science of naming, describing, and classifying things; in this case, those things are the factors contributing to risk, such as VULNERABILITY to threats. The O-RT document for the FAIR taxonomy describes individual factors, but more importantly, it describes the relationship between them so risk can be modeled accordingly. The FAIR taxonomy can then be presented graphically as a hierarchy. 

Analytical standards, like FAIR, must be implemented in a specific manner and within specific guidelines to work effectively. O-RA outlines these, and also provides advice regarding challenges such as a calibration of estimates for factors that cannot be precisely measured. 

The bottom line? This two-pronged approach in the Open FAIR™ allows organizations to move forward with more consistent and meaningful analyses of the risks that threaten their strategic goals and stakeholders. 


Ready to take your risk career to the next level by earning your Open FAIR™ certification?  HealthGuard University is here to help you gain the knowledge and skills you need to earn your certification. 

As one of only three providers accredited by Open FAIR™, (and the only certified trainer with a specific expertise in healthcare), HealthGuard’s courses set the standard for exam preparation. Our virtual four-day, instructor-led Open FAIR™ Foundations (OFR_120) course is now open for registration. Held September 21-24, 2021, this certification preparation class is designed to ensure you're ready to sit for the Open FAIR™ exam. Click HERE to register and receive 25% off your class fee when you sign up.

Upon completion, you can expect to: 

  • Understand and apply FAIR risk analysis concepts.
  • Demonstrate an understanding of FAIR risk terminology.
  • Interpret and communicate results from FAIR risk analysis.
  • Demonstrate an understanding of the FAIR risk analysis process.
  • Demonstrate an understanding of how risk elements can be measured.
  • Demonstrate an understanding of the Open FAIR™ certification program. 

You'll also receive access to a weekly study group and a voucher for the Open FAIR™ certification exam. Completion of OFR_120 earns 16 CPE credits.

We look forward to helping you launch your career to the next level!

Open FAIR™ is a trademark of The Open Group

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

You may also like:

Apolonio Garcia


OCR Investigation Readiness

OCR Investigation Readiness
Performing Cost-Benefit Analysis on Hospital Risk
Your Spreadsheets are the Risk Blindspots You’re Overlooking
How Risk Quantification Protects Hospitals From Bad Decisions

Subscribe now to get the latest updates!