IEEE Paper “Quantitative Privacy Risk Analysis”
Most privacy risk assessment methodologies are homegrown and qualitative. Numerical models generally involve largely arbitrary quantifications. FAIR, a quantitative risk model for information security related risks, can be modified for privacy, providing more meaningful measurements and supporting comparison of risks of similar scenarios with varying controls to organizational tolerances.
NIST Privacy Engineering Collaboration Space
NIST’s Privacy Engineering Collaboration Space is an online venue open to the public where practitioners can discover, share, discuss, and improve upon open source tools, solutions, and processes that support privacy engineering and risk management.
NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0
Published: January 16, 2020 This publication is available free of charge from: https://doi.org/10.6028/NIST.CSWP.01162020 View PDF