Risk Metrics

Social Media Risk Metrics (SMRM)

This is the first risk metric framework that is designed to measure the assumed risk that individuals (assets), and organizations take as part of their online activity.

The framework was developed around several GQM elements and lends some elements from risk frameworks such as FAIR. It is designed to be flexible enough and accommodate the specific biases that different organizations would have around particular elements of their and their employees online activities (through a weighing system).

A full documentation of the framework and explanation (with some examples) of what each parameter means is available on the documentation page.

The mindmap that corresponds with the framework is available here:


Social Media Risk Metrics by Ian Amit

And the calculations in a handy Excel sheet are here:


The framework has been presented for the first time at DerbyCon 2015 by Ian Amit and Alex Hutton, and later showcased at the RSA Conference 2016