Factor analysis of information risk (FAIR) is a taxonomy of the factors that contribute to risk and how they affect each other. FAIR underlines that risk is an uncertain event and one should not focus on what is possible, but on how probable is a given event. This probabilistic approach is applied to every factor that is analysed. The risk is the probability of a loss tied to an asset.
FAIR defines six kind of loss:

Productivity – a reduction of the organization to effectively produce goods or services in order to generate value
Response – the resources spent while acting following an adverse event
Replacement – the expense to substitute/repair an affected asset
Fines and judgements (F/J) – the cost of the overall legal procedure deriving from the adverse event
Competitive advantage (CA)- missed opportunities due to the security incident
Reputation – missed opportunities or sales due to the diminishing corporate image following the event