In this chapter, the authors review the process by which one conducts a Factor Analysis of Information Risk (FAIR) risk analysis. A review of the tool requirements is given (those items in addition to the ontology). A brief review of the licensing requirements and open source options for analysis tools is covered. A review of the scenario building technique, how to model assets, threat communities, threat types, and effects is discussed. A review of the necessity of expert estimation and stochastic modeling tools is given. Last, the authors cover the concept of levels of abstraction and show how they apply to various FAIR risk factors.