At the latest The Open Group conference in London the Security Forum introduced version 2.0 of the Risk Taxonomy (O-RT) technical standard and released the new technical standard Risk Analysis (O-RA). The new version of the Risk Taxonomy standard incorporates some minor updates based on the feedback by practitioners that have been using it. As a companion to it, the Risk Analysis standard provides a process framework that supports FAIR-based risk analysis.
For further details refer to the official blog posts by The Open Group that summarize both standards quite good (part I, partII).
I’ve added both standards to the knowledge base section IT Strategy and Governance.