Your Company, Your Vulnerabilities, Your Solution

The cybersecurity risks most relevant to one business may be of little concern to another. The CMMI Cybermaturity Platform establishes up front where your focus needs to be to mitigate the cyber threats that matter most to your organization.

Identify Cyber Vulnerabilities in Your Risk Profile Questionnaire

The risk questionnaire makes cybersecurity risk identification simple and straightforward. You’ll select the likelihood of specific risk events occurring as a result of various potential vulnerabilities. Then, you’ll indicate the impact that each risk event would have on your organization, should it ever occur. You can edit and add notes to your responses at any time.

See Results Instantly on Your Company Risk Profile Matrix

As you fill out the risk questionnaire, the CMMI Cybermaturity Platform populates your responses into an easy-to-read, interactive company risk profile matrix. The matrix is expandable, editable and shows at a glance where your organization is most vulnerable.

Set Initial Cybermaturity Targets for Each Capability

Each item on your risk matrix is associated with a number of capabilities that impact it. Once you’ve filled out your risk profile, the platform uses that data to generate initial maturity targets for all the capabilities within each matrix item and prioritize those capabilities based on the risks most relevant to your organization. This makes it easy to see which capabilities influence your cyber resilience the most.

Complete Your Activity-Based Cybermaturity Assessment

The cyber capabilities self-assessment allows you to measure the current cybermaturity levels of people, processes and technology across your organization:

Your team indicates whether practices are in place, not in place or not applicable for over 3,100 capabilities spanning seven functional areas: ensure governance framework, establish risk management, identify and manage risks, ensure risk mitigation, ensure risk detection, ensure risk response and ensure resilience.
Designate individual practices and/or whole functional areas as “centralized”—meaning responses for underlying capabilities translate across all business units.
Assign teams to complete portions of the assessment, from specific functional areas to entire business units, through the platform itself.

Complete Your Activity-Based Cybermaturity Assessment

See How Current Maturity Measures up Against Target Maturity

Once you’ve completed your company risk profile and activity-based self-assessment, you can pull measured maturity vs. target reports from the enterprise view dashboard.

The output is a simple, filterable visual that shows current maturity levels as measured by your assessment next to the maturity targets established by your risk profile. You can instantly see where you’re at, where you need to be and how far you have to go to get there for each capability and practice area.

See Practice Gaps at a Glance

The CMMI Cybermaturity Platform also allows you to group, filter or focus in on information intuitively. Practice gap reports organize the information from your self-assessment to show you how many practices aren’t in place for each capability area, starting with the highest risk areas as determined by your risk profile.