Maturity Model
What is the maturity model?
To determine how well each of the controls has been implemented within the organisation a standard set of criteria needs to be defined, Abriska uses a maturity model to define these criteria. This also enforces a level of consistency across the control maturity assessment.
The maturity model is a graded scale that allows a controls implementation to be assessed and given an effectiveness level. For example, Control Maturity (see above) shows how the effectiveness of a control would vary depending on the maturity that has been assigned.
The Default Maturity Model
By default, Abriska comes pre-loaded with a maturity model that has been defined for ISO 27001. This maturity model is based on the industry Standard (Control Objectives for Information and related Technology (COBIT®) - IT Governance Institute). There are six levels within the maturity model ranging from level 0 (Non-existent) through to level 5 (Optimised) and each level as a defined effectiveness.
To make changes to to the percentage scoring level please go into Control Maturity Assessment > CMA Setup > Maturity Model > click on the maturity model name > here you can modify the Maturity Level Name, Value or Description.