ASSESSMENT COMPLETE!
Thank you for completing the hardened network self-assessment. Your network security maturity score is
4 - Managed
Capability now operates within defined thresholds, which are aligned to the needs of the business, and is continuously monitored and improved through quantitative techniques.
Using process metrics, management can effectively control processes.
organization’s
current status
LEVEL 0 - Non-Existent
Capability is either not implemented or does not achieve its purpose.
Processes are nonexistent. Nothing has been done or planned.
LEVEL 1 - Ad Hoc
Capability has been implemented in an undefined way, with little to no integration, automation, measurement, or assurance.
Processes at this level are usually undocumented, dynamic, and driven in an ad hoc, uncontrolled, and reactive manner.
LEVEL 2 - Repeatable
Capability is either not implemented or does not achieve its purpose.
Processes are nonexistent. Nothing has been done or planned.
LEVEL 3 - Defined
Capability has been defined (planned, monitored and adjusted) across the organization (inclusive of third parties) and is supported by responsibilities and formal, mandated procedures. Compliance is monitored, and actions are taken to rectify noncompliance.
A full set of defined and documented processes exists and is subject to some degree of improvement over time.
LEVEL 4 - Managed
Capability now operates within defined thresholds, which are aligned to the needs of the business, and is continuously monitored and improved through quantitative techniques.
Using process metrics, management can effectively control processes.
LEVEL 5 - Optimized
Capability and supporting processes are aligned with best practices and subject to continuous improvement. Results are concerned with predictability and control variation.
The focus is on continually improving processes and performance through incremental, innovative technological changes and improvements.
LEVEL 0 - Non-Existent
Capability is either not implemented or does not achieve its purpose.
Processes are nonexistent. Nothing has been done or planned.
LEVEL 1 - Ad Hoc
Capability has been implemented in an undefined way, with little to no integration, automation, measurement, or assurance.
Processes at this level are usually undocumented, dynamic, and driven in an ad hoc, uncontrolled, and reactive manner.
LEVEL 2 - Repeatable
Capability is either not implemented or does not achieve its purpose.
Processes are nonexistent. Nothing has been done or planned.
LEVEL 3 - Defined
Capability has been defined (planned, monitored and adjusted) across the organization (inclusive of third parties) and is supported by responsibilities and formal, mandated procedures. Compliance is monitored, and actions are taken to rectify noncompliance.
A full set of defined and documented processes exists and is subject to some degree of improvement over time.
LEVEL 4 - Managed
Capability now operates within defined thresholds, which are aligned to the needs of the business, and is continuously monitored and improved through quantitative techniques.
Using process metrics, management can effectively control processes.
LEVEL 5 - Optimized
Capability and supporting processes are aligned with best practices and subject to continuous improvement. Results are concerned with predictability and control variation.
The focus is on continually improving processes and performance through incremental, innovative technological changes and improvements.