Our model has been developed to incorporate a broad range of standards-based requirements, and enhanced by our more ‘real-world’ understanding of cyber defence and its evolution, with organisations around the world.

It takes a 3-dimensional approach to assessing maturity against set criteria by evaluating the functions of people, processes, and technology in four core areas of capability, namely the abilities:

To Prepare > To Identify > To Analyse > To Respond


  • Review and assess current state of IR processes; and generate a roadmap that supports improvement of IR program and accelerated development.
  • Review and assess current program documentation including policies, procedures, playbooks etc.
  • Document all aspects & findings, generate benchmarks, metrics, tool outputs, and prepare report.
  • Prepare a roadmap for development of capability including, specific gaps and requirements, and trade-offs.