Cyber Maturity Assessment (CMA)

Cyber Maturity Assessment (CMA)

Create a stronger security culture within your organization

The security culture within your organization

Cyber security is a strategic enterprise risk that goes far beyond information technology. Uncontrolled, it can impact product integrity, the customer experience, investor confidence, operations, regulatory compliance, brand reputation and more.

The cyber security landscape and the associated threats is not a new thing –the speed of evolution is what is changing. The focus on cyber security is increasing rapidly due to many high profile and highly disruptive/damaging security breaches threatening financial and physical damage across critical national and corporate infrastructures.

It is also increasingly common for government buyers and large corporates to demand confidence in information management as a qualifier for lucrative contracts or partnerships. With the stakes so high, organizations must decide on their cyber risk appetite and how they will respond.

Why CMA?

KPMG’s Cyber Maturity Assessment provides an in-depth review of an organization’s ability to protect its information assets and its preparedness against cyber threats.
We believe that it is unique in the market in that it looks beyond pure technical preparedness for cyber threats. It takes a rounded view of people, process and technology to enable clients to understand areas of vulnerability, to identify and priorities areas for remediation and to demonstrate both corporate and operational compliance, turning information risk to business advantage.

In developing the assessment, KPMG has combined international information security standards with global insight of best practice in risk management, cyber security, governance and people processes. The approach addresses six key dimensions at three levels of maturity that together provide an in-depth view of an organization’s cyber maturity.

Operational considerations for CMA

  • Do you need help assessing whether the mechanisms to manage your organization’s risks are mature?
  • Are you looking to create a stronger security culture within your organization?
  • Do you need a better understanding of whether your organization complies with the varied regulatory requirements?
  • Are you looking to take greater control, ensuring that your organization is prepared for the evolving cyber security landscape?
  • What should you be considering as part of a cyber security strategy?


Working with your team and conducting a combination of interviews, workshops, policy and process reviews and technical testing, KPMG's CMA team takes a positive view to managing cyber security, and the program rapidly:

  • Identifies current gaps in compliance and risk management of information assets;
  • Assesses the scale of cyber vulnerabilities;
  • Sets out prioritized areas for a management action plan.

The assessment provides the flexibility to assess the level of cyber maturity on a site by site basis or at a company level. It helps to identify best practice within an organization and provides comparator information against peer groups and competitors.

In turn, allowing businesses to feel free to navigate the cyber security landscape and achieve their business aspirations.

Connect with us


Request for proposal



Cyber Security

The threats from cyber adversaries are continuing to grow in scale and sophistication.

Read more