What is a CMM Level?

A CMM Level refers to a maturity level in a Capability Maturity Model (CMM) framework, which assesses the maturity of an organization’s processes. There are multiple maturity models in existence and each has its own number of levels, naming conventions and criteria.

One of the oldest and most respected CMMs is the Systems Security Engineering Capability Maturity Model v2.0 (SSE-CMM). SSE-CMM is a free resource, since it was funded by the US Government. There are six (6) CMM levels associated with the SSE-CMM:

CMM 0 – Not Performed;
CMM 1 – Performed Informally;
CMM 2 – Planned & Tracked;
CMM 3 – Well-Defined;
CMM 4 – Quantitatively Controlled; and
CMM 5 – Continuously Improving.

Governance Risk & Compliance (GRC) Content

Secure Controls Framework (SCF)

NIST 800-171 & CMMC - Where Do I Start?

Editable Policies & Standards Templates

Editable Procedures Templates

Cybersecurity Supply Chain Risk Management

NIST 800-171 Compliance

Risk Management

Data Protection (Privacy) & Secure Engineering

Vulnerability & Patch Management

Incident Response

PCI DSS Compliance

NIST 800-171 & CMMC Compliance

Premium GRC Content (GRC Importable)

Cybersecurity Policies, Standards & Procedures

Cybersecurity Supply Chain Risk Management

Privacy & Data Protection (GDPR, CCPA & more)

Risk Management Bundles

Subscriptions

Common Compliance Requirements

Alignment With Secure Practices

Free Guides

Cost Savings

US Federal Data Security Laws & Regulations

US State Data Security Laws & Regulations

International Data Security Laws & Regulations

SCF Certifications

SCF Licensed Content Provider (LCP)

Individual Certifications

Why Choose ComplianceForge?

Cybersecurity & Compliance FAQS

Controlled Unclassified Information (CUI)

Industries Served & Client References

Multiple Company Discount

Product Comparison: DSP vs CDPP

What is a CMM Level?

What is a CMM Level?