HMG IA Maturity Model (IAMM)
The IAMM is no longer supported by the NCSC. This page is retained for those still using the IAMM to assess and improve their organisation's security effectiveness.
Although no longer supported by the NCSC, organisations may choose to continue to use the Maturity Model to assess and improve their security effectiveness.
The IA Maturity Model
After a review of the HMG IA Maturity Model (IAMM) the NCSC has decided to withdraw support for the model, which was widely used by government departments and the broader public sector following its inception in 2008.
Retained here, or from the Downloads tab, for information are;
Services which were offered as part of the support for the Maturity Model - the independent review and the supported self-assessment - have been withdrawn.
Was this information helpful?
We need your feedback to improve this content.