Ascentor’s Cyber Security Maturity Assessment is a complete service package that gives you an objective, vendor neutral and (optionally) repeatable assessment of your organisation’s cyber security preparedness and effectiveness – where you’re doing well and where improvements are required.

The assessment is based on the Cybersecurity Capability Maturity Model (C2M2), an internationally recognised benchmark.

The service package provides a full assessment, based on the maturity model, to understand the good, the bad and the ugly of your organisation’s cyber security posture. The output is a fully documented report, detailing our findings and recommendations.


Cyber security is never far from the news headlines, but many organisations are still woefully unprepared to resist the seemingly daily attacks. And we are all responsible for cyber security – leaving it to the IT team is no longer an option.

If you are savvy to the cyber threat – perhaps even suffered an attack – you have probably already taken some basic steps. You know you need to do more but are just not sure what next. Your organisation needs intelligent insight to highlight any cyber security shortfalls and recommend remediation – maybe a quick fix or the information to drive a business case for change. Whichever, the output from a Cyber Security Maturity Assessment will help you identify where to get maximum ‘bang’ for your cyber security ‘buck’.

A Cyber Security Maturity Assessment does more than baseline your cyber security posture; it can also be used to measure the effectiveness of ongoing cyber security programmes, either as an assurance activity during a programme of work or as part of continuous monitoring process. Running a Cyber Security Maturity Assessment can provide the information to drive cyber security dashboards, helping the board make sense of your cyber risk profile.


The Cyber Security Maturity Assessment is based on a one-day workshop with preparation and a follow-up report.

Our experienced consultants will prepare and run the session and guide the attendees to provide the necessary information for all aspects of our C2M2 questionnaire. It’s essential for the workshop to have the right scope, the right people and the right environment, so we always have a start-up call to agree all this.

Some organisations prefer to have the workshop ‘offsite’ to keep people focused; others prefer to stay within the office environment. In either case, a dedicated meeting or conference room is essential.

After the workshop, we prepare a written report and presentation back at our offices. The report will show how your organisation shapes up against all the C2M2 criteria for strong cyber security; we will explain any shortfalls with recommendations on priorities and actions to address them. A sample report is available on request.

We present the report at a follow-up meeting and discussion. Armed with the knowledge of what needs to be done and a plan optimised to your business needs and resources, you can proceed with a remediation programme at your own pace. Ascentor can support you through our Remediation Services.


The Cyber Security Maturity Assessment is £3,950 plus VAT. If you wish us to host the workshop, we will agree a cost profile with you in advance.


We’ve produced two resources to help further your understanding about maturity assessments for cyber security.

You can download a sample of our Cyber Security Maturity Assessment feedback report to see the format and outputs of a C2M2 based assessment.

We have also written a new white paper on measuring and managing maturity assessments for cyber security. We cover the concept and purpose of a maturity model, where the value lies and discuss several models available, including the C2M2.

The sample report and white paper are free to download here.

Contact us

Your cyber security challenges and our pragmatic approach - we could be the perfect fit. Contact the team at Ascentor for an informal chat.