Course Overview
This course introduces participants to Pentagram Advisory’s CIRMP Maturity Assessment and Evaluation Model – a structured, evidence-based framework aligned with the Security of Critical Infrastructure (SOCI) Act 2018 and the Security of Critical Infrastructure (Critical Infrastructure Risk Management Program) Rules 2023 (CIRMP Rules).
Designed for professionals responsible for implementing, evaluating, or reporting on CIRMP obligations, the course provides a practical guide to understanding maturity principles, evaluating implementation across the eight CIRMP maturity assessment categories, and preparing governance-ready outputs to support continuous improvement and regulatory engagement.
Participants will gain access to an editable CIRMP Maturity Assessment and Evaluation Template that is aligned with the 59 CIRMP obligations and four maturity levels – to support structured self-assessment, evidence recording, and executive reporting.
Learning Objectives
By the end of this course, participants will be able to:
1. Understand the role of maturity in CIRMP implementation: Explain how structured maturity assessment supports regulatory defensibility, governance assurance, and uplift planning.
2. Explore the CIRMP Maturity Assessment and Evaluation Model: Understand the structure of Pentagram’s model, including four maturity levels and alignment with eight CIRMP maturity assessment categories.
3. Interpret CIRMP obligations through a maturity lens: Map CIRMP requirements to indicators of implementation maturity and differentiate expectations across obligation types.
4. Use the editable Maturity Assessment and Evaluation Template: Apply the provided template to assess organisational capability, document supporting evidence, and record maturity ratings.
5. Prepare actionable outputs for Boards and stakeholders: Translate maturity results into dashboards, heatmaps, and summaries for executive briefings and attestation.
Learning Outcomes
After completing this course, participants will be able to:
1. Describe the principles of CIRMP maturity: Explain how maturity assessments strengthen resilience, demonstrate compliance, and inform strategic decisions.
2. Apply the CIRMP Maturity Assessment and Evaluation Model: Assess current practices across cyber, personnel, supply chain, physical security, governance, and more using a consistent framework.
3. Document evidence and identify maturity gaps: Use the editable template to evaluate and record implementation maturity against each of the 59 CIRMP obligations.
4. Develop governance-ready outputs: Generate visual tools and written summaries to communicate maturity to senior leadership and the regulator.
5. Plan and prioritise improvement: Use assessment results to target areas for uplift, aligned with risk appetite, business priorities, and compliance timelines.
Private Coaching Session: Includes a one-hour private coaching session with the Pentagram Advisory team. During this session, we will provide tailored, practical advice specific to your organisation’s needs. Whether you’re preparing for your first CIRMP maturity assessment and evaluation, refining your internal evaluation approach, or seeking guidance on interpreting and presenting maturity results to Boards or regulators, this session is designed to help you apply the CIRMP Maturity Assessment and Evaluation Model with confidence.
