MATURITY.

14 NIST CSF 2.0 categories scored across 4-tier maturity. 5 categories at Tier 1 (partial) or below. 1 category (Identify.RA) has no formal owner assigned.

Maturity scoring without an owner is benchmarking yourself for fun.

DG-006 · ID.RA · risk assessment TIER 1

Self-rated 4/5. Auditor-rated 1/5. No documented owner.

Assign owner, draft Tier 3 target, schedule quarterly review.