PKI Maturity assessment report plays a crucial role to achieve the consistency of the results and comparable outputs.
Also, the possibility of reporting the maturity levels and progress is very important for continuous improvements and tracking of the PKI maturity in time.
The following standardized assessment reports are available:
- Assessment report
- Detailed report
The purpose of this report is to provide enough information in a presentable format for management, in order to support the PKI strategy and improvement.
The assessment report should contain the following information:
- Overall maturity level with the description of the achieved level
- Simple overall rating with description
- Chart with the maturity levels in each of the category
- Recommendation to move to next maturity level (if applicable) (to improve) (table with the current snapshot and where it should be moved)
- Chart as comparison with similar companies
This is a short report that can be presented to customers and relying parties to prove the compliance and maturity level of the PKI implementation.
THe attestation should contain:
- Overall maturity level achieved
- Date of the assessment
- Identification of the assessor (internal / external)
The purpose of the detailed report is to have all the information regarding the assessment and maturity model in one place. The end users of the detailed report are internal people managing the PKI.
The detailed assessment report should contain the following:
- Overall rating of the assessment with description of achieved maturity level
- Detailed report about each of the category and its maturity level together with explanation why the level has such rating
- Chart with all categories
- Chart with industry ratings (similar organizations)
- Recommendation for progress with explanation how to achieve the next level (if applicable)
- Model explanation