Maturity Levels and Dimensions

Maturity models are designed as a matrix. The horizontal axis represents levels of maturity, also referred to as stages of growth. They are assessed against dimensions which are represented on the vertical axis. Dimensions are categories of criteria against which the maturity level is measured. Criteria are defined for each of the maturity levels.


Maturity levels are numbered on a scale where the lowest number indicates the lowest maturity. The levels themselves are broadly described and vary across disciplines. The IT Governance Maturity Model (ITGI 2003) is a good example of how levels can be described when expressed in generic terms.

Governance performance is rated on a scale to grade its maturity level, from nonexistent (zero) to optimised (five). The non-existent stage indicates there are no governance processes since the topic has not yet been addressed. During the initial stage, some evidence of an ad hoc approach to governance is apparent. The organisation recognises the need for governance but processes are sporadic and applied on a case-by-case basis. There appears to be no governance structure in place. When governance processes become more consistent in stage three, they are repeatedly performed and follow a recognisable pattern. However, the effectiveness of governance structures depends on the performance of key individuals and their particular expertise.

Governance reaches the next stage when processes are standardised and documented but are mainly based on existing procedures. They are expected to be followed although little monitoring takes place. The governance structure is improved in that training takes place and communication is encouraged. In stage four, management monitors the performance of governance and takes corrective actions where and when necessary. There is a positive attitude to continuous improvement and processes are automated as much as possible. Finally, the optimised stage indicates a high level of good practice and governance performance compares well with those in similar organisations.

Table 9.1 Levels in a generic maturity model



0 Nonexistent

Complete lack of any recognisable processes. The enterprise has not even recognised that there is an issue to be addressed.

1 Initial/ad


There is evidence that the enterprise has recognised that the issues exist and need to be addressed. There are, however, no standardised processes; instead, there are ad hoc approaches that tend to be applied on an individual or case-by-case basis. The overall approach to management is disorganised.





Processes have developed to the stage where similar procedures are followed by different people undertaking the same task. There is no formal training or communication of standard procedures, and responsibility is left to the individual. There is a high degree of reliance on the knowledge of individuals and, therefore, errors are likely.

3 Defined processes

Procedures have been standardised and documented, and communicated through training. It is mandated that these processes should be followed; however, it is unlikely that deviations will be detected. The procedures themselves are not sophisticated but are the formalisation of existing practices.

4 Managed and


Management monitors and measures compliance with procedures and take action where processes appear not to be working effectively. Processes are under constant improvement and provide good practice. Automation and tools are used in a limited or fragmented way.



Processes have been refined to a level of good practice, based on the results of continuous improvement and maturity modelling in comparison with other enterprises. Approaches are integrated and automated as far as possible, enabling the organisation to adapt to changed circumstances.

There are a number of interpretations of what constitutes the levels in a Project Management Maturity (PMM) model. For example, Kwak and Ibbs (2002) determined each maturity level by major project management processes, organisational characteristics and key focus areas:

• Level 1: Ad hoc. There are no project management processes and project management lacks senior management support. The aim is to initiate basic project management processes.

• Level 2: Planned. At this stage, project management processes are informally defined and a weak team-oriented approach is applied. Projects are individually planned.

• Level 3: Managed at project level. Formal project planning and control is practised but still at the individual project level. Project teams are starting to emerge but training is informal.

• Level 4: Managed at corporate level. The focus is on project programme management with a strong teamwork approach and supported by formal project management training. Planning and control incorporates multiple projects.

• Level 5: Continuous learning. The organisation seeks to continuously improve and innovate its project management processes since it has become project-driven and responsive to market demands.

Vandersluis (2004) proposed a five-level model designed for general purpose projects. Its stages are summarised as follows:

• Level 1: Ad hoc. Project management is carried out on a project-by- project basis in a non-standard manner. According to the authors, most organisations appeared to fall into this category when the research was conducted.

• Level 2: Planned. Some planning standards for projects exist but projects are tracked on a project-by-project basis.

• Level 3: Managed. There is some evidence of a standardised approach to both project planning and tracking.

• Level 4: Integrated. Project management is brought together for all projects.

• Level 5: Sustained. There exists a re-iterative process to self-correct and self-improve project management so that it is self-sustaining.

A number of observations can be made from the above project management maturity models. The level descriptions are similar, with the first level recognising an 'ad hoc' approach and the final level an 'optimised' state. At the beginning there are no formal processes, while in the final stage processes are firmly established and continuously improved. Project and business activities are aligned in organisation-wide practices. In between is the 'initial' level in which there is some indication of project management planning and presence of processes. During the following 'managed' level, a formal approach to project management exists and is applied to every project. Prior to reaching the optimised level stage, project management is formalised and integrated, and takes on corporate characteristics with the focus on project programme management and the move towards a PBO.

For complex projects, including risk management capabilities, Yeo and Ren (2009) proposed a five-level maturity model. The 'Risk Management Capability Maturity Model (RM-CMM) for Complex Product Systems' recognised the following levels:

• Level 1: Ad hoc. There is no structured approach to deal with risk as there is a lack of awareness about risk management. Management mindsets are reactive and mechanistic and come into play after the problem has occurred. There are no procedures to deal with the unexpected.

• Level 2: Initial. Some awareness exists about the importance of risk management and its potential benefits. Project risk management processes and structures are of a rudimentary nature.

• Level 3: Defined. This is the watershed stage (referred to as the 'demarcation level') in which formal risk management is included in corporate business processes. Generic risk management produces policies and procedures that are implemented organisation-wide. The system deals with most known or predictable risks, but senior management are beginning to understand the benefits of project risk management. The organisation emphasises project management within a balanced matrix structure.

• Level 4: Managed. Risk management processes are clearly defined to identify, assess and respond to risks. Risk impact and severity are measured and risk management performance is monitored. There is a risk-aware mindset with a proactive approach to the management of risks, and consideration is given to both internal and external stakeholders. There is likely to be a strong PBO.

• Level 5: Optimising. The alignment between project and business objectives ensures that business risks are seriously considered. There is a comprehensive risk management plan with qualitative and quantitative measures for risk assessment. Testing innovative ideas and exploring the potential of new approaches to conducting business and associated risks are encouraged. The organisation structure is clearly project-based and therefore highly flexible and responsive to market changes.

Table 9.2 Dimensions of project risk governance

Constructs of PRG Maturity

Variables of PRG Maturity

Projects in Organisations

Project-versus Product-Based Organisation

The Project-Based Organisation (PBO):




PBO Structures

Business and Project Interaction

Business Strategy Formulation Business and Project Strategy Alignment Strategies for Value-Protecting Strategies for Value-Creating Alignment with Project Risk Management

Corporate and Project Governance

The Concept of Governance Corporate Governance Conformance and Performance Project Governance

Project Risk Governance - Processes

Scope of Project Risk Governance

Portfolio, Programme and Project Management

Investment Management

Value Realisation

Performance Management

Project Risk Governance - Structures and Relationships

Organisational Leadership and Board of Directors Project Sponsors and Project Managers Steering Committees and Project Management Office Linking Structures and Processes

Project Risk Governance in Context

Professional Associations Risk Management Standards Project Success

Human Resources Management Change Management Paradigmatic Influences

The Concept of Project Risk

What is Project Risk? - The Basics Project Risk-A Deeper Perspective Perceptions of Project Risk Project Risk and Uncertainty Project Risk Appetite and Tolerance

Essentials of Project Risk Management

Understanding Projects

Importance of Project Risk Management

Project Risk Management Plan

Project Risk Modelling and Ranking

Project Risk Register

Implementing Project Risk Responses

Project Team

Project Risk Governance Maturity

Project Management Maturity Models Benefits of Maturity Assessment Maturity Levels and Dimensions A PRG Maturity Model Progressing between PRG Maturity Levels


Which level of maturity has been reached is determined by comparing project management/governance processes, structures and relationships against consistent and easy-to-understand dimensions. The use of dimensions greatly simplifies the task of initiating improvements since they provide a pragmatic and structured approach for measuring how well developed is an enterprise's project management or governance. They reflect a capability benchmark against which the organisation can rate itself to establish its strengths and weaknesses.

Project risk governance dimensions can be developed by first identifying constructs and then variables within them. For PRG, the chapter headings of this book provide suitable constructs, while the topics within each chapter represent variables. An overview of PRG dimensions developed by this approach is presented in Table 9.2.

< Prev   CONTENTS   Next >