ai · security · skills

Essay

Placing a Function on the AISMM Scale

Step-one deliverable: a specific Initial → Efficient level per AI Security Maturity Model (AISMM) category, with the evidence and reasoning that justify it.

3 June 2026 · 5 min read · Binu Chacko

Situation

Maturity self-ratings are everywhere — every function has a number.

Complication

Unanchored self-ratings inflate, and auditors discount them on sight.

The question

What makes a maturity level defensible?

The answer

Observable self-placement tests per level, verbatim from the standard, scored from real control coverage and coverage-bounded.


The second artefact of an honest assessment is a maturity placement for every AI Security Maturity Model (AISMM) category in scope — a specific level on the Initial → Efficient scale, with the evidence and the reasoning that justify it. Not a workshop vote, not a self-reported score.

The scorecard, not the checklist

The Cloud Security Alliance (CSA) AI Security Maturity Model (AISMM) organises program maturity into 3 domains and 12 categories, each scored L1–L5. It answers how well a function runs each part of its program; the AI Controls Matrix (AICM) checklist underneath answers what exactly it does. Every category resolves to named AICM domains — the roll-up is on the board scorecard, derived from the canonical CSA rollup, never hand-drawn.

How a placement is justified

  • The category’s underlying AI Controls Matrix (AICM) objectives come first — their coverage answers bound what level is even claimable.
  • Operational evidence sets the level within that bound: is the practice ad-hoc, repeatable, defined, centrally managed, or automated and continuously improved?
  • The written reasoning travels with the score, so a successor — or an auditor — can re-derive the placement from the same evidence.

A level you cannot re-derive from evidence is not a level. It is a mood.

What moves a level

The smallest evidenced increment: one or two skills fitted to the category’s weakest objectives, measured before/after, then re-placed. That is the deployment loop on the Engage page — diagnose, prescribe, track, advance — and it is deliberately incremental: a category climbs one defensible rung at a time.

Disambiguation: AISMM here is the Cloud Security Alliance (CSA) AI Security Maturity Model — it grades how well you secure AI (Mandate 1). How far your teams use AI to defend is a different question, graded on our own AI-CMM autonomy ladder (Mandate 2) — our model, calibrated to the Society of Automotive Engineers (SAE) J3016 Levels of Automation lineage, always shown dashed, never presented as a CSA artefact.

← Newer essay

The AICM Coverage Assessment

Older essay →

The Shared Security Responsibility Model (SSRM) Ownership Map

← Back to Insights

Subscribe for the next essay.