The Maturity Model World: Everything You Need to Know

maturity model

When you’re building a business, a team, or any kind of system, you need ways to understand how well you’re doing. That means finding the maturity model that matches the state of your business.

You want to be able to look at your performance and set base standards that have to be met and be able to contrast those standards with an understanding of what best practice looks like.

You want to understand where on that scale of performance you are at.

It’s why we use things like KPIs, OKRs, or other goal/objective-driven metrics.

But those metrics, as useful as they are for some things, are often hard to apply to qualitative data.

This is where maturity models can become an incredibly useful tool.

One model we’ll discuss here is the Capability Maturity Model, and the CMMI Institute alone appears to have about +8500 accredited users of this model (interestingly, in 2018 ~80% were pairing it with agile methodologies).

The problem, though, is that maturity models are often shrouded in complex terminology and overly-convoluted systems. How am I supposed to implement one in my business if people can’t understand it?

In this Process Street article, we’ll tear through the jargon and look at:

  • What is a maturity model?
  • What are the current limitations of business process maturity models?
  • Which are the best business process maturity models?
  • What is a Capability Maturity Model (CMM)?
  • What is the Agile ISO Maturity Model (AIMM)?
  • How does Process Street fit into your maturity model?

What is a maturity model?

maturity model process curve

A maturity model shows how capable an organization or system is of achieving continuous improvement.

Basically, maturity is being judged by how good your organization or system is at self-improvement.

We’ve written about continuous improvement a number of times as it’s a central idea in building effective systems, from business process management to ISO (though, they now refer to it as “continual improvement”):

Ultimately, it’s the idea that you’re constantly seeking to test and improve the way in which your organization runs. You’re not standing still.

Continuous improvement is often achieved by creating review or auditing processes which you then use on the day-to-day business processes to evaluate their effectiveness, identify improvements, and implement them. Then give it time, let the data roll in, and do it all over again.

For more on process improvement and related topics, check these out:

So, maturity is a loose kind of metric for how good your organization is at doing all of this and doing it all in a systemized fashion.

How we employ maturity models and the benefits they can bring

Let’s give an example of a small and simple maturity model in action.

We at Process Street love maturity models. We’re passionate about business process management, agile approaches to management, and systemization in general. So this is right up our street [geddit? street? sorry].

One of the most recent maturity models we’re developing is for our content. We’re pretty proud of our content and it performs very well. But we know that some pieces we produce are better than others. Sometimes it’s obvious why and sometimes not.

So, we sat down and really analyzed what our base standard is for our content. Then we started to think of important things which come on top of that base standard. Until ultimately we were defining best practice.

This could be about whether an article is long enough, properly spellchecked, and has chosen a good keyword. Or it could be about whether the keyword is in every image tag, whether the article cites an academic source, or whether the article contains one of our public template embeds.

Now, that’s all a simplification, as this model – which I’m calling the Blog Asset Maturity Model (BAMM!) – contains a huge number of variables to check for.

By using this audit on our blog content we can assess what tier (1,2,3,4,5) our content is at. And it doesn’t just concern the content itself. It concerns the editing processes, peer review processes, and workflow of the article. As such, though the content itself is audited, the whole system is scored too in order to enable systematic improvement.

It’s a maturity model for a single team. It gives us tiered levels of attainment and allows us to tally up how many variables the blog article met to work out a percentage score for the article as an output of the system.

BAMM! Now we have quantifiable metrics.

What are the current limitations of business process maturity models?

For maturity models, we’re going to dip into the maturity models outlined in Van Looy, Poels, and Snoeck’s meta-study Evaluating Business Process Maturity Models (2016; Journal of the AIS).

So, we’re looking specifically at business process maturity models. The paper has two research questions:

  • “Which criteria are most relevant for BPMM selection, and what is their relative importance?”
  • “How can current BPMMs be evaluated against these selection criteria?”

And two research objectives:

  • “Developing a comprehensive, ranked and weighted set of selection criteria for BPMMs that are not specific to any organization.”
  • “Evaluating existing BPMMs against this set of selection criteria.”

The definition of business process maturity models found in the text is at once both meatier and more concise than my explanation above:

[A] model to assess and/or to guide best practice improvements in organizational maturity and process capability, expressed in lifecycle levels, by taking into account an evolutionary road map regarding (1) process modeling, (2) process deployment, (3) process optimization, (4) process management, (5) the organizational culture, and/or (6) the organizational structure.

Now, given it’s a Grounded Theory study, with the utmost respect to Glaser & Strauss, we should probably skip past the research methods and jump straight into the main takeaways of the paper.

  1. “Designers (e.g. scholars or consultancy firms) should provide information on all identified selection criteria to facilitate the user’s choice”. Not every maturity model is suited for every organization. The designers of maturity models should make clear what criteria an organization should meet in order to find a good fit with a maturity model.
  2. “Designers should consider the different options per selection criterion, and possibly make their design more flexible by providing alternative options to offer a better fit for purpose”. Business process maturity model designers should look at the limitations of their own models and provide variants to accommodate broader usage, and even recommend other models entirely if organizations don’t meet certain criteria.
  3. “Organizations, as potential BPMM users, should develop a critical attitude towards the fit for purpose of BPMMs, instead of taking quality for granted”. When you’re looking for business process maturity models, don’t just take the word of the person offering it to you. Approach these models with a critical eye.

What we can understand from all this is a few different things:

  • Maturity models are presented to lots of different audiences. From academics to serious process specialists, all the way to us regular Joes. The super specific BPMM that works great for a particular academic is not always the best option to deploy in your business.
  • These super-specific BPMMs do not make it very clear that their use value is so limited. As such, not only are they not appropriate for many organizations, those organizations don’t know that.
  • More flexibility and broad applicability is needed in BPMM options. This one really chimes with me because I think it’s ridiculous that someone practically needs to do a PhD to fully grapple with some of these models. It’s great to have those as options, but real people are trying to improve their organizations, businesses, and teams today. People need something they can use.

However, all this said, the key takeaway from the article is in the conclusion:

The results also confirm that obtaining the highest maturity levels is not an end goal of BPMMs, but capability improvements and performance improvements are.

This is precisely why it’s important to not lock ordinary managers out of these process improvement tools. The purpose isn’t to fulfil the model, the purpose is material and is about achieving tangible business goals.

The limitations of business process maturity models are the array of existing practices as can be applied to a normal workplace by a manager without needing overkilled extensive training.

Which are the best business process maturity models?

best maturity model

So, having said all that and criticized the BPMM scene, we should look at the current options and see how good they are.

Remember, these maturity models are probably more suited to you if you are either an academic or a serious process specialist. But feel free to check them out and give them a try!

For this list, we turn to Tarhan, Turetken, & Reijers and their paper, Business Process Maturity Models: A Systematic Literature Review (2016; Information and Software Technology, 75).

The gang identified 9 BPMMs which had at least two other academic papers evaluating them, on top of the original paper they were presented with. These were:

  • Business Process Management Capability Framework (BPM-CF)
  • Business Process Maturity Model (BPMM-FIS)
  • Business Process Maturity Model (BPMM-HR)
  • Business Process Maturity Model (BPMM-OMG)
  • Business Process Orientation Maturity Framework (BPO-MF)
  • Business Process Orientation Maturity Model (BPO-MM)
  • Process and Enterprise Maturity Model (PEMM)
  • Process Management Maturity Assessment (PMMA)
  • Value-based Process Maturity Model (vPMM)

I know what you’re thinking. They’re all so unique and different!

Luckily our resident academics are here to give us the lowdown.

The BPMM from the list above which has the most demonstrated applicability in the real world is BPO-MM.

It’s the leader by a far distance. But guess what? At the point of doing this research, only 7 studies existed which actually bothered to assess the effectiveness of the application of a given business process maturity model. BPO-MM was present in 4 of the studies, so kind of wins out by default.

If you want to know more about it, check here:

K. McCormack, W. Johnson, Business Process Orientation: Gaining the E-business Competitive Advantage, CRC Press, St Lucie Press, Delray Beach, FL, 2001.

I won’t bore you with all the gory details, given that only 7 out of the existing 61 studies on BPMM even checked to see whether they worked, but here’s the primary research question of the paper:

The BPM academic community has put more effort and emphasis on developing maturity models than empirically evaluating them.


Largely Supported.


Around one-third of the studies introduce a BPMM (20 models in 61 studies). Only 2 out of 9 leading models are referred to by studies that involve empirical works on their development, application, and validation.

So, for me, that brings us to the conclusion that BPO-MM may well be the best BPMM on the market, but both studies we’ve looked at suggest that this could really be a poorly developed aspect of the industry.

I think it certainly shows why we need a more accessible BPMM, one that any team can use to guide, understand, and evaluate their organization.

What is a Capability Maturity Model (CMM)?

maturity model different levels

Having read this far, you may wonder why I’ve jumped onto the Capability Maturity Model at this point in the article.

Well, anyone not familiar with maturity models might be beginning to lose faith about now. But they shouldn’t. And the Capability Maturity Model is why.

The creation of the Capability Maturity Model was funded by the US Department of Defense. It came from a study into the business practices and performance of a vast number of private companies which contract for the military, in various means.

The model refers specifically to software development practices but can be more broadly applied to a range of related areas.

The steps are:

  • Level 1 – Initial
  • Level 2 – Repeatable
  • Level 3 – Defined
  • Level 4 – Managed (Capable)
  • Level 5 – Optimizing (Efficient)

I like this general structure because it starts with essentially no internal processes at all. The ad hoc stage is just people doing the task the way they reckon it should be done, and it may be done the same way all the time, or a little different some times. Chill.

Then it moves to repeating the same process, to officially declaring a particular process as the set way, to people being managed through that process and other actions being shaped around that process.

Finally, there’s the optimizing step to make everything work as best it can.

The Capability Maturity Model has more to it than just these 5 stages, but what’s really important about it is that it is used and at least a large number of people believe it works as a way to evaluate process maturity in a particular space.

What is the Agile ISO Maturity Model (AIMM)?

maturity model AIMM

So that moves us on to recognizing that a maturity model can be a useful tool, but that current business process maturity models are not performing well enough.

Introducing, the Agile ISO Maturity Model (AIMM).

The scope here is to improve process adoption and efficacy in organizations. Agile ISO is geared to use the tools of agile business process management to attain ISO-level standards.

In recent years, ISO has updated a lot of its standards to make it easier for companies to adopt a more agile approach to process management. For example, ISO 9001:2015 specifies the new, streamlined requirements for a quality management system. With these updates, it’s possible to use BPM software like Process Street to achieve Agile ISO.

Naturally, having access to the most cutting-edge process management tools will change the way we’re able to work with processes. Here are 3 simple ways:

  1. No more dusty procedure manuals. Every business process is only a click away.
  2. Was the process followed correctly? Just look into the data to find out.
  3. Want to update the process model? Update the model in the system and push the iteration live in seconds.

You can read more about Agile ISO specifically here:

But the super short version is here:

AIMM High! Why mix agile with ISO?

  • Agile: We encourage agile methods because they’re faster and they accept the reality that you don’t know what a perfect process looks like when you start. Agile methods also encourage collaboration and reduce some of the hierarchical distinctions found in certain workplaces, resulting in employees having a sense of ownership over the process and the tasks. We believe employees are valuable and trusting them is good for your business.
  • ISO: The ISO framework already exists and it sets industry-recognized best practice levels across almost every sector you could think of. Agile ISO will set you up to be ISO accredited, resulting in a badge of quality on your business which others will recognize. We want to build an agile system inside the framework of ISO excellence.
  • Maturity Model: As a measure of qualitative progress, maturity models can help set out internal strategic goals for organizations. This allows your team and leadership to be aligned on the smaller day-to-day changes happening in the workplace to bring about smoother and more effective systems. An effective maturity model helps us understand this, and can help us turn these qualitative activities into quantitative metrics.

With that said, our AIMM levels are broken up into 5 stages:

Agile ISO Maturity Model Level 1: Documented Processes

To achieve level 1, you should make sure your processes are documented. This could be in any form from a Word doc, to an Excel spreadsheet, to a dedicated tool like Process Street. Knowing what your processes are for different areas of your business is the first step to taking a process-led approach.

Our research revealed nearly half of the organizations who have identified the need for processes and signed up to a dedicated service feel the biggest painpoint is not having time to document. Here’s an article on the fastest way to get started: How to Create Business Systems Even When You Have No Time.

Agile ISO Maturity Model Level 2: Followed Processes

Ultimately, there’s little point in having your processes if they’re not put into action. These processes have to be followed and used regularly by your team. This means that work gets done in the best way every time, and also means that the teams who follow them will be able to point out obvious flaws and inefficiencies.

Trustologie CEO Marie-Claire Ross says that 95% of processes are difficult to read. Sometimes it’s just that simple. But you can’t build an effective business system if these processes are not being followed. That is an often overlooked aspect of BPM. Check out this article for some tips: Process Adherence: What to Do When No One Follows Your Processes.

Agile ISO Maturity Model Level 3: Managed Processes

The next step up from having processes documented and followed concerns the way in which you move forward with that information. Processes should shape and inform the way in which you conduct your operations. You need to structure things to allow processes to play a big role. This might include getting dedicated process management software, setting up a specialist process team, harvesting and analyzing the data from the processes.

This is about building the infrastructure to make the most of your processes. We could talk at length about the management side, but data is a hugely important component of this level. So check out this article on process mining if the area is new to you: What is Process Mining? 9 Tools to Optimize Your Process Management.

Agile ISO Maturity Model Level 4: Optimized Processes

Once your system is working, you can begin to approach it with a critical eye and try to make it work better. Fortunately, by this stage, you have the infrastructure in place to yield rich accurate data. This lets you begin to understand your organization in a way you never could before – identifying every event as and when it occurs. This is an accurate model of your business and lets you know not just what happened last week, but what will happen next.

To take this system to the next level you need to leverage that data in order to improve the outputs. This requires performing scientific analyses on your processes and looking to bring about large, or even just fractional, improvements. Check out this post for an overview: Business Process Optimization: What, How, Why? (Free Templates).

Agile ISO Maturity Model Level 5: Integrated Processes

This stage chiefly concerns creating processes where you may not have had processes before. Now that the core business has been systemized in line with business needs, you can begin to develop and devise new processes to link different stakeholders. These could be processes between leadership and staff, they could be internal peer audit systems, or they could be processes which bring customers or business partners into the heart of the organization.

Once the organization has been systemized, the processes can be leveraged to improve the nature, culture, and awareness of the organization. For example, you could look to reduce your carbon footprint or make your supply chain more sustainable:

Business process maturity models should have practical use for all managers

This is the People’s Business Process Maturity Model! Viva la revolución! Processes shouldn’t live in ivory towers! They should be free to roam with the people as nature intended! [I’m taking this too far, aren’t I?]

Many other models focus too much on the design of the model. They focus on putting that model on steroids and integrating with your supply chain, and then further. There’s such a high aim for what can be achieved, but very little discussion in the models of whether anyone is actually doing what’s described in the model.

It’s descriptive without being prescriptive enough. Maybe “prescriptive” is the wrong word? That’s what you hear in the academic papers. Perhaps a better word would be “actionable”.

A lot of the existing BPMMs tell you that you should have this beautiful working system but don’t involve the real-life growth process it requires to get there. It reminds me of the Reddit subreddit: Rest of the fucking owl, inspired by the famous image below.

We need a business process maturity model which is part of a holistic business process management approach.

Something practical, effective, and actionable.

That’s what we’re trying to provide through the Agile ISO Maturity Model (AIMM) as part of the overall Agile ISO method.

If you want to see more of our Agile ISO related content, check these posts:

How does Process Street fit in your maturity model?

Process Street is superpowered checklists.

You heard me correctly.

You make your processes as linear process models in the form of a checklist. Then when someone runs the process, they simply work through the checklist in front of them.

This set up means it’s super easy to have documented standard operating procedures, and super easy to ensure people follow those SOPs when they come to do the work.

This means that documented workflows are not simply there to provide evidence that you have a process – they exist to drive the process, direct it, and collaborate on it.

You can see in this gif below how someone is adding their team members to a process as they work through it. This ability to dynamically assign people to specific tasks in a process is a feature called role assignments.

role assignments gif

So, Process Street allows you to put your business processes at the heart of your organization and to work from them daily as a team.

You can use the dashboard and folder system to create your own internal process library, with different permissions across the teams or departments for different folders – accounting and similar can be set to private. If you want to read more about building a process library in Process Street, check this post out:

You can use little structure templates like this one to get started on building a process:

Or you could browse through a host of different premade templates which you can add to your account, edit, and deploy:

And that’s only a small sample of what’s available.

If you wanted to store them all in a nice little mini-manual as an exportable and printable single document for reference, then you might end up adding something like this to your account:

The Agile ISO method is designed to help you get the most out of the new technologies which exist to enable better process management.

It isn’t crazy difficult – any manager can start putting this in place in their team from day 1. From there, they can use AIMM to understand their progress as they move forward to systemizing their organization.

The traditional BPMMs are inaccessible and outdated. It’s time for every team to AIMM High!

Have you used Agile ISO techniques in your team? Do you follow a different business process maturity model? Have I been too harsh on the existing models? Let us know in the comments below and subscribe to the blog to keep updated with the fast-paced world of process management!

Get our posts & product updates earlier by simply subscribing

Adam Henshall

I manage the content for Process Street and dabble in other projects inc language exchange app Idyoma on the side. Living in Sevilla in the south of Spain, my current hobby is learning Spanish! @adam_h_h on Twitter. Subscribe to my email newsletter here on Substack: Trust The Process. Or come join the conversation on Reddit at r/ProcessManagement.

Leave a Reply

Your email address will not be published. Required fields are marked *

Take control of your workflows today