News Item

How to assess maturity of national and governmental CSIRTs

Published on January 11, 2016

Nowadays the role and functions of national and governmental CSIRTs are expanding and growing, so teams must keep up with newly created demands and expectations. Improving maturity allows teams to constantly enhance their capabilities.

The report focuses on CSIRT maturity, and the Trusted Introducer certification scheme for CSIRTs as an indicator of the maturity level of teams. The assessment parameters covered are described from a dual perspective:

  • of the team that is preparing for the certification process
  • of teams that have already undergone certification and even recertification

The aim of this document is to be a guiding tool for those national and governmental CSIRTs which are considering reaching the next level of maturity and good understanding of their capabilities.

The motivation for national and governmental CSIRTs to gain certification is attributed to the following:

  • to evaluate CSIRT organisation against international criteria
  • to an external drive to understand, document and put in order processes within the CSIRT team
  • to establish or put in order auditing, accountability and reporting schemes
  • to implement continuous improvement in a quality management framework
  • for public relations both locally, towards the supervising institutions, and internationally, to demonstrate the ‘country’s CSIRT level’.


Full report is available online.

For more on the subject matter please contact cert-relations (at)  

For interviews and press enquiries please contact: [email protected]


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies