The Risk Maturity Model (RMM)
Ensuring ERM Sustainability
How do you build a sustainable enterprise risk management (ERM) program that provides a direct link to business value and performance? It’s all about using an ERM maturity model to benchmark your capabilities, identify where your organization is strongest, and understand weak links that inhibit further ERM performance.
To help organizations across industries achieve this goal, LogicManager authored the Risk Maturity Model (RMM) in 2005 (previously titled the RIMS Risk Maturity Model). With the help of the Risk and Insurance Management Society (RIMS), the RMM was launched as a best practice framework and free risk maturity assessment tool. Today, the RMM is housed directly within the LogicManager application and continues to help professionals and executives develop and improve sustainable enterprise risk management programs.
The online RMM Assessment allows organizations to score their programs on a five-level scale, and receive an immediate benchmarking report. The report provides information on current ERM maturity levels and offers actionable “next step” ideas for improvement. The Risk Maturity Model for ERM provides an actionable internal guide that corporations of all sizes, industries, and geographies can use to improve their risk management maturity from wherever they are in their journey today.
Find Out Your Risk Maturity Score
Did you know that organizations with mature risk management practices realize a valuation premium of 25%? Download a complimentary copy of the report, “Why a Mature ERM Effort is Worth the Investment” when you complete the free online RMM assessment.
Benchmarking Risk Management Maturity
Built directly into LogicManager, the RMM is broken down into seven sections, each focusing on a different core attribute of enterprise risk management. These seven areas are further broken down into 25 competency drivers and 71 key readiness indicators that show exactly where your program is sufficient or lacking. To date, over 2,400 organizations worldwide have used the Risk Maturity Model to baseline their capabilities.

What is the Risk Maturity Model?
Steven Minsky | LogicManager CEO and Author of the RMM Assessment
Take the Free RMM Assessment Online
Take the free risk maturity assessment to discover your unique enterprise risk management maturity score. After completing the assessment, you’ll receive a personalized ERM benchmarking report that directly compares your results against the Risk Maturity Model’s umbrella framework to identify gaps and prioritize the next steps for your ERM program. This will help you develop an action plan to take your program to the next level. The assessment requires no prior experience and takes about 30 minutes to complete.
ERM Practitioner’s Guide
The RMM Assessment measures organizations on their adoption of enterprise risk management best practices.
LogicManager’s ERM Practitioner’s Guide, a companion piece to the RMM, includes everything you need to educate management and implement an effective and efficient enterprise risk management program out-of-the-box. This step-by-step guide includes all of the policies, procedures, assessment criteria–and even workflows you need to address your organization’s critical ERM issues.
It allows you to take advantage of learning from your most successful peers, and apply industry best practices specifically to your own organization’s unique structure, risk culture, and strategic imperatives.
If you’re interested in receiving a copy of our ERM Practitioner’s Guide, please email info@logicmanager.com.
The Risk Maturity Model was developed in 2005 by LogicManager and donated to RIMS as a best practice framework and free assessment tool for risk professionals and executives to develop and improve sustainable enterprise risk management programs. This online resource was brought into LogicManager’s application in 2020. The RMM allows organizations to score their risk programs on a five-level scale, and receive an immediate downloadable report, which provides information not only on current maturity levels, but also offers ideas on what it may take to achieve a higher level of maturity in each of seven attributes. The Risk Maturity Model provides an actionable internal guide that corporations of all sizes, industries, and geographies can use to improve their enterprise risk management maturity from whatever level they are at today.
Check out some more of our risk management solutions.
- EU NIS Directive ComplianceLogicManager Analyst Team2019-07-18T16:29:15-04:00
EU NIS Directive Compliance
- California Consumer Privacy Act (CCPA) ComplianceLogicManager Analyst Team2019-10-04T10:57:37-04:00
California Consumer Privacy Act (CCPA) Compliance
- NFPA 1600 Standard on Business Continuity and Disaster RecoveryLogicManager Analyst Team2018-10-01T13:31:33-04:00
NFPA 1600 Standard on Business Continuity and Disaster Recovery
- Cybersecurity Incident Management Software and Response PlanLogicManager Analyst Team2019-07-18T16:31:32-04:00
Cybersecurity Incident Management Software and Response Plan
- SOC 2 Compliance ChecklistLogicManager Analyst Team2020-11-17T14:13:16-05:00
SOC 2 Compliance Checklist
- Cybersecurity Risk Assessment FrameworkLogicManager Analyst Team2019-07-18T16:34:42-04:00
Cybersecurity Risk Assessment Framework
- Operational Risk Management SoftwareLogicManager Analyst Team2019-07-17T14:58:57-04:00
Operational Risk Management Software
- Fraud Risk Management SoftwareLogicManager Analyst Team2019-04-02T13:46:09-04:00
Fraud Risk Management Software
- FFIEC Cybersecurity Assessment Tool (CAT)LogicManager Analyst Team2019-07-18T16:39:04-04:00
FFIEC Cybersecurity Assessment Tool (CAT)
- NIST Cybersecurity FrameworkLogicManager Analyst Team2019-07-18T16:26:39-04:00
NIST Cybersecurity Framework
- Incident and Case Management for Healthcare OrganizationsLogicManager Analyst Team2019-04-02T13:46:20-04:00
Incident and Case Management for Healthcare Organizations
- Due Diligence and Third-Party Risk Management for Investment AlternativesBernie Lapierre2018-02-22T16:58:05-05:00
Due Diligence and Third-Party Risk Management for Investment Alternatives