The RIMS Risk Maturity Model

What is the RMM?

The RIMS Risk Maturity Model (RMM) is a best-practice framework for enterprise risk management. Developed as an umbrella framework of the international, cross-industry standards, the RMM allows organizations to measure how well their risk management efforts align with these best practices. As a result, organizations are provided a maturity score and an actionable set of guidelines to improve their programs and gain the many benefits associated with maturity.

About The RMM
The RIMS Risk Maturity Model is a best-practice framework for enterprise risk management (ERM) and a free online assessment tool for risk professionals to rank their programs against the best practice standards. Click here to take the assessment!

The RMM assessment takes proven best practices and breaks them into 7 attributes, 25 competency drivers and 68 key readiness indicators which ERM programs are benchmarked against, identifying strong and weak areas of each program. Learn more about each RMM component here!

RIMS and LogicManager are leading providers of enterprise risk management knowledge. With dozens of complimentary ERM resources including ebooks, on-demand webinars and ERM best practice articles, click here to visit the ERM Knowledge Center.

Independent research studies on the RIMS Risk Maturity Model have proven that organizations with a higher risk maturity score have stronger financial performance, credit ratings and more effective strategic planning. Read more about the Queens University RMM study here!

2016 Risk Maturity Model Recognition Recipients

Learn more about the Risk Maturity Model Recognition Program and how your organization can qualify!



Enhancing risk management to be proactive risk taking and cover strategy is still new, and there is no textbook approach for all to use. In the development [of a program], the RMM maturity model is a strong guide as to where to focus your efforts for optimal impact and value.

lego-system-erm –  Hans Læssøe, Senior Director, Strategic Risk Management at LEGO Systems A/S, 2015 and 2016 RMM Recognition Recipient


After taking the reins of the ERM program at one of the fastest-growing banks in the US, it became clear that I had a unique opportunity to formalize and mature our risk management process, while at the same time making sure the bank remained nimble and business-focused. Maturing our ERM program using the Risk Maturity Model framework has allowed us to punch far above our weight in the white-hot Florida banking industry, yet appropriately mitigate long-tail risks that could imperil the safety and soundness of the company. By leveraging industry-agnostic best practices incorporated into the RMM, C1 Bank has been able to break down the risk silos across the enterprise—all while competing in a highly regulated environment. Successfully implementing this ERM methodology has proven to be a game-changing competitive advantage for us.

– Jim Steiner, Chief Risk Officer at C1 Bank, a recipient of the inaugural RMM Recognition Program.  c1 bank


What are People Saying About the RMM?

Great survey tool, will be very helpful as we begin to define, benchmark and improve our Risk Management department.
The survey was easy to take and was very helpful in providing a qualitative measure of progress.
This is a very helpful exercise that just by ‘asking the right questions’ leads the participant to important insights.

Whether your organization has an existing program or is just beginning to implement enterprise risk management (ERM), take the RMM’s risk maturity assessment and see where improvement is needed!