The Domain Maturity Score is a measure of how well a governance domain manages risk within its own scope - its policies, controls, processes, reporting, and internal oversight. It reflects the domain's internal capability, independent of its connections to other domains.
Every governance domain has a maturity score. Traditional maturity models - CMMI, ISO maturity levels, proprietary GRC assessments - measure how well a domain manages risk within its own boundaries. A high domain maturity score means the domain has strong policies, effective controls, reliable processes, and clear internal reporting.
The domain maturity score is necessary but not sufficient for enterprise risk visibility. An organization can have high domain maturity across every governance function and still carry significant Connectivity Debt - because the signals between domains do not route, the intersections are not mapped, and accountability for compound risk is not assigned.
The Connectivity Maturity Assessment pairs the domain maturity score with the connectivity score. Together, they reveal whether a governance domain is not only managing its own risk effectively but also contributing to the enterprise risk picture through its architectural connections to other domains.
A high domain maturity score with a low connectivity score is the signature of Connectivity Debt. The domain is doing its job. The architecture between domains is not.