The OCSC Cybersecurity Capacity Building Lifecycle details the contribution CMMs, Roadmaps, and subsequent evaluations can have on the cyber journey of a nation. Establishing an evidence-base for activities is critical in ensuring efficiency of resources, value for money, measurability and tangibility of results.

In the period following a CMM and Roadmap, a number of CCB interventions and initiatives may have been implemented, albeit the national context and circumstances may have changed. Subsequent CMM assessments will focus on evaluating the effectiveness of such initiatives whilst taking into account the updated environment, and relevant changes to the domestic, regional and global landscape. The outcomes from this process are designed to inform the next steps to further improve the nation’s cyber resilience and maturity. This iterative approach ensures that nations continue their cyber capacity journey in an informed and targeted manner.

Independently evaluating the outcomes and impact of CCB interventions is an ongoing priority of donor partners seeking to assess the value of their investments and associated achievements against their policy objectives. Through the expertise and the data obtained through the CMM assessment process and other project delivery, the OCSC has the skills and resources to conduct independent evaluations, on behalf of donor governments to meet their priorities. This process can be used by donor governments to account for CCB investment spending and can be further used as a process to improve future policy and program design and development.