search menu icon-carat-right cmu-wordmark

Cloud Maturity Benchmarking Survey

Anokhy Desai, Abhilash Kashyap, and Pavithra Pradip delivered this poster lightning talk at FloCon 2022 on January 12, 2022. View the poster.

Software Engineering Institute



The COVID-19 pandemic has forced businesses to consider a shift from in-person work and managed operations to remote work and cloud-based operations. These changes put companies’ cloud capabilities to the test, as every business that uses the cloud wants to ensure a secure cloud-based working environment. On top of individual business requirements, industry requirements for cloud services vary by industry and even by business function. Therefore, it has become increasingly important for organizations to benchmark their cloud capabilities with other organizations in their industry in order to make adjustments, identify gaps, and note improvements to make between their current state and target future state. To capture this shift to the cloud and help organizations identify their cloud-related improvement areas, we were tasked with creating a benchmarking survey to help our client better understand the extent to which their clients were aware of, trained for, and have implemented strategies for cloud usage. In order to create that benchmarking survey, we had to develop a fitting cloud maturity model to provide survey respondents with their position within that model. After researching available cloud maturity models and their primary functions and audiences, we ultimately created a hybrid maturity model based primarily on Microsoft Azure’s and Open Alliance’s cloud maturity models. Our maturity model provides four stages that a survey respondent's organization would be matched to, from least to most proactive: preliminary, defined, quantitatively managed, and optimized. To determine the maturity level of the respondent’s organization, the survey is created to evaluate the organization’s transition to cloud in relation to its people, process and innovation. Upon taking the survey, respondents will be able to see where they stand at an appropriate maturity level overall and among their industry. Ideally, respondents would be matched to the highest maturity stage relative to their industry. If not, our client company would be able to view their clients’ outcomes and provide transformation services based on these results.

Anokhy Desai is an Information Security Policy and Management Master's student at Carnegie Mellon University and a law student at the University of Pittsburgh. She will be presenting with Abhilash Kashyap (Deloitte) and Pavithra Pradip (Intuit), both recent alums of the Information Security Policy and Management program.

Abhilash Kashyap is a Deloitte Advisory Analyst in the Model Risk Management practice. He graduated from Carnegie Mellon University with Master’s in Information Security Policy Management in 2021. His bachelor’s degree was in Computer Science with Data Science specialization from PES University. Abhilash is a problem solver with diversified skills in analytics, data science, machine learning, and cybersecurity. He has a keen interest in utilizing data science and analytics to mitigate security and financial risks.

Pavithra Pradip is a Security Analyst in the Governance, Risk and Compliance group at Intuit. She graduated from Carnegie Mellon University with a Master’s in Information Security Policy and Management in 2021. Her bachelor’s degree was in Finance and Technology Management from Indiana University Bloomington. Pavithra’s varied skills and knowledge in business management, risk management and cybersecurity has enabled her to pursue her passion for security policy, standard and compliance.

Supplemental Materials

Part of a Collection

FloCon 2022 Assets

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.