A M.A.T.U.R.E way

to describe highly developed project risk management capabilities



By Robert J Chapman, PhD

Director, Dr Chapman and Associates Limited

United Kingdom



The benefits of risk management derived by organisations during the execution of their programmes and projects will depend directly on the maturity of their risk management capabilities[1]. Hence for organisations aiming to achieve mature capabilities there must be a clear understanding of what mature actually means.  However in the context of projects, there is no universally accepted definition of maturity[2]. Many authors turn to dictionary definitions to assist them in describing what maturity may mean, relying on for instance The Oxford Everyday Dictionary[3]. Mettler suggests maturity implies an evolutionary progress in the demonstration of a specific ability or in the accomplishment of a target from an initial to a desired or normally occurring end stage[4]. For organisations risk management maturity relates to both the current and the future state of practices or capabilities. There is an evolutionary path of increasing effectiveness between the initial or current state to a desired more mature or sophisticated state[5]. However this path is commonly a marathon not a sprint[6]. The term ‘mature capabilities’ adopted here is taken to mean capabilities that are fully developed or having reached their most advanced stage. Mature capabilities are recognised by the absence of discernible substantial improvement. They have overcome the common challenges to implementation[7]. They have been optimised, the label given to Level 5 of many maturity models such as the OGC Prince2 Maturity Model[8] .

MATURE as an acronym

Given the scant description in the literature, it is suggested here that the word ‘MATURE’ is treated as a mnemonic acronym for highly developed risk management capabilities, where MATURE in its expanded form denotes M for Meritorious, A for Advanced, T for Transformational, U for Utilitarian, R for Reliable and E for Evolved, as summarised below.

M         Meritorious capabilities which directly contribute to effective risk management

A          Advanced technical capabilities which are developed, forward-thinking and
to some degree innovative

T          Transformational capabilities which when applied bring about significant
improvements in capability

U         Utilitarian capabilities which are practical, unambiguous and can be readily

R          Reliable capabilities which have supported the realisation of project objectives

E          Evolved established capabilities which have been refined and revised over such
a length of time that most of the initial challenges and inherent problems
have been removed or reduced

Further explanation of the initials

For MATURE capabilities to be recognised, created and sustained it is critical to have a more comprehensive understanding of what the letters represent.


To read entire article, click here


How to cite this article: Chapman, R. (2018).  A  M.A.T.U.R.E. way to describe highly developed project risk management capabilities, PM World Journal, Vol. VII, Issue IX – September. Available online at https://pmworldjournal.net/wp-content/uploads/2018/09/pmwj74-Sep2018-Chapman-MATURE-description-of-risk-management-capabilities-advisory.pdf


About the Author

Robert J. Chapman, PhD

United Kingdom




Robert J Chapman is an international risk management specialist and Director of Dr Chapman and Associates Limited. He is author of the texts: ‘Simple tools and techniques for enterprise risk management’ 2nd edition, published by John Wiley and Sons Limited, ‘The Rules of Project Risk Management, implementation guidelines for major projects’ published by Gower Publishing and ‘Retaining design team members, a risk management approach’ published by RIBA Enterprises. He holds a PhD in risk management from Reading University and is a fellow of the IRM, APM and ICM and a member of the RIBA. He has provided risk management services in the UK, the Republic of Ireland, Holland, UAE, South Africa, Malaysia and Qatar on multi-billion programmes and projects. Robert has passed the M_o_R, APM and PMI risk examinations. In addition he has provided project and risk management training in Scotland, England and Malaysia. Robert is an external PhD examiner.

Dr. Chapman can be reached by email at [email protected]


[1] Chapman, R.J., (2007). Maturity models as a vehicle for improving risk management practices. Published by www.exaprotect.com.

[2] Y. Ayse B. Nordal and Ole Martin Kjørstad, (2017). A different approach to risk maturity – a simple model, The Municipal Undertaking for Educational Buildings and Property in Oslo, Bank of Norway

[3] Hawkins, J. M. and Weiner, E. S. C. (1985). The Oxford Everyday Dictionary and guide to correct English Oxford University Press, Oxford, UK. Mature is described as: having reached full growth or development.

[4] Mettler, T (2009). A Design Science Research Perspective on Maturity Models in Information Systems.  https://www.researchgate.net/publication/44939433_A_Design_Science_Research_Perspective_on_Maturity_Models_in_Information_Systems [Accessed Sep 01 2018].

[5] Chapman, R.J., (2014). The rules of project risk management, implementation guidelines for major projects. Published by Gower publishing limited, UK and USA.

[6] Protiviti (2007). Enterprise risk management in practice. Profiles of companies building effective ERM Programs.

[7] Chapman, R.J., (2011). Simple tools and techniques for enterprise risk management, 2nd Edition. Published by John Wiley and Sons Limited

[8] OGC, (2010). PRINCE2® Maturity Model (P2MM) Self-Assessment. Crown copyright