IdentityGate · Zero Trust Tool
Zero Trust Readiness Assessment
Evaluate your organization across the 6 CISA Zero Trust maturity domains. Know where you stand before you build. This confidential self-assessment delivers a maturity rating and recommended next steps in under 15 minutes.
IdentityGate Assessment
6 CISA Domains
Identity
4
Devices
4
Networks
4
Applications
2
Data
2
Visibility & Analytics
1
Total Score
Initial Tier
17 / 30
IdentityGate · Zero Trust Tool
Zero Trust Readiness Assessment
Evaluate your organization across the 6 CISA Zero Trust maturity domains. Know where you stand before you build. This confidential self-assessment delivers a maturity rating and recommended next steps in under 15 minutes.
IdentityGate Assessment
6 CISA Domains
Identity
4
Devices
4
Networks
4
Applications
2
Data
2
Visibility & Analytics
1
Total Score
Initial Tier
17 / 30
IdentityGate · Zero Trust Tool
Zero Trust Readiness Assessment
Evaluate your organization across the 6 CISA Zero Trust maturity domains. Know where you stand before you build. This confidential self-assessment delivers a maturity rating and recommended next steps in under 15 minutes.
IdentityGate Assessment
6 CISA Domains
Identity
4
Devices
4
Networks
4
Applications
2
Data
2
Visibility & Analytics
1
Total Score
Initial Tier
17 / 30
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC
Aligned
SOC 2
Practices
100+ Clients Managed
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC Aligned
SOC 2 Practices
100+ Clients Managed
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC Aligned
SOC 2 Practices
100+ Clients Managed
How to Use This Assessment
This assessment evaluates your organization across the 6 domains of the CISA Zero Trust Maturity Model. For each domain, rate your organization on a scale of 1 to 5 based on the criteria described. Your total score provides a maturity rating with recommended next steps.
Scoring Scale
1
Traditional
Manually configured, static security policies with no Zero Trust principles applied
2
Initial
Some automation and policy enforcement beginning, but largely perimeter-focused
3
Advanced
Automated controls with some cross-pillar coordination and continuous verification
4
Optimal
Fully automated, dynamic policies with real-time risk-based access decisions
5
Mature
Continuous optimization with AI-driven analytics, full integration, and adaptive controls
Instructions: For each domain on the following pages, read the criteria carefully and write the score (1-5) that best describes your organization today. Be honest. This assessment is most valuable when it reflects your current state, not your planned state.
How to Use This Assessment
This assessment evaluates your organization across the 6 domains of the CISA Zero Trust Maturity Model. For each domain, rate your organization on a scale of 1 to 5 based on the criteria described. Your total score provides a maturity rating with recommended next steps.
Scoring Scale
1
Traditional
Manually configured, static security policies with no Zero Trust principles applied
2
Initial
Some automation and policy enforcement beginning, but largely perimeter-focused
3
Advanced
Automated controls with some cross-pillar coordination and continuous verification
4
Optimal
Fully automated, dynamic policies with real-time risk-based access decisions
5
Mature
Continuous optimization with AI-driven analytics, full integration, and adaptive controls
Instructions: For each domain on the following pages, read the criteria carefully and write the score (1-5) that best describes your organization today. Be honest. This assessment is most valuable when it reflects your current state, not your planned state.
How to Use This Assessment
This assessment evaluates your organization across the 6 domains of the CISA Zero Trust Maturity Model. For each domain, rate your organization on a scale of 1 to 5 based on the criteria described. Your total score provides a maturity rating with recommended next steps.
Scoring Scale
1
Traditional
Manually configured, static security policies with no Zero Trust principles applied
2
Initial
Some automation and policy enforcement beginning, but largely perimeter-focused
3
Advanced
Automated controls with some cross-pillar coordination and continuous verification
4
Optimal
Fully automated, dynamic policies with real-time risk-based access decisions
5
Mature
Continuous optimization with AI-driven analytics, full integration, and adaptive controls
5
Optimized
Continuous improvement via metrics and automation.
Instructions: For each domain on the following pages, read the criteria carefully and write the score (1-5) that best describes your organization today. Be honest. This assessment is most valuable when it reflects your current state, not your planned state.
Rate Your Organization Across
all 6 CISA Domains
Rate Your Organization Across
all 6 CISA Domains
Rate Your Organization Across
all 6 CISA Domains
Score each domain from 1 to 5. Microsoft technology recommendations are listed at the bottom of each domain card.
Score each domain from 1 to 5. Microsoft technology recommendations are listed at the bottom of each domain card.
RESULT
Scoring and Interpretation
Your total score maps to one of four Zero Trust maturity tiers. Each tier comes with a specific interpretation and recommended engagement type.
6-12
Traditional
Perimeter-based security, minimal Zero Trust
Your organization operates on perimeter-based security with minimal Zero Trust principles. Identity is a significant attack surface. Recommend a Zero Trust maturity assessment and architecture design engagement to establish a roadmap.
13-18
Initial
Some foundations in place, significant gaps remain
Some Zero Trust foundations are in place but significant gaps remain. Most organizations at this level have MFA deployed inconsistently and lack privileged access management. Recommend targeted implementations in identity governance and conditional access.
19–24
Advanced
Solid progress, cross-pillar coordination developing
Solid Zero Trust progress with cross-pillar coordination developing. Focus on closing gaps in microsegmentation, data protection, and analytics to reach full maturity.
25-30
Optimal / Mature
Well-developed architecture, focus on optimization
Your Zero Trust architecture is well-developed. Focus on continuous optimization, emerging capabilities (AI-driven analytics, passwordless), and maintaining operational excellence across all six domains.
RESULT
Scoring and Interpretation
Your total score maps to one of four Zero Trust maturity tiers. Each tier comes with a specific interpretation and recommended engagement type.
6-12
Traditional
Perimeter-based security, minimal Zero Trust
Your organization operates on perimeter-based security with minimal Zero Trust principles. Identity is a significant attack surface. Recommend a Zero Trust maturity assessment and architecture design engagement to establish a roadmap.
13-18
Initial
Some foundations in place, significant gaps remain
Some Zero Trust foundations are in place but significant gaps remain. Most organizations at this level have MFA deployed inconsistently and lack privileged access management. Recommend targeted implementations in identity governance and conditional access.
19–24
Advanced
Solid progress, cross-pillar coordination developing
Solid Zero Trust progress with cross-pillar coordination developing. Focus on closing gaps in microsegmentation, data protection, and analytics to reach full maturity.
25-30
Optimal / Mature
Well-developed architecture, focus on optimization
Your Zero Trust architecture is well-developed. Focus on continuous optimization, emerging capabilities (AI-driven analytics, passwordless), and maintaining operational excellence across all six domains.
RESULT
Scoring and Interpretation
Your total score maps to one of four Zero Trust maturity tiers. Each tier comes with a specific interpretation and recommended engagement type.
6-12
Traditional
Perimeter-based security, minimal Zero Trust
Your organization operates on perimeter-based security with minimal Zero Trust principles. Identity is a significant attack surface. Recommend a Zero Trust maturity assessment and architecture design engagement to establish a roadmap.
13-18
Initial
Some foundations in place, significant gaps remain
Some Zero Trust foundations are in place but significant gaps remain. Most organizations at this level have MFA deployed inconsistently and lack privileged access management. Recommend targeted implementations in identity governance and conditional access.
19–24
Advanced
Solid progress, cross-pillar coordination developing
Solid Zero Trust progress with cross-pillar coordination developing. Focus on closing gaps in microsegmentation, data protection, and analytics to reach full maturity.
25-30
Optimal / Mature
Well-developed architecture, focus on optimization
Your Zero Trust architecture is well-developed. Focus on continuous optimization, emerging capabilities (AI-driven analytics, passwordless), and maintaining operational excellence across all six domains.
Priority Actions by Domain
These are the specific actions to take immediately in each domain where your score indicates Traditional or Initial maturity.
Identity
Deploy Entra ID with MFA on all resources, establish identity lifecycle automation, and implement basic RBAC.
Devices
Enroll all endpoints in Intune, define compliance policies, and integrate device health with conditional access.
Networks
Segment critical workloads from general network, encrypt internal traffic, and plan microsegmentation roadmap.
Applications
Deploy SSO for all applications, implement app proxy for legacy apps, and begin managing workload identities.
Data
Establish data classification taxonomy, deploy sensitivity labels, and configure DLP for email and file sharing.
Visibility
Deploy Microsoft Sentinel, configure identity detection rules, and establish baseline monitoring and alerting.
Priority Actions by Domain
These are the specific actions to take immediately in each domain where your score indicates Traditional or Initial maturity.
Identity
Deploy Entra ID with MFA on all resources, establish identity lifecycle automation, and implement basic RBAC.
Devices
Enroll all endpoints in Intune, define compliance policies, and integrate device health with conditional access.
Networks
Segment critical workloads from general network, encrypt internal traffic, and plan microsegmentation roadmap.
Applications
Deploy SSO for all applications, implement app proxy for legacy apps, and begin managing workload identities.
Data
Establish data classification taxonomy, deploy sensitivity labels, and configure DLP for email and file sharing.
Visibility
Deploy Microsoft Sentinel, configure identity detection rules, and establish baseline monitoring and alerting.
Priority Actions by Domain
These are the specific actions to take immediately in each domain where your score indicates Traditional or Initial maturity.
Identity
Deploy Entra ID with MFA on all resources, establish identity lifecycle automation, and implement basic RBAC.
Devices
Enroll all endpoints in Intune, define compliance policies, and integrate device health with conditional access.
Applications
Deploy SSO for all applications, implement app proxy for legacy apps, and begin managing workload identities.
Networks
Segment critical workloads from general network, encrypt internal traffic, and plan microsegmentation roadmap.
Data
Establish data classification taxonomy, deploy sensitivity labels, and configure DLP for email and file sharing.
Visibility
Deploy Microsoft Sentinel, configure identity detection rules, and establish baseline monitoring and alerting.
Ready To Build Your Zero Trust Architecture?
Your assessment reveals your maturity level. IdentityGate designs and implements the architecture to close the gaps.
Ready To Build Your Zero Trust Architecture?
Your assessment reveals your maturity level. IdentityGate designs and implements the architecture to close the gaps.
Ready To Build Your Zero Trust Architecture?
Your assessment reveals your maturity level. IdentityGate designs and implements the architecture to close the gaps.
© 2026 X-Centric IT Solutions. All Rights Reserved
© 2026 X-Centric IT Solutions. All Rights Reserved
© 2026 X-Centric IT Solutions. All Rights Reserved
