Allowable Subject Matter
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	Claims 1-6, 10, 11 and 13-20 are allowed.
3.	The following is an examiner’s statement of reasons for allowance:
The prior art is silent in teaching wherein a user interface comprising a plurality of user input fields for receiving the likelihood and/or impact of a plurality of pre-defined potential events related to a plurality of pre-defined potential vulnerabilities related to a computer system; receiving, via the user interface, a risk profile comprising the likelihood and/or impact for each event of a selected group of events of the plurality of pre- defined potential events; wherein each event of the selected group of events of the risk profile is a unique risk scenario of one vulnerability of the plurality of pre- defined potential vulnerabilities; and computing a maturity measurement for the computer system using the risk profile and a database, the database comprising information for a set of practices and relationships between practices of the set of practices and events of the plurality of pre-defined potential events, wherein the maturity measurement is one of a plurality of predefined maturity levels based on one or more of people using the computer system, processes implemented in the computer system, or technologies of the computer system, wherein computing the maturity measurement for the computer system comprises mapping certain practices of the set of practices to the unique risk scenarios of the risk profile according to the relationships between practices of the set of practices and events of the plurality of pre-defined potential events in the database; wherein each mapped practice of the mapped certain practices is associated with one of the plurality of predefined maturity levels in the database, and wherein computing the maturity measurement for the computer system is based on at least the plurality of predefined 2Serial No. 16/226,117Response to Final Office Action maturity levels of the mapped certain practices; wherein the predefined maturity level for each practice of the set of practices is one of five levels of maturity, the five levels of maturity comprising an initial level of maturity a repeatable level of maturity, a defined level of maturity, a capable level of maturity, and an efficient level of maturity in combination with all elements of independent claims 1, 19  and 20.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID E CHOI whose telephone number is (571)270-3780.  The examiner can normally be reached on M-F: 7-2, 7-10 (PST). If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Sherief Badawi can be reached on 571-272-9782.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DAVID E CHOI/Primary Examiner, Art Unit 2174