What is a Maturity Assessment?
A Maturity Assessment is Prewave's way of representing how mature a Site is in our system. Maturity is considered to be what a Site is certified for, what they report or declare, what policies they have in place and whether they have a standard or rating. Via this feature, Prewave captures all-important non-financial datapoints at supplier level and visualises them in the Prewave network, in the form of a list and score.
We collect:
Site specific information (something accredited like an ISO where the site is mentioned) - these always have a validation range and therefore can expire. This information is shown only on the Site mentioned in the certificate, plus the Site group
Non-site specific information (something self-reported and company wide, like a policy or ESG report) - these don’t have a validation range and so don’t expire. This information is always propagated across all sites within an organisation
This is an important additional layer of scoring in Prewave and is outside of our customer’s control. The onus is on companies to move towards accreditation and at the very least self report their operational sustainability and best practice.
Where can the results be seen?
Results, in the form of a list of certificates, policies, reports etc, can be found on:
Site profile under Certificates > here we show non-site specific information (like an Environmental Policy that was found on a sister-site, but has been propagated to all sites in that organisation) as well as site-specific information (an ISO would need to have that Site mentioned in the certificate to be published)
Site Group profile under Certificates > here we show the accumulation of all information found across all their sites (site-specific and non-site specific)
What do we search for?
A full list can be seen here.
How to order a Maturity Assessment?
Users that can create Actions (i.e. have the access_action permission) can create the S1 Action called Maturity Assessment via a site profile or the Acton Platform.
Users can also send batch requests via our CSM team, this needs to be on POI level and include POI ID for us to run it
How much does it cost?
In the Core package, customers can buy Maturity Assessments at per site, and per-unit cost decreases the more they buy
In the Advanced and Expert packages, 10% of 360 scored sites can be Maturity Assessed at no additional cost
How can I see if a Maturity Assessment has been done?
We will show Maturity Assessed = Yes at the top of the Site profile (this happens only at Site-level). If it shows Maturity Assessed = Yes but you see no information under the Certificates tab, it means we found nothing, but the Assessment stands.
I see Certificates under the Certificates tab, but it does not show Maturity Assessment = Yes on that Site
This is because a Maturity Assessment has not been done. The user of that organisation may have uploaded certificates or did so via a Self Assessment. These are not scored as no Maturity Assessment was completed.
How does the scoring work?
We score Maturity Assessments in 6 categories:
Cyber Risk
Energy
Environment
Governance
Health and Safety
Human Rights
All 6 appear, regardless of what information is found or not found, under the Assessment Score filter on the 360 score card. The Type of these entries is called Maturity Assessment.
We score on the same basis as we do the Self Assessments, so each category is related to an event type that makes sense to that category. We assign a negative weight based on the absence of information.
Site specific certificates (ISOs for example) are considered gold-standard, so we give that category a score of 100 if one is found
Non-site specific certificates, as they are self-reported are less “powerful”, so have less weight than an ISO
If nothing is found in a category. The lowest the score can be is 50.
So category to category, the scoring mechanism checks what is found under the Certificates tab for information:
If there is a site-specific certificate (something accredited, like an ISO), the site gets 100 for that category
If not, the scoring mechanism calculates a score of 50 for that category, and then checks if there are any non-site specific certificates (something self-reported, like an ethics policy)
If yes, each document incrementally increases the score. Four documents are needed to bring the score up to 100 again.
If not, the site gets a score of 50 for that category
Are ISOs scored more than policies?
ISOs are accredited. Anything accredited (stamped by a third party) means its not self reported. These are the strongest type of certificate we collect and give a result of 100 for that category. An example is if a site is certified ISO14001, they get 100 in the Environment Maturity Assessment by Prewave category
Where can I see the scoring?
The 6 entries are stored under the Assessment Score filter on the 360 scorecard
Why can’t I see all the 6 categories of a Maturity Assessment score?
Probably the perspective you are using omits one or more (eg. you are not going to see the Environment Maturity Assessment score if you have the Financial perspective set)
Who can see the scoring and results of Maturity Assessments?
Any user can see the results (under the Certificates tab) and scores (under the assessment score filter) for any Maturity Assessment previously completed
How is the scoring triggered or retriggered?
Once you see Maturity Assessed = Yes on the top of a POI profile, we trigger the scoring mechanism to show scoring results under Assessment Score.
Once a certificate expires on a target, we rerun a Maturity Assessment on that POI ID and the score is redone.
What if new certificates are released by a supplier after a Maturity Assessment has been done?
Unfortunately they won’t be part of the score, until our process is rerun (once every 6 months). However, if you notice such a case, you can email [email protected] and we can update the scoring.
What if information is incorrect in the system?
If you see any wrong information in the system, you can report it and our Supplier Success team will review it within 3 business days.
Users in the NW can also use the little white flag to report wrong information directly to us. More here.
How can a user be notified of an expiring certificate?
Users in the NW can also use the little bell icon to be notified on expiry for a certain certificate at a certain site. More here.
Are Maturity Assessment scores shown in the Risk Analysis?
Currently the Maturity Assessment score shows under the SSA Score column in the Risk Analysis.
A better breakdown of the Maturity Assessment input into the Assessment Score and 360 score is being conceptualised and worked on by the Product team (as of May 2025)
Who can upload Certificates?
Any user can upload certificates at their own organisation. Users cannot upload certificates for a different organisation. Unless a Maturity Assessment has been done at that target, these uploaded certificates will not be shown in the score