Home/Platform/One Lite
Wrapper · Built · SME flagship

All thirteen disciplines. A great place to start.

One Lite is the SME flagship wrapper - all thirteen MaturityOne disciplines, SME-grade depth, half a day to complete. Built for small teams who need a defensible cross-domain baseline now, advisors using it for client diagnostics, and enterprises using it as a first-pass triage before committing to the specialist modules.

One Lite
SME flagship
Built
1L
One Lite
13
Disciplines covered
1
Cross-domain engine
½
Day to complete
SME
Priced for scale
🇦🇺🇳🇿🇭🇰🇻🇳🇲🇾🇹🇼🇦🇪🇸🇦🇶🇦🇵🇰
Designed for Australia, New Zealand, APAC and GCC markets
01What it covers

All thirteen disciplines. One assessment.

Most SME tools cover one domain - usually cyber. One Lite covers all thirteen MaturityOne disciplines at SME depth. The output is a single cross-domain maturity baseline - the same architecture as the specialist modules, sized for organisations that don't have time for the deep-dive yet.
D.01 · Built
Enterprise Risk
Risk governance, appetite, identification, assessment, KRIs, reporting - at SME depth.
D.02 · Built
Cyber Security
Cyber governance, identity, data protection, endpoint, vulnerability, incident response basics.
D.03 · Built
AI Governance
AI strategy, accountability, risk classification, data governance for AI, human oversight basics.
D.04 · Built
Projects
Project gating maturity - inherent risk awareness, delivery capability, trigger discipline.
D.05 · Built
Third Party Risk
Vendor due diligence, contract security clauses, ongoing monitoring, exit planning basics.
D.06 · Built
Operational Resilience
Critical operations awareness, BCP/DR fundamentals, supplier resilience, crisis management basics.
D.07 · Built
Strategy
Strategic objective-setting maturity, strategy execution discipline, opportunity-risk linkage.
D.08 · Built
Compliance
Compliance framework, regulatory horizon-scanning, breach management, training discipline.
D.09 · Built
Privacy
Privacy framework, personal data handling, consent management, breach response basics.
D.10 · Built
Data Governance
Data classification, lineage, quality controls, ownership and stewardship discipline.
D.11 · Built
Product Excellence & Expand to Go-To-Market
Product strategy, lifecycle, customer-centric design, GTM execution, commercial discipline.
D.12 · Built
IT Service Management
Service catalogue, incident, problem and change management, capacity, vendor SLAs.
D.13 · Built
Fraud & Financial Crime
Fraud risk framework, AML/CTF, sanctions, ABC, financial crime detection and response.
02 · What makes One Lite different

Most SME tools score domains. One Lite scores connections.

Every other SME maturity tool gives you a list of disconnected scores. One Lite includes Cross-Domain Intelligence - the platform's cross-domain knowledge engine. Maturity changes in one discipline automatically surface impacts in related disciplines, the same way the specialist modules cascade. This is the platform's core USP, not a paid add-on.
- How the cascade works · Live exampleAuto-calculated
Data Governance score1.5 / 4
↓ CASCADES TO ↓
AI Governance · model training data integrity−0.4
Privacy · personal data lineage confidence−0.3
Cyber Security · data protection foundation−0.3
Compliance · regulatory reporting integrity−0.2
Fraud & Financial Crime · detection signal quality−0.2
2.1
Cross-domain cascade
A weak score in one discipline automatically surfaces dependencies in related disciplines. No manual mapping. No spreadsheet maintenance.
2.2
Inventory-style algorithm
Adjust one set of markers; related scores recalculate dynamically. Test scenarios before committing to remediation investment.
2.3
Practitioner-weighted impact
Cascade weightings are built from twenty years of practitioner experience - not invented for the platform, not arbitrary, not ML-derived.
2.4
Same engine as the specialists
One Lite uses the same cross-domain intelligence engine that powers the specialist modules. Not a stripped-down version; the same platform, sized for SME depth.
03How it scores

Five levels. One unified scale.

One Lite uses the same 0–4 maturity scale as every specialist module - so a One Lite cyber score (e.g. 2.5) reconciles directly with the Cyber specialist module (also 2.5). If you start with One Lite and later commit to a specialist module, your baseline carries forward. No re-scoring, no translation.
0
Not Established
No capability
1
Ad Hoc
Reactive · undocumented
2
Defined
Documented · inconsistent
3
Managed
Measured · consistent
4
Optimised
Continuous improvement
How a score is calculated. Each question carries a 1–5 input scale that maps deterministically to the 0–4 output. Domain scores aggregate the practitioner-weighted question scores; module score aggregates domain scores. Reviewer adjustment is captured at every level - the cascade engine uses the reviewer-signed score, never the assessor draft.
04Who it's for

Three audiences. One starting point.

One Lite is the entry point to MaturityOne. It serves three distinct audiences who all need the same thing: a defensible cross-domain maturity baseline, fast, without committing to the deep specialist work upfront.
Small and medium organisations5-500 staff
Primary
Boards, CEOs and risk leads at SMEs who need a defensible cross-domain maturity view but don't have the time, budget or in-house expertise for full specialist assessments. One Lite delivers a board-ready baseline in half a day. Re-runnable annually as the business grows.
SME-pricedAnnual refresh model
Advisors and consulting firmsClient diagnostic tool
Channel
Independent advisors, accountants and consulting firms who run client risk diagnostics. One Lite becomes the standard first-pass tool - consistent methodology, defensible output, drillable to source. White-label option available for advisors building their own practice.
Advisor channelWhite-label option
Enterprise first-pass triagePre-specialist screen
Triage
Large enterprises use One Lite as a triage tool before committing to specialist module deployments. Run it across business units to identify which domains and which BUs need the deep-dive. Reduces specialist-module scope - and cost - by 40-60%.
Enterprise triagePer-BU run
Investor & M&A diligenceComing next
Next
Coming next - a tailored One Lite variant for investors and acquirers running pre-investment or pre-acquisition risk diligence. Same architecture, focused on red-flag identification across all 13 disciplines.
Coming nextVC · PE · M&A
Sector-specific One Lite packsRoadmap
Roadmap
Pre-built One Lite variants tuned for specific sectors - financial services, healthcare, education, NFP - with weighting profiles and trigger questions specific to each sector's regulatory and operational risk profile.
Roadmap · 2026FS · Healthcare · NFP
Board self-assessment modeRoadmap
Roadmap
A board-only version of One Lite - directors complete their own assessment of the organisation's maturity, comparable against the executive team's One Lite output. Surfaces director-vs-executive perception gaps as a governance input.
Roadmap · 2026Board · NED-friendly
05When to upgrade

One Lite isn't a destination. It's a starting point.

One Lite gives you the cross-domain baseline. When a specific discipline becomes a focus area - regulator audit, board scrutiny, transformation program - that's when you upgrade to the specialist module. Your One Lite scores carry forward as the baseline; specialist deployment starts from where One Lite finished.
Start with
All 13 disciplines · SME depthOne Lite
Half-day completionSpeed
Single defensible baselineOutput
Re-runnable annuallyRefresh
1L
- One Lite
Upgrade to
Cyber Security · 15 domainsSpecialist
AI Governance · 122 questionsSpecialist
Third Party Risk · 125 questionsSpecialist
Any specialist · ER, Projects, Resilience…Specialist
Common upgrade path. SME runs One Lite, scores 2.1 in Cyber and 1.8 in Third Party Risk. The board commissions the Cyber specialist module first (regulator scrutiny) followed by Third Party Risk (CPS 230 deadline pressure). The One Lite Cyber baseline (2.1) auto-populates as the starting score in the Cyber specialist module. No re-work.
06Sample output

Two views. One source of truth.

The owner sees the cross-domain breakdown across all 13 disciplines. The board (or advisor) sees the headline cross-domain score, the weakest disciplines surfaced, and a board-ready narrative. Both views derive from the same signed-off data - there's no "executive summary" that diverges from the underlying numbers.
Owner viewCapture · evidence

Cross-domain breakdown across 13 disciplines.

2.2/ 4Defined → Managed
Enterprise Risk
Cyber Security
AI Governance
Third Party Risk
Operational Resilience
Projects · Compliance · ...

Owner sees per-question scores, evidence references, gap-to-target for every discipline. Drillable to source. Re-runnable in 2 hours next year.

Board viewRead-only · directors

Headline score with weakest disciplines.

2.2/ 4Defined → Managed
Weakest · Third Party Risk
Weakest · AI Governance
Weakest · Operational Resilience
Strongest · Compliance
Recommended · upgrade Cyber + TP

Executive sees a single number, downstream cascade, regulatory conformity, and a plain-English board narrative - generated automatically from the signed-off assessor data.

07See it work

Thirty minutes. A practitioner.

A walkthrough of One Lite isn't a product demo. It's a practitioner showing you how the 13 disciplines score in half a day, how the SME-grade depth still holds up to board scrutiny, and how the upgrade path to specialist modules works without re-scoring. If you're already running deep specialist assessments, we'll tell you One Lite isn't for you.