The 20 Critical Security Controls are used to create and utilize a tailored methodology for gap assessment and remediation priorization and planning. The Critical Controls for Effective Cyber Defense are then evaluated for use in creating a standardized Security Maturity Model for baselining security posture and future comparison. The presentation is intended to elicit audience feedback and participation in determining the future of such methodologies and models.