Unlike other privacy frameworks that recommend that companies be scored or self-score, using a maturity model (e.g., a score from one to four), the ISO 29100 privacy framework does not identify a specific methodology for assessing compliance or maturity.