About QRAMM

An open-source framework helping organizations prepare for the post-quantum cryptography transition

Our Mission

The Quantum Readiness Assurance Maturity Model (QRAMM) was created to help organizations systematically assess and improve their preparedness for the inevitable transition to post-quantum cryptography.

As quantum computing advances, the encryption protecting our digital infrastructure will become vulnerable. QRAMM provides a structured, actionable framework for organizations to understand their current state, identify gaps, and develop a roadmap for quantum readiness.

We believe that preparing for the quantum era should be accessible to all organizations, regardless of size or resources. That's why QRAMM is completely open-source and freely available.

Quantum Readiness Assurance Maturity Model

Developed by CSNP

QRAMM is developed and maintained by the CyberSecurity NonProfit (CSNP), an organization dedicated to advancing cybersecurity education and making security resources accessible to organizations worldwide. CSNP develops open-source tools, frameworks, and educational content to help security professionals protect their organizations.

Visit CSNP.org

Framework Authors

QRAMM was created by security professionals with deep expertise in cryptography, risk management, and organizational security.

Emily Fane

Emily Fane

Manager of Cryptography Product Strategy

Emily brings deep technical expertise in cryptographic systems and post-quantum cryptography implementation. She leads cryptography product strategy at Point Wild and regularly speaks on PQC transition strategies.

LinkedIn
Abdel Fane

Abdel Fane

Security Architect & Framework Developer

Abdel specializes in security architecture and risk management frameworks. He leads the technical development of QRAMM and ensures the framework remains practical and actionable for organizations of all sizes.

LinkedIn
Emily Fane and Abdel Fane presenting QRAMM at DEF CON 33
DEF CON 33 • Crypto Privacy Village

The Cryptographic Migration to a Post-Quantum World

Emily Fane and Abdel Fane presented QRAMM at DEF CON 33 in Las Vegas, organized by the Crypto Privacy Village.

The talk introduced QRAMM's design and practical applications, highlighting its focus on cryptographic agility as a foundation for adaptive, forward-compatible security planning in the quantum era.

With NIST standardization of post-quantum cryptography complete, organizations must prepare to transition from legacy cryptographic systems to quantum-resistant alternatives. QRAMM provides the structured framework to evaluate organizational preparedness.

Take Quick Assessment Download Toolkit

Why QRAMM?

Key differentiators that make QRAMM the choice for quantum readiness assessment

Open Source

Completely free and open-source. Use it, modify it, contribute to it. No licensing fees, no vendor lock-in.

Comprehensive

120 questions across 4 dimensions covering visibility, governance, data protection, and implementation readiness.

Actionable

Not just assessment - clear guidance on moving from one maturity level to the next with practical recommendations.

Aligned with Standards

Built-in mapping to NIST CSF, FedRAMP, ISO 27001, and 5 other major compliance frameworks.

Measurable Progress

Clear maturity levels and automated scoring to track improvement over time and demonstrate progress to stakeholders.

Community-Driven

Actively developed with community input. Contribute through GitHub discussions, issues, and pull requests.

Start Your Quantum Readiness Journey

Download the QRAMM Assessment Toolkit and begin evaluating your organization's preparedness for the post-quantum era.

Download Toolkit View on GitHub