Assessing the SOC against a cybersecurity framework or CMM can be a very powerful way to look holistically at SOC capabilities. [...] There are open-source methodologies such as the SOC CMM, which combines a set of measures and process specifically for measuring the SOC.

MITRE - 11 Strategies of a World-class Cybersecurity Operations Center

The value of [the SOC-CMM] lies in the structuring of SOC diversity and a plethora of methods. Thereby, [the SOC-CMM] provides a means to determine the added value of a SOC to the organisation and whether or not the investment in the SOC is acceptable.

JBISA Award - Jury verdict

The maturity level of a SOC can be established with the help of the SOC-CMM - the SOC Capability & Maturity Model. The principles in this model can also serve as the starting point for a roadmap or as a checklist for building a SOC.

NCSC - Factsheet on Security Operations Centers

The best freely available audit tool for SOC maturity is the SOC-CMM. It provides basic and advanced audit spreadsheets to allow for the assessment of your SOC. The download and use is free. [...] The [SOC-CMM] covers extensive checks for the existence of technology, capability, training programs, etc.

Christopher Crowley - Instructor SOC Class

When designing processes and workflows, the human parameters of SIM3, the ENISA CSIRT maturity assessment model and the SOC capability and maturity model (SOC-CMM) might be relevant tools for validating their completeness and coverage.

ENISA Report - How to set up CSIRT and SOC - Good practice guide