We have seen almost 30 years of CSIRT history now. From the very beginning, teams have developed not only their technical skills but have also worked on developing the best organisational and strategic models for their operations. The natural facilitators for that development are internal needs, expectations from others teams (like members of cooperation initiatives like FIRST, TF-CSIRT or APCERT) and external regulations or expectations such as the recent NIS Directive in Europe. The best recognised framework for CSIRT maturity is SIM3 (Security Incident Management Maturity Model). It defines 44 parameters in the areas of organisation, human aspects, tools and processes - plus a scale and methodology by which to measure these 44 parameters, that way evaluating the overall CSIRT maturity and operational capability. In 2009 this model was adopted by TF-CSIRT as their Certification schema for CSIRTs in Europe. Later on, SIM3 got picked up by more regions in the world, often for self assessment purposes, with an increasing interest to apply it to accreditations, membership procedures and certifications. Now - in 2016 - this model has been enhanced with a proposal on how to reach increasing CSIRT maturity in three steps. The first step is to reach the "basic" level, followed by the "intermediate" level. The third step leads to the "certifiable" level, which is meant to be sufficient to reach existing Certification(s). It says "certifiable" and not "certified" as for the latter an independent assessment would be needed, and this could be different in different regions or sectors. During the presentation, the authors will briefly explain the SIM3 model, its parameters and how to use it in practice. The focus will however be on explaining how to do the three step maturity improvement process, what it will take and how useful this is for the team. After the presentation, participants will know how to prepare their team for their development towards higher CSIRT maturity.