Achieving a difficult goal like having a useful, always updated Threat Models requires resources and a good strategy. Requires also to divide the big challenge in smaller step, assess progress and, in the first place define the ultimate goal. To perform those activities a maturity models is the right tool. It defines the goal as the target maturity. It also defines a series to intermediate goals in the form of lower to higher maturity targets, and is fundamental to assess the advancement and the overall quality/maturity of the Threat Models.
There are some great maturity models, for example OWASP SAMM, that helps assessing the maturity of different practices across secure development lifecycle (https://owaspsamm.org/model/design/threat-assessment/). I've personally worked on them with great results. But the granularity and details of the parameters to assess the maturity of secure design and threat model is not enough for defining a specific strategy for successfully Threat Modeling. Based on my experience and valuable feedback from colleagues, I came with a more detailed maturity model just for Threat Modeling. As in other maturity frameworks the highest maturity, Level 3, is not the prescriptive final target for everybody. Maturity 1 or 2 al already a great place to be for a company or product.
The table below summaries the specific maturity models for Threat Modeling.
Every entry in the table would contribute with a specific weight to the periodic assessment of the Threat Models maturity.