Date post: | 18-Jan-2016 |
Category: |
Documents |
Upload: | isaac-wiggins |
View: | 218 times |
Download: | 0 times |
MAKING THEBUSINESS CASE
FOR …
Security Information and Event Management
THE ACCOMPANYING EXCEL FILE IS DESIGNED FOR SIMPLICITY
It befits a feasibility-level study; more complex
analyses would require a more robust model
It is based on cash flow, not P&L
It has no macros
All data and assumptions are to be entered on one
tab, the other tabs are for display only
1. INPUT REQUIRED DATA
Simply enter values
in the green boxes
2 . ENTER IN PROJECT COSTS AND DISCOUNT RATE
Estimate based on
prior experience,
market scan, or vendors’
indicative pricing
Usually given by CFO group; it
should reflect the degree of risk
3. ENTER IN TARGET STATE DELTAS BY YEAR
Best to start with the last year, then back into how much of that benefit you’re likely to achieve by the end of each intervening year
5. REVIEW, CUT AND PASTE EXHIBITS
4 . DEFINE RISKS ANDSOFT BENEFITS
RISKS• The SIEM system selected might provide more data
than the enterprise requires, causing unintended inefficiencies
• Use cases might not be fully developed, leading to mismatches between reports and reporting requirements
• Enterprise might need to spend additional funds to enhance skills and processes to fully utilize SIEM
SOFT BENEFITS• Prevent losses due fraud• Prevent downtime due to malware attacks• Enhance brand's reputation for security and
availability
IF YOU DON’T LIKE THE ANSWER, JUST CHANGE THE
ASSUMPTIONS
You can always go back and change … Target-state reduction
projections and the forecast speed to attainment
Discount rateBy William Freedman
Tom’s IT ProTheCaseMaker.wordpress.
com@ITCaseMaker