MAKING THEBUSINESS CASE

FOR …

Security Information and Event Management

THE ACCOMPANYING EXCEL FILE IS DESIGNED FOR SIMPLICITY

It befits a feasibility-level study; more complex

analyses would require a more robust model

It is based on cash flow, not P&L

It has no macros

All data and assumptions are to be entered on one

tab, the other tabs are for display only

1. INPUT REQUIRED DATA

Simply enter values

in the green boxes

2 . ENTER IN PROJECT COSTS AND DISCOUNT RATE

Estimate based on

prior experience,

market scan, or vendors’

indicative pricing

Usually given by CFO group; it

should reflect the degree of risk

3. ENTER IN TARGET STATE DELTAS BY YEAR

Best to start with the last year, then back into how much of that benefit you’re likely to achieve by the end of each intervening year

5. REVIEW, CUT AND PASTE EXHIBITS

4 . DEFINE RISKS ANDSOFT BENEFITS

RISKS• The SIEM system selected might provide more data

than the enterprise requires, causing unintended inefficiencies

• Use cases might not be fully developed, leading to mismatches between reports and reporting requirements

• Enterprise might need to spend additional funds to enhance skills and processes to fully utilize SIEM

SOFT BENEFITS• Prevent losses due fraud• Prevent downtime due to malware attacks• Enhance brand's reputation for security and

availability

IF YOU DON’T LIKE THE ANSWER, JUST CHANGE THE

ASSUMPTIONS

You can always go back and change … Target-state reduction

projections and the forecast speed to attainment

Discount rateBy William Freedman

Tom’s IT ProTheCaseMaker.wordpress.

com@ITCaseMaker