Return on Investment

 

Modelling, forecasting and measuring reasonable ROI is one of the most important challenges in any technology project. ROI in "security" related endeavours like identity management and "trust" is a notorious problem. Some like to consider security as a form of insurance and as such could be a cost of doing business (or even a cost of staying in business!) rather than an active contributer to profitablity. Others point to tangible business benefits enabled by identity management and seek to model those to establish ROI.

Certainly there are a range of approaches to evaluating ROI.

The OASIS PKI Technical Committee developed a detailed PKI ROI model and whitepaper which includes a novel digital certificate supply chain.

The OASIS PKIA TC work built on the preceding PKI Forum ROI whitepaper.  

 

The Verisign and Blue Bridge whitepaper of 2002, ROI for PKI investment includes a particularly good, detailed examination of digital signature applications.

Assorted individual ROI casestudies for PKI may be found on the web, including the very elegant experience of the US Patent Office PKI.