A Forrester Total Economic ImpactTM Study Commissioned By Palo Alto Networks, December 2023
Switch between the study data and your organization’s custom data below. Answering the questions on the “Custom Data” tab will allow you to customize the analysis and estimate the potential impact of using Palo Alto Networks Prisma SASE at your organization.
To read Forrester's full analysis and customize the findings to your organization, please register below.
To read Forrester's full analysis and customize the findings to your organization, please register below.
Highly distributed organizations — those with many sites or a large percentage of remote workers — often look for secure access service edge (SASE) architecture mainly because of its ability to authenticate and authorize users who connect to and through their platform. However, SASE is a transformative technology, centralizing multiple networking and security capabilities into a unified solution with a single interface and data lake. Selecting the right solution provider can be a high-risk, high-reward decision.
Prisma SASE converges network security, SD-WAN, and autonomous digital experience management (ADEM) in the cloud. This provides security for all applications used by an organization, regardless of the location of the user.
Palo Alto Networks commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Prisma SASE.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Prisma SASE on their organizations.
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four representatives with experience using Prisma SASE. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a distributed enterprise with 50,000 employees, of whom 33% are remote or hybrid, and $7 billion in annual revenue.
Prior to using Prisma SASE, organizations typically worked with inconsistent and incomplete security, poor user experience due to how traffic was backhauled to data centers, and poor scalability as organizations increasingly adopted hybrid work and cloud. Additionally, managing access service at their organizations meant having to install different point solutions to secure their environments. The organizations lacked modern security technology as security and IT teams tried to keep up with evolving business needs. Digital transformation initiatives pushed more data, applications, and processes to the cloud while other core business functions remained on-premises. Yet this piecemeal approach left interviewees’ organizations with many different vendors in their security stacks, making it challenging for security operations (SecOps) teams to integrate technologies, benefit from analytics, apply consistent policies, and deliver a consistent experience to end users.
Return on investment (ROI)
0%
Net present value (NPV)
After the investment in Prisma SASE, the interviewees shared that they were able to consolidate much of their time spent on certain management activities as well as their vendor spend, creating operational efficiencies. They were able to boost end-user productivity, specifically their remote workers and employees who were not present at their physical office sites. They also noted that Prisma SASE in collaboration with other Palo Alto Networks solutions installed in their environment significantly reduced the likelihood of a data breach event.
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
For , this benefit could be worth over three years.
For , this benefit could be worth over three years.
For , this benefit could be worth over three years.
For , this benefit could be worth over three years.
Efficiency gains in managing SASE and making policy changes
75%
“The productivity that users can achieve, even remotely; not having to worry about integration with other systems; and the level of security we achieve — none of that is possible without Prisma SASE.”
Principal architect, healthcare
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
For , this cost could be over three years.
For , this cost could be over three years.
For , this cost could be over three years.
The representative interviews and financial analysis found that a composite organization experiences benefits of $18.34M over three years versus costs of $8.85M, adding up to a net present value (NPV) of $9.49M and an ROI of 107%.
could experience benefits of over three years versus costs of , adding up to an NPV of and an ROI of 0%.
While networking and security have a long and complicated history, having a segregated approach is not an acceptable way to operate as it often sabotages the gains from digital initiatives.
Now a businesswide networking fabric interweaves business assets, customers, partners, and digital assets to connect all parts of the business ecosystem, which can only occur if security is embedded within the DNA of the network.
Source: “Introducing The Zero Trust Edge Architecture For Security And Network Services,” Forrester Research, Inc., August 2, 2021.
ROI
Benefits PV
NPV
Payback
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment Prisma SASE.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Prisma SASE can have on an organization.
Forrester Consulting conducted an online survey of 351 cybersecurity leaders at global enterprises in the US, the UK, Canada, Germany, and Australia. Survey participants included managers, directors, VPs, and C-level executives who are responsible for cybersecurity decision-making, operations, and reporting. Questions provided to the participants sought to evaluate leaders’ cybersecurity strategies and any breaches that have occurred within their organizations. Respondents opted into the survey via a third-party research panel, which fielded the survey on behalf of Forrester in November 2020.
Interviewed Palo Alto Networks stakeholders and Forrester analysts to gather data relative to Prisma SASE.
Interviewed four representatives at organizations using Prisma SASE to obtain data with respect to costs, benefits, and risks.
Designed a composite organization based on characteristics of the interviewees’ organizations.
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Readers should be aware of the following:
This study is commissioned by Palo Alto Networks and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Prisma SASE. For the interactive functionality using Configure Data/Custom Data, the intent is for the questions to solicit inputs specific to a prospect's business. Forrester believes that this analysis is representative of what companies may achieve with Prisma SASE based on the inputs provided and any assumptions made. Forrester does not endorse Palo Alto Networks or its offerings. Although great care has been taken to ensure the accuracy and completeness of this model, Palo Alto Networks and Forrester Research are unable to accept any legal responsibility for any actions taken on the basis of the information contained herein. The interactive tool is provided ‘AS IS,’ and Forrester and Palo Alto Networks make no warranties of any kind.
Palo Alto Networks reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Palo Alto Networks provided the customer names for the interviews but did not participate in the interviews.
Consulting Team:
Adi Sarosa
Isabel Carey
Role | Industry | Revenue | Total Employees |
---|---|---|---|
Principal architect | Healthcare | $30 billion | 15,000 |
Director of security architecture and engineering | Manufacturing | $17 billion | 160,000 |
SVP of IT | Financial services | $3 billion | 3,000 |
Senior director | Hospitality | $20 billion | 380,000 |
Prior to using Prisma SASE, the interviewees told Forrester they typically worked in an environment with inconsistent and incomplete security. They often had to backhaul their network traffic to their data centers for security policy enforcement, which resulted in negative end-user experience. Additionally, scaling into new sites or providing security to hybrid and remote workers was incredibly challenging.
The interviewees noted how their organizations struggled with common challenges, including:
“One of the biggest risks that we have today is the speed of technology adoption and evolutions at companies. More and more people are working out of the office. The old-fashioned way of doing security is [that] you had everyone connected over to the same network, in closed locations. That no longer works.”
Director of security architecture and engineering, manufacturing
The interviewees’ organizations searched for a solution that:
Could make their security environment more operationally efficient. Interviewees shared wanting a solution that could either save time, money, or ideally both, which meant more resources that could potentially be repurposed for more strategic work. The principal architect in healthcare shared: “One of the reasons we went with Prisma SASE was that the configuration is 100% in the cloud. We no longer had to rely on data centers or hardware that we cared for.”
The senior director in the hospitality industry added: “Centralized management and integration with other solutions was the main [factor] in our decision-making process [of choosing Palo Alto Networks].”
“We had many reliability issues with our traditional VPN before moving to Prisma Access. Constant connection disruption, slow connectivity, high latency — that is a lot of lost time and productivity from an end-user standpoint.”
SVP of IT, financial services
Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the four interviewees, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:
Description of composite. The composite organization is a distributed enterprise with 50,000 employees and $7 billion in annual revenue. 33% of its workforce work remotely or hybrid. It has 400 sites including its headquarters, data center, cloud, branch offices, and retail and manufacturing locations. On average, the composite’s security team responds to 1,200 incidents a week, or 62,400 in the first year, with each incident taking an average of 2 hours to resolve.
Description of . has 0 employees with 0% working remotely and 0 sites or branches.
Deployment characteristics. The organization uses Palo Alto Networks Prisma SASE to connect remote networks at its retail locations and branch offices, as well as its remote and hybrid workers. The organization leverages end-of-life cycles and invests time to test the deployment, extending the timeline but also ensuring a smooth transition away from its legacy solution. The network security team are involved in deployment.
For the model, adopts Prisma SASE to connect its 0 remote sites or branches as well as its 0% remote workforce and leverages its end-of-life cycles of its legacy infrastructure. The 0 members of the network security team are involved in deployment.
Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|
Atr | Security and IT operations efficiency | $0 | $0 | $0 | $0 | $0 |
Btr | End user productivity gain | $0 | $0 | $0 | $0 | $0 |
Ctr | Data breach risk reduction | $0 | $0 | $0 | $0 | $0 |
Dtr | Security infrastructure cost reduction and avoidance | $0 | $0 | $0 | $0 | $0 |
Total benefits (risk-adjusted) | $0 | $0 | $0 | $0 | $0 |
Evidence and data. Interviewees noted that by moving to Prisma SASE, they were able to ease the load from members of the SecOps and NetOps team. This is a result of the managed service aspect of the solution, as well as various automation of activities that can be implemented in the process.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact benefit an organization receives in this regard may depend on:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.3 million.
For with 0 SecOps FTEs and 0 NetOps FTEs, this benefit may have a three-year, risk-adjusted total PV of .
“Prisma SASE is a managed service at its core. It’s not something that we have to keep our eyes on every day. We don’t have to worry about the system, the gateways, or network latency. All that is no longer our concern.”
Principal architect, healthcare
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
A1 | Size of SecOps organization (FTEs) | 0 | 0 | 0 | ||
A2 | Percentage of time managing tools and making policy changes | 0% | 0% | 0% | ||
A3 | Percentage of efficiency gain due to Prisma SASE | Interviews | 0% | 0% | 0% | |
A4 | Subtotal: Total time savings in managing tool and making policy changes (in FTEs) | A1*A2*A3 (rounded) | 0 | 0 | 0 | |
A5 | Percentage of time responding to security incidents | 0% | 0% | 0% | ||
A6 | Percentage of efficiency gain due to Prisma SASE | Interviews | 0% | 0% | 0% | |
A7 | Subtotal: Total time savings in responding to security incidents (FTEs) | A1*A5*A6 (rounded) | 0 | 0 | 0 | |
A8 | Average fully burdened annual salary of SecOps employee | TEI standard | $0 | $0 | $0 | |
A9 | Subtotal: Total value of SecOps organization efficiency gain | (A4+A7)*A8 | $0 | $0 | $0 | |
A10 | Size of NetOps organization (FTEs) | 0 | 0 | 0 | ||
A11 | Percentage of time spent to scaling and setting up new sites | 0% | 0% | 0% | ||
A12 | Percentage of efficiency gain due to Prisma SASE | Interviews | 0% | 0% | 0% | |
A13 | Average fully burdened annual salary of NetOps employee | TEI standard | $0 | $0 | $0 | |
A14 | Subtotal: Total value of NetOps organization efficiency gain | A10*A11* A12*A13 | $0 | $0 | $0 | |
A15 | Productivity recapture | 0% | 0% | 0% | ||
At | Security and IT operations efficiency | TEI standard | $0 | $0 | $0 | |
Risk adjustment | ↓10% | |||||
Atr | Security and IT operations efficiency (risk-adjusted) | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
Evidence and data. Interviewees noted that prior to using Prisma SASE, their previous security environment would sometime disrupt work done by business and end users. Sometimes this could be through investigation procedures that were too disruptive. Other times, security gaps that existed in the legacy environment resulted in cybersecurity attacks that could significantly disrupt employee productivity, especially those that work remotely.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact benefit an organization receives in this regard may depend on:
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $12.2 million.
For with 0% of 0 total employees working remotely, this benefit may have a three-year, risk-adjusted total PV of .
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
B1 | Total employees | 0 | 0 | 0 | ||
B2 | Percentage of remote/hybrid workers | 0% | 0% | 0% | ||
B3 | Percentage of work done in the cloud | 0% | 0% | 0% | ||
B4 | Percentage of end users impacted by system downtime | 0% | 0% | 0% | ||
B5 | Percentage of time recapture due to better availability/less downtime | Interviews | 0% | 0% | 0% | |
B6 | Average fully burdened annual salary for a business user | TEI standard | $0 | $0 | $0 | |
B7 | Productivity recapture | TEI standard | 0% | 0% | 0% | |
Bt | End-user productivity gain | B1*B2*B3*B4 * B5*B6*B7 | $0 | $0 | $0 | |
Risk adjustment | ↓15% | |||||
Btr | End-user productivity gain (risk-adjusted) | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
Evidence and data. The reduced complexity of the security environment also means reduced security risk. Whereas in their previous environment, the different point solutions didn’t integrate well or talk to each other, creating potential security gaps that could lead to an increased risk of data breach, using Prisma SASE significantly reduced that risk. This was even more substantial among organizations with remote and/or hybrid workers.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact benefit an organization receives in this regard may depend on:
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $3 million.
For with 0 total employees, this benefit may have a three-year, risk-adjusted total PV of .
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
C1 | Average data breaches per year | Forrester Research | 0 | 0 | 0 | |
C2 | Total employees | B1 | 0 | 0 | 0 | |
C3 | Average potential cost of data breach per employee, excluding internal user downtime | Forrester Research | $0 | $0 | $0 | |
C4 | Reduced likelihood of a breach | Interviews | 0% | 0% | 0% | |
C5 | Attribution to Prisma SASE | B2 | 0% | 0% | 0% | |
Ct | Data breach risk reduction | C1*C2*C3 * C4*C5 | $0 | $0 | $0 | |
Risk adjustment | ↓15% | |||||
Ctr | Data breach risk reduction (risk-adjusted) | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
“Without PANW, we would be exposed to different kinds of attacks. When on-prem, people are behind a firewall. Now, with people remote or abroad, you lose that. Tools like Prisma SASE allow you to continue to have the same level of visibility, control, and protection.”
Principal architect, healthcare
Evidence and data. Interviewees noted that the different solutions and functionalities that they receive as a result of their investment in Prisma SASE meant being able to reduce or retire a percentage of their annual security and networking tech spend.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact benefit an organization receives in this regard may depend on:
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $846,000.
For , this benefit may have a three-year, risk-adjusted total PV of .
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
D1 | Annual security tech stack spend related to remote and distributed workforce | $0 | $0 | $0 | ||
D2 | Percentage of savings from vendor consolidation related to Prisma SASE and SD-WAN | Interviews | 0% | 0% | 0% | |
Dt | Security infrastructure cost reduction and avoidance | D1*D2 | $0 | $0 | $0 | |
Risk adjustment | ↓15% | |||||
Dtr | Security infrastructure cost reduction and avoidance (risk-adjusted) | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
“With Prisma SASE, you have one platform that does multiple things. We were able to consolidate three different solutions into one. Dollarwise, that is a significant cost saving.”
Principal architect, healthcare
Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:
Increased visibility for security environment. Interviewees noted that one of Prisma SASE’s most valuable benefits is the enhanced visibility they now have on the condition, performance, and usage of different parts of the security organization. The principal architect in healthcare shared, “We’re able to easily monitor traffic and see what is actually happening on the network.”
The SVP of IT in financial services added: “The attractive thing about Palo Alto Networks was the interface and visibility. The reporting was the best for us in terms of UI. It instantly performed better than our purpose-built reporting software that we had struggled to maintain.”
“Having PANW prepares you for the rest of the path, which is to integrate more things such as remote networks, branch offices, and CASB.”
Director of security architecture and engineering, manufacturing
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Prisma SASE and later realize additional uses and business opportunities, including:
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).
Defending against attacks on machine learning and artificial intelligence was a niche discipline … until recently. Use cases for adversaries to use AI have also emerged, which will help them scale and wreak havoc in ways they simply could not prior to the emergence of these technologies.
Cloud computing presents security challenges due to the footprint of the cloud and the complexity of cloud environments. Security threats will be exacerbated by the growth in flavors of cloud compute and storage infrastructure, as well as IaaS providers’ inability to cover these new flavors of compute and storage infrastructure.
Source: “The Future Of Cybersecurity And Privacy,” Forrester Research, Inc., August 3, 2023.
Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|---|
Etr | Internal time investment for installation and deployment | $0 | $0 | $0 | $0 | $0 | $0 |
Ftr | Internal time investment for user training and ongoing management | $0 | $0 | $0 | $0 | $0 | $0 |
Gtr | Prisma SASE costs | $0 | $0 | $0 | $0 | $0 | $0 |
Total costs (risk-adjusted) | $0 | $0 | $0 | $0 | $0 | $0 |
Evidence and data. Interviewees noted that deploying Prisma SASE was an involved process, requiring collaboration from different teams at their organizations (IT, SecOps, and NetOps) with the Palo Alto Networks team.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact cost an organization incurs in this regard may depend on:
Results. To account for these risks, Forrester adjusted this cost upward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $436,000.
For , these costs may have a three-year, risk-adjusted total PV of .
Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|---|
E1 | Network team working on PANW installation | 0 | 0 | 0 | 0 | ||
E2 | Time spent per network team member | Interview | 0% | 0% | 0% | 0% | |
E3 | Annual salary: NetOps employee | TEI standard | $0 | $0 | $0 | $0 | |
E4 | Percentage attribution to Prisma SASE | Interviews | 0% | 0% | 0% | 0% | |
Et | Internal time investment for installation and deployment | E1*E2*E3*E4 | $0 | $0 | $0 | $0 | |
Risk adjustment | ↑15% | ||||||
Etr | Internal time investment for installation and deployment (risk-adjusted) | $0 | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
Evidence and data. Once set up, interviewees noted varying degrees of what ongoing management would look like for Prisma SASE. For some, it was an easy platform to monitor, while others spent additional time and investment to ensure that they fully maximize what the solution has to offer for their organizations.
Modeling and assumptions. For the purpose of the composite organization, Forrester assumes:
Risks. The exact cost an organization incurs in this regard may depend on:
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $63,000.
For , these costs may have a three-year, risk-adjusted total PV of .
Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|---|
F1 | FTEs receiving training for ongoing management | 0 | 0 | 0 | 0 | ||
F2 | Hours per training session | Interviews | 0 | 0 | 0 | 0 | |
F3 | Average fully hourly salary per IT org employee (including SecOps, NetOps, and IT operations) | TEI standard | $0 | $0 | $0 | $0 | |
F4 | Internal time investment for user training | F1*F2*F3 | $0 | $0 | $0 | $0 | |
F5 | Percentage of time spent for ongoing management | Interviews | 0% | 0% | 0% | 0% | |
F6 | Value of internal time investment for ongoing management | F1*F3*2080 hours*F5 | $0 | $0 | $0 | $0 | |
F7 | Attribution to Prisma SASE | Interviews | 0% | 0% | 0% | 0% | |
Ft | Internal time investment for user training and ongoing management | (F4+F6)*F7 | $0 | $0 | $0 | $0 | |
Risk adjustment | ↑10% | ||||||
Ftr | Internal time investment for user training and ongoing management (risk-adjusted) | $0 | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
Evidence and data. The interviewees purchased hardware upfront and were able to amortize the subscription costs over the three-year contract term, providing predictable annual costs.
Modeling and assumptions. . For the purpose of the composite organization, Forrester assumes:
Risks. The exact cost an organization incurs in this regard may depend on:
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $8.3 million.
For , Prisma SASE costs may have a three-year, risk-adjusted total PV of . Please note that this is based on a high-level estimation and does not represent a quote. For more details, please contact Palo Alto Networks.
Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|---|
G1 | Annual cost for Prisma SASE | $0 | $0 | $0 | $0 | ||
Gt | Prisma SASE costs | G1 | $0 | $0 | $0 | $0 | |
Risk adjustment | ↑5% | ||||||
Gtr | Prisma SASE costs (risk-adjusted) | $0 | $0 | $0 | $0 | ||
Three-year total: $0 | Three-year present value: $0 |
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
---|---|---|---|---|---|---|
Total costs | $0 | $0 | $0 | $0 | $0 | $0 |
Total benefits | $0 | $0 | $0 | $0 | $0 | $0 |
Net benefits | $0 | $0 | $0 | $0 | $0 | $0 |
ROI | 0% | |||||
Payback period |
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
Related Forrester Research
“The Future Of Cybersecurity And Privacy,” Forrester Research, Inc., August 3, 2023.
“Top Cybersecurity Threats In 2023,” Forrester Research, Inc., April 17, 2023.
“Introducing The Zero Trust Edge Architecture For Security And Network Services,” Forrester Research, Inc., August 2, 2023.
1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
2 Source: Forrester Consulting Cost Of A Cybersecurity Breach Survey, Q1 2021.
3 Ibid.
Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.
© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.
Cookie Preferences
Accept Cookies
Decline
Close
This website uses cookies to deliver functionality and enhance your experience. GDPR requires that we obtain your consent before activating these cookies. Please accept the use of cookies or review your cookie settings now.
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.
Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.
Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.
Please see our
Privacy Policy for more information.