Andrew McAfee in his blog entitiled “Still on the Case of the Business Case” speaks about the misuse of ROI as a basis for the business case for IT projects. The Primary reason given is that the link between technology and Business value is usually fairly tenuous.
This is exeggerated in the Case of Infrastructure IT components. Drawing a direct link between Network LAN infrastructure and Business value would be very problematic since the LAN underpins almost all activities, but is not the only contributor to the value. If you were to calculate the cost of all the components in a Value Chain for a specific business process then LAN costs would appear against most business processes; However it would be foolish to say that the return for that business process could be attributed to the investment in LAN infrastructure … YET without the LAN the process would be significantly compromised, if not in some cases impossible.
So I would suggest the risk approach to Infrastructure Investment. IT happens over and over again that Business refuse to invest in some infrastructure upgrades until one day it all comes tumbling down and then the cash become instantly available to fix it.
I have found that the risk approach to the problem is well known and understood by business decision makers, So as an IT manager use the auditors to articulate business risk due to infrastructure problems that will then be presented to business decision makers in a familiar and understandable way. There is seldom an ROI for upgrading Infrastructure, but the risk of not doing it is high.
So use the auditors for their specific purpose of articulating business risks.
I would say that the Business Case for Infrastructure spending should be Risk based instead of ROI based. What is the risk of not having item ABC? What is the risk of not including feature XYZ? What is the risk of not upgrading?
“What is the ROI of feature XYZ?” is a question that cannot be accurately answered nor properly speculated upon.