Economic Framework for Digital

Identity Management and E-

government

Dr. Jon P. Gant

Associate Professor

University of Illinois at Urbana-Champaign, USA

Graduate School of Library and Information Science

Presentation to the OECD Expert Seminar:

Business Case for Digital Identity Management

November 19-20, 2008

Paris, France

Overview

Examine economic feasibility analysis for IDM

Challenges of implementing within government

Facilitating IDM cooperation across public and

private sectors

Governance of inter-governmental partnerships

Complexity of IDM Increases with

Level of E-government Services

Source: Gartner Group

Managing IDM as a Strategic

Resource

Organizations must deal with

external and internal forces

Must leverage resources and

capabilities

Therefore, business case must be

sensitive to strategic framework

Technology-Related Challenges of

Developing IDM systems

Redesign operation processes congruently with software applications

Integrate applications through one interface

Decide

– Develop in-house or outsource

– Use standard off the shelf solutions or custom software

– Big bang or incremental

– Which standard to adopt

Diagram of Enterprise Web Portal

Source: McGraw-Hill

Sociotechnical Challenges of Developing IT

Systems

Digital

Identity

Management

Political

Environment

Organization

& Strategy

Pre-existing

IT

Architecture

Laws and

Public Policies

Emerging Practice - Benefits

Realization Management

Improving methods for selecting, monitoring and evaluating projects

Breaking down large multi-year projects Into small projects

Shifting accountability of achieving business case to business owner

Increasing investment in personnel, organizational and process changes

Economic Feasibility of IDM

Framework

Maximize Net Benefits

Improve estimates of benefits and

costs

Consider how costs and benefits

vary by scope and scale of system

SA* = Optimal Level of Cybersecurity Activities

Net Benefits

A. Total Costs and Total Benefits in Determining Optimal Level of Cybersecurity Activities

B. Net Benefit in Determining Optimal Level of Cybersecurity Activities

Total Benefits /

Total Costs

Net Benefits

Total Costs (C)

Total Benefits (B)

Cybersecurity

Activities (SA)

Cybersecurity

Activities (SA)SA*

S

A*

Adapted from Gordon and Loeb (2006, p. 32)

Cost Benefit Model

Financial Analysis

OECD Countries CBA Methods

Desired Outcomes

Minimize cybersecurity breaches

Enhance value of IDM

Fulfill compliance to regulations and

laws

Ensure user acceptance

IDM Costs

Consider the Costs of Building IT Assets

and Capabilities

Human

AssetRelationship

Asset

Technology Asset

High

Performing

IT Unit

Shared

Risk and

Responsibility

Sharable Platforms

and Databases

(Ross, Beath and Goodhue 1996)

Economic Analysis will Vary By

Scope of system

– Enterprise wide architecture

– Serving intergovernmental services

– Serving multinational services

Stage of project lifecycle

How to Improve Estimates

Assign the initial estimating task to the final developers

Delay finalizing the initial estimate until the end of a thorough study

Anticipate and control user changes

Monitor the progress of the proposed project.

Evaluate proposed project progress by using independent auditors

Use the estimate to evaluate project personnel

Study the cost estimate carefully before approving it

Rely on documented facts, standards, and simple arithmetic formulas

(Denis et al, 2006)

Moving Forward

Adopt approach to consider the

strategic value of IDM

Consider how costs and benefits will

vary by scale and scope of system

Invest in careful study of proposed

systems