saugatuck-ethicspoint research pape-weblayout-jan2009-final

SaaS vs. On-Premise Solutions: The ROI of Proactive Case Management

A research report prepared by: Report development and publication sponsored by:

SaaS vs. On-Premise: The ROI of Proactive Case Management February 2009

TABLE OF CONTENTS

© 2009 Saugatuck Technology Inc.

Introduction 1

Data Breaches 1

Fraud Losses 2

Three Dimensions of Proactive Case Management 4

ROI Approach – The Model 5

Calculating ROI 8

SaaS Savings 9

The Bottom Line 10

i

About Saugatuck Technology

Saugatuck Technology Inc. provides market strategy consulting and subscription research services to senior executives, information technology vendors, and investors, combining strategy development, business planning, and market intelligence with first-hand research of executive technology buyer trends. Founded in 1999, Saugatuck is headquartered in Westport, Connecticut (USA), with offices in Silicon Valley and in Germany. For more information, go to www.saugatech.com, or call +1.203.454.3900 in the US, or +49.6123.630285 in Germany.

Figure 1: The Rising Cost of Data Breaches 2

Sidebar: How Common are Data Breaches? 3

Figure 2: Reported Data Breaches in January 2009 3

Figure 3: Figure 3: From Reactive to Proactive Case Management 4

Figure 4: Costs of Proactive Case Management 5

Figure 5: Time Savings 6

Figure 6: Cost Avoidance 7

Figure 7: Cost Containment 7

Figure 8: Return on Investment 8

Figure 9: SaaS ROI 9

Figure 10: On-premise vs. SaaS Solution Costs 9

TABLE OF FIGURES

About this report Saugatuck Technology Inc. is solely responsible for the content of this report. Unless otherwise cited, all content, including illustrations, research, conclusions, assertions and positions contained in this report were developed by, and are the sole property of, Saugatuck Technology Inc. The development and publication of this report were sponsored by EthicsPoint, Inc.

Entire contents © 2009 Saugatuck Technology Inc. All rights are reserved. Reproduction of this publication in any form without prior written permission is strictly prohibited.


I NTRODUCTION Many organizations have implemented an anonymous hotline service to capture reports of issues and events that violate a written code of conduct. Yet valuable information remains hidden within these organizations, and operational risk re-mains higher than it should. Companies can realize an immediate ROI through pro-active case management of these reported issues and events. Proactive case management goes well beyond utilizing a hotline or web-based re-porting and analyzing issue and event reports in a spreadsheet. Coordinating risk management across legal, HR, finance, IT, and business operations requires a cen-tralized and systematic approach to capturing and processing reports of theft, safety violations, employee misconduct, etc. And building an ethical culture re-quires more than just formalization of policy management and increased employee awareness. However, a comprehensive and proactive case management approach not only helps the organization reduce overall risk – and reduce the costs of ethical and le-gal transgressions – but can also significantly reduce the overall costs of risk man-agement itself. This research paper will identify the benefits and returns on invest-ment from a proactive case management approach driven by a state-of-the-art SaaS solution – including time savings, cost avoidance, cost containment and SaaS-related efficiencies.

DATA BREACHES Let’s consider one of the most common categories of preventable incidents that threaten all organizations, large and small: data breach. Over the past few years, according to the Ponemon Institute’s 2007 Annual Survey, the cost of a data breach to organizations rose an estimated 43 percent with an average cost of $197 per compromised record (See Figure 1 below). Included in this figure were costs arising from discovery, response and notification, lost trust of customers and em-ployees, lost employee productivity, additional regulatory fines, damage to reputa-tion, opportunity costs, and other indirect costs. Figure 1 – The Rising Cost of Data Breaches

Using this average cost figure as an index, a data breach of 250 compromised re-cords would cost approximately $50,000. A data breach of 8,500 records would cost $1.7 million, and data breach of 160,000 records would cost $31.5 million.

1 © 2009 Saugatuck Technology Inc.

Source: Saugatuck Technology Inc

Source: U.S. Cost of a Data Breach: Understanding Financial Impact, Customer Turnover, and Preventative Solutions, Ponemon

Institute, 2007 Annual Study


Stolen computers left unattended and website hacks account for a large percentage of data breaches. But there are also quite a few inadvertent web postings and email attachments that compromised personal identification information (PII). Consider these examples of preventable data breaches:

• At CheckFree, at least 160,000 customers -- and possibly as many as 5,000,000 -- were compromised when criminals seized control of the company's websites and redirected customer traffic to a malicious website hosted in the Ukraine.

• An administrative worker at Harris County Hospital District downloaded medi-cal and financial records for 1200 patients with HIV, AIDS and other medical conditions onto a flash drive that was later lost or stolen.

• A New Zealand man bought an MP3 player for $18 at an Oklahoma thrift shop and was surprised to find files on the flash drive with the names and personal details of 60 American soldiers.

Needless to say, even a very small data breach can have serious consequences, and large and well-known financial institutions with professional security staff can also experience these avoidable compromises.

FRAUD LOSSES On December 15, 2008, the U.S. Department of Justice settled its Foreign Corrupt Practices Act case with Siemens paying a fine of $800 million. The SEC had al-leged that Siemens paid out $1.4 billion in bribes to win contracts for medical equipment in China and Southeast Asia, telecommunications networks in Africa, and transit equipment in South America. The Justice Department noted that Sie-mens could have been required to pay up to $2.7 billion, but the penalties were re-duced because of Siemens’ cooperation during the investigation. In addition to the fine, Siemens must submit to anti-corruption compliance monitoring by an inde-pendent firm and remains under investigation for related charges in nearly a dozen other foreign countries. Klaus Kleinfeld, Siemens’ CEO, was forced to resign due to the scandal, and the German courts issued prison sentences to other Siemens executives. In addition to the fines, Siemens spent over $1.1 billion during its own investigation of the charges, including millions in fees to its U.S. attorneys, bring-ing the total cost of the Siemens fraud to nearly $2 billion.

While the Siemens fraud is certainly an extreme example, all organizations have some degree of exposure. According to survey participants in the 2008 report of the Association of Certified Fraud Examiners (ACFE), U.S. organizations lose an esti-mated 7 percent of their annual revenues to fraud, and more than one-quarter of those frauds involve losses of at least $1 million. Typical fraud in the ACFE study lasted two years from the time it began until the time it was caught by the victim organization. In 46 percent of the cases these frauds were detected by tips from employees, customers, vendors, and other sources, yet fewer than half (43.5 per-cent) of the companies surveyed had a hotline in place. When hotlines were imple-mented, the median cost of fraud was reduced 60 percent from $250,000 to $100,000.

Both data breach and fraud are widespread problems across organizations of all types and sizes. Clearly there are other kinds of exposures, including shrinkage, theft, discriminatory lawsuits, product liability and other class actions, and physical damages to property and equipment through negligence or sabotage. However, the ROI model presented here will focus on just those two types of incidents and the

© 2009 Saugatuck Technology Inc. 2



HOW COMMON ARE DATA BREACHES?

Since 2005, the total number of known compromised records is 251,164,141 -- and climbing! And many data breaches are reported as unknown numbers of records exposed. During the month of January 2009 alone, more than 20 such breaches were reported in various news media, including the following:

Figure 2: Some Reported Data Breaches Reported in January 2009

Source: Aggregated and formatted by Saugatuck Technology Inc. from multiple reports

Date Case

# Records

Involved

Jan. 2 Merrill Lynch (New York, NY) Unknown

Jan. 2 Pepsi Bottling Group (Somers, NY) Unknown

Jan. 5 Library of Congress (Washington, DC) 10

Jan. 6 CheckFree Corp. (Atlanta, GA) 5,000,000?

Jan.11 University of Rochester (Rochester, NY) 450

Jan.12 Columbus City Schools (Columbus, OH) 100

Jan.13 University of Oregon (Eugene, OR) Unknown

Jan.13 Innodata Isogen, Inc.(Hackensack, NJ) Unknown

Jan.13 Seventh-Day Adventist Church (Silver Spring, MD) 292

Jan.13 Continental Airlines (Newark, NJ) 230

Jan.13 Blue Ridge Community Action (Morganton, NC) 300

Jan.14 Occidental Petroleum Corporation (Dallas, TX) Unknown

Jan.16 Southwestern Oregon Community College (Coos Bay, OR) 200

Jan.19 Forcht Bank (Lexington, KY) 8,500

Jan. 20 Kanawha-Charleston Health Department (Charleston, WV) 11,000

Jan. 20 Heartland Payment Systems (Princeton, NJ) Unknown

Jan. 21 Missouri State University (Springfield, MO) 565

Jan. 23 Monster.com (Maynard, MA) Unknown

Jan. 26 Madison, WI. Human Resources Department (Madison, WI) 500

Jan. 26 U.S. Army 60

Jan. 27 U.S. Consulate (Jerusalem, Israel) Unknown

Jan. 27 Beaumont City (Beaumont, TX) 500


THREE DIMENSIONS OF PROACTIVE CASE MANAGEMENT Let’s take a closer look at how organizations can prevent losses through a proactive case management approach by examining its three dimensions: functionality, or-ganizational span and culture change. Proactive case management is more than just a hotline or contact center, although they are indispensible elements of the required functionality. In addition to a reporting system, proactive case management re-quires analysis and reporting tools that can detect patterns of vulnerability before they result in compromises. And proactive case management also means a consis-tent set of policies and procedures in response to a perceived problem and in the case of a confirmed ethical transgression or system breach.

According to noted GRC pundit Michael Rasmussen, “Responsibility for risk and compliance has traditionally been scattered across legal, finance, IT, and business operations. Faced with multiple risk and compliance initiatives scattered across business operations, the burden of risk and compliance has become a widespread business problem.” Proactive case management is an approach that manages risk across departments, geographies, and time periods and recognizes and reduces the incidence of cascading or interdependent patterns of risk through formal organiza-tion-wide, incident-response teams and protocols by incident type.

However, attaining proactive case management without organization-wide culture change is impossible. Building a sustainable, secure and ethical culture requires at a minimum:

• Mandatory training with emphasis on continued learning • Ongoing awareness campaigns designed to transform organizational culture • Metrics that indicate the degree of progress attained across the organization. • Proactive case management also requires a long-term commitment to culture

change with specific plateau targets to consolidate gains and to introduce the next level of advancement (See Figure 3 below).

Figure 3: From Reactive to Proactive Case Management


Stage 1 - Reactive• Hotline or contact center

for incident reporting• Policies and procedures

accessible by all via central repository

• Mandatory training with emphasis on continued learning

Stage 2 - Transitional• Issue and event analysis

tools (departmental focus)• Clearly-defined

responsibilities for monitoring potential exposures

• Reporting system for incidents and all actions taken toward resolution

• Awareness campaigns designed to build a sustainable, secure and ethical culture

Stage 3 - Proactive• Issue and event analysis

tools across departments, geographies, time periods

• Workflow-driven case management review and resolution tools

• Dashboards tracking key performance indicators (KPI) and incident data

• Scenario-based simulations to test incident response protocols

• Formal incident response teams and protocols by incident type

• Post-mortem reviews as input for policy and procedure modifications

Source: Saugatuck Technology Inc.



Building a sustainable, secure and ethical culture may take more time than antici-pated and will require difficult decisions to be made, as well as learning from un-avoidable mistakes. Culture change also requires the unstinting support of the very top of the house to be successful over time. An abandoned or reduced commitment in mid-course not only sub-optimizes the benefits of culture change, but may lead to costly internal conflict. Success in attaining proactive case management requires a significant investment in culture change, and not merely “window dressing.”

ROI A PPROACH – THE MODEL The return on investment (ROI) calculation is designed for comparison of invest-ment alternatives. The resulting ROI numbers for a number of projects may be compared in order to determine which projects are most likely to generate superior returns. Typically, ROI is the analysis of returns from an upfront capital invest-ment measured against the cash flows that result from it:

%ROI = (Returns / Capital Outlay) * 100

However, the approach we take here lays ongoing costs against ongoing returns —

%ROI = (Savings / Costs) * 100

— because we are looking at returns from implementing a cloud-based, Software-as-a-Service (SaaS) solution. Moreover, this ROI model considers, on the benefit side, only data breach and fraud. It ignores shrinkage, theft, discriminatory law-suits, product liability and other class actions, and physical damages to property and equipment through negligence or sabotage. As a model, it may be adapted on both the cost and benefits sides to meet the specific needs of any organization. Costs

On the cost side (See Figure 4 below), we are considering costs of implementing a hotline or Web contact center for incident reporting plus case management tools as discussed above. Costs included are upfront costs, subscription costs, implementa-tion services costs, and other professional services costs.

Figure 4: Costs of Proactive Case Management


Year 1 Costs Basic (SMB) Enterprise-wide

Hotline/Contact Center plus Case Management• Upfront costs • Subscription costs• Implementation services costs• Other professional services costs

$5000 - $12,000 $50,000- $160,000

Organizational Costs• Policy and procedure development• Training• Awareness campaigns• Part-time and full-time employee costs

$10,000 - $25,000 $150,000 - $250,000

Total Costs $15,000 - $37,000 $200,000 - $410,000

Year 2 and beyond Basic (SMB) Enterprise-wide

Hotline/Contact Center plus Case Management $3000 - $10,000 $50,000 - $150,000

Company Costs $10,000 $150,000

Total Costs $13,000 - $20,000 $200,000 - $300,000


We also include organizational costs such as policy and procedure development, training, awareness campaigns, and part-time and full-time employee costs. We have presented the costs as a range for each of two implementation models, a basic or SMB implementation and an enterprise-wide implementation for a large organi-zation. First year costs are assumed to run higher than costs in subsequent years. This ROI model is based upon a 3-year comparison of costs to benefits.

Returns Returns from Proactive Case Management are based on three types of savings: time savings, cost avoidance and cost containment.

1. Time Savings: Converting a purely human-intensive and inconsistent process to a consistent process-based approach produces productivity or time-related savings. Common examples of these savings include the following:

• Cutting out the time spent managing and reconciling Microsoft Excel TM

spreadsheets or multiple databases in multiple organizational units for inci-dent analysis and reporting

• When an incident of data breach occurs, the organization must issue formal documentation using the appropriate forms and formats to 41 states; this alone can be very time intensive.

2. Cost Avoidance: Anonymous and formal reporting system makes reporting less a rat session and more a recording of a possible irregularity. Hence, re-porting goes up. And antennae are raised, appropriately, to head off potential messes. Early warning benefits accrue.

3. Cost Containment: A reasonable approach is to accept that things will break, and problems will occur. But well-handled incidents that are recorded, com-municated and managed in a consistent, proactive manner cost, in a word, less.

In addition, we will later discuss SaaS-related savings from both TCO and ROI points of view. Clearly, however, in an economic climate in which investment capi-tal is hard to come by, a proactive case management solution that requires no capi-tal expense and fewer IT personnel has significant appeal.

Time Savings Figure 5 presents the time savings from a proactive case management solution. Figure 5: Time Savings

We estimate between 25 percent and 75 percent savings through improved produc-tivity, applied against the organizational costs in Table 2 above. If the range of savings for an SMB implementation is between $2,500 and $18,500, then we might assume a rough midpoint or average time savings in year 1 of $10,000.


Time Savings Basic (SMB) Enterprise-wide

Year 1 $2,500 - $18,500$10,000

$37,500 – $188,500$100,000

Year 2 $2,500 - $7,500$5,000

$37,500 – $112,500$75,000

Year 3 $2,500 - $7,500$5,000

$37,500 – $112,500$75,000

Total Savings $7,500 - $33,500$20,000

$112,500 - $412,500$250,000



In subsequent years, by the same method, $5,000 in time savings – for a total of $20,000 in time savings over the three-year period. For enterprise-wide implemen-tations in large organizations, we estimate the time savings at $250,000 for the three years.

Cost Avoidance

Cost avoidance savings over the three-year period are presented in Figure 6 below.

Figure 6: Cost Avoidance

Recalling that hotlines alone were shown to reduce the median cost of fraud by 60 percent, we assume that a fully-implemented proactive case management solution would increase that savings to at least 75 percent. More than 25 percent of frauds reported in 2007 involved losses of $1 million and up, but let’s assume that for the SMB the fraud loss would be $250,000 and for a large organization it would be $1 million. A data breach of 250 compromised records would cost an SMB $50,000, and a data breach of 8,500 records would cost a large organization $1.7 million.

For this model we assume 1 data breach prevented and 1 fraud detected early dur-ing the 3 years. For the SMB, the fraud savings would thus be $187,500 and the data breach savings $50,000 for a total of $237,500 due to cost avoidance. For the large organization, the total savings due to cost avoidance would be $2,450,000.

Cost Containment

Cost containment savings arise when a serious problem occurs and is handled well. It is inevitable that serious problems will occur and it is not unreasonable that they would occur at least once over a three-year period. In Figure 7, we present the sav-ings due to cost avoidance over the three-year period.

Figure 7: Cost Containment

The average total cost per reporting company of a data breach occurrence in 2007 was more than $6.3 million per breach, including disruption or loss of business, and over one quarter of frauds exceeded $1 million. This model assumes the po-tential loss due a data breach or fraud occurring once in the three-year span would be $1 million for an SMB and $15 million for a large enterprise, but due to proac-tive case management the actual loss incurred was held to $250,000 at an SMB and $5,000,000 at a large organization. Thus the total savings through cost contain-ment would be $750,000 at the SMB and $10,000,000 at the large organization.



Cost Avoidance – Years 1-3 Basic (SMB) Enterprise-wid e

Fraud UndetectedSavings 75%

$250,000$187,500

$1,000,000$750,000

Data Breach Prevented $50,000 $1,700,000

Total Savings $237,500 $2,450,000


Cost Avoidance – Years 1-3 Basic (SMB) Enterprise-wid e

Fraud UndetectedSavings 75%

$250,000$187,500

$1,000,000$750,000

Data Breach Prevented $50,000 $1,700,000

Total Savings $237,500 $2,450,000


CALCULATING ROI In Figure 8, we combine the savings from all three categories – time savings, cost avoidance, cost containment – and measure the total savings against the total costs for the three-year period.

Figure 8: Return on Investment (ROI = Savings / Costs * 100)

Total savings for the basic implementation at an SMB would be $1,007,500 and for the enterprise-wide implementation at a large organization would be $12,700,000.

The total costs for the SMB of $77,000 and for the large organization of $1,000,000 are divided into the total savings and then multiplied by 100 to yield the ROI percentage. ROI for the SMB would be 1308 percent, and for the large organization 1270 percent, in either case a return of approximately thirteen times the costs of the proactive case management solution.

Of course, the ROI model here may be adapted to other cost and savings assump-tions. As noted above, we have focused our ROI analysis on data breach and fraud as sources of savings. It should be noted that other sources of savings are possible by avoiding or containing shrinkage, theft, discriminatory lawsuits, product liabil-ity and other class actions, and physical damages to property and equipment through negligence or sabotage. And it is also possible to utilize different sets of cost assumptions, tailored to a specific organization, which may include the use of an on-premise solution with its associated capital outlays — and the ongoing per-sonnel costs to maintain the solution.

To adapt the ROI model to an on-premise solution, estimate the 3-year outlays in terms of acquisition and ongoing costs, and apply those to the calculated cost sav-ings. On both the cost and benefits sides, this model may be adapted to meet the specific needs of any organization implementing proactive case management.



Savings Years 1-3 Basic (SMB) Enterprise-wide

Time Savings $20,000 $250,000

Cost Avoidance $237,000 $2,450,000

Cost Containment $750,000 $10,000,000

Total Savings $1,007,500 $12,700,000

Costs Years 1-3 Basic (SMB) Enterprise-wide

Year 1 $37,000 $400,000

Year 2 $20,000 $300,000

Year 3 $20,000 $300,000

Total Costs $77,000 $1,000,000

ROI Basic (SMB) Enterprise-wide

Savings/Costs 13.08 12.7

X 100 1308% 1270%


SAAS SAVINGS Significant savings accrue from using SaaS rather than an on-premise solution for proactive case management. These savings derive from avoiding upfront capital costs, as well from a reduced need for IT personnel (see Figure 9 below).

Figure 9: SaaS ROI

Traditional, on-premise solutions can require longer and more costly periods before generating returns, typically a year or more. There are also recurring fees and ongo-ing personnel costs to raise the baseline cost of implementation. In the SaaS model on the right in Figure 9 above, the SaaS advantages are apparent -- a “zero-to-low” upfront investment, more rapid deployment and, consequently, a quicker time to realizing returns from proactive case management. Figure 10 below summarizes the cost comparison between on-premise and SaaS solutions.

Figure 10: On-premise vs. SaaS Solution Costs


Source: Source: TripleTree, LLC and Saugatuck Technology Inc.

Upf

ront

In

vest

men

tU

ser

RO

I

SaaS Model in Comparison

� �

�

Source: TripleTree, LLC and Saugatuck

Use

r R

OI

Upf

ront

In

vest

men

t

Traditional Software License Model

Value

Cost

Key financial advantages in comparison to traditional software license model:1. Zero-to-low upfront investment2. Rapid deployment 3. Quicker time-to-value realization

Disadvantages of On-premise Software1. 12-18 month implementation2. High upfront software license3. Recurring annual maintenance fees4. Hardware and other infrastructure costs5. Scarce technical expertise / ongoing

personnel costs

On Demand /SaaS Solution Costs– Subscription– Premium Storage (option)

– Premium Support (option)– Implementation

– Configuration/Customization– Integration

– System Testing– User Training

– Ongoing User Support– Vendor Management

Saugatuck Insight: SaaS cuts out capital expense, sharply reduces IT costs, shifts most responsibilities for solutions to the user; costs are pay-as-you-go, based on user needs. Meanwhile, SaaS providers handle new releases, upgrades, ongoing platform and technology costs.

On Premise Software Costs– Software License (CapEx)

– Hardware/Servers (CapEx)

– Middleware (CapEx)

– Conversion Utilities (CapEx)

– Networking (CapEx)

– Storage (CapEx)

– Annual Maintenance

– Major/Minor Releases

– Implementation

– Data Conversion

– Configuration/Customization

– Integration

– System Testing

– Ongoing IT Support

– IT Training

– User Training

– Vendor Management



On-premise solutions also require significant outlays for annual maintenance, often exceeding 20 percent of software license fees, implementation and integration costs, as well as ongoing system training and support costs. With SaaS solutions, no capital expense is required, no additional costs for annual maintenance fees, and there are far fewer IT-related costs, as the SaaS provider assumes responsibility for the care-and-feeding of the SaaS solution.

THE BOTTOM L INE Netting it out, the returns from proactive case management are highly significant from a financial point of view. Today, all organizations large and small may be vulnerable to significant losses from data breach or fraud, from shrinkage, theft, discriminatory lawsuits, product liability and other class actions, and from physical damages to property and equipment through negligence or sabotage.

Hotlines are a good first step, but by themselves are insufficient; proactive case management analysis and reporting tools are critical, as are policies and procedures that evolve through experience, and protocols for response to incidents when they do occur.

Coordinating risk management across legal, HR, finance, IT, and business opera-tions requires a centralized and systematic approach – with defined roles and re-sponsibilities by organizational unit and in cooperation with a centralized risk man-agement function. Building an ethical culture requires more than just formalization of policy management and training workshops, although those are indispensible.

Proactive case management requires a sustained commitment to culture change, but will yield significant cost savings and significant ROI though time savings, cost avoidance, and cost containment. A SaaS solution for proactive case manage-ment provides superior ROI when compared to an on-premise solution due to lower upfront cost, rapid deployment, quicker time to value, no required capital expense, and overall lower IT costs with SaaS.

However, whether an on-premise or SaaS solution, proactive case management can lead to a sustainable, secure and ethical culture and provide financially-significant returns on investment.




SPONSOR PERSPECTIVE - ETHICSPOINT INC.

EthicsPoint is the global leader in hotline and case management solutions, serving over 2000 customers across more than 300 industries.

We partner with our clients to help them foster a business culture of integrity and compliance.

We help them protect their culture and reputation by automating business processes, from the reporting and identification of issues and events of misconduct, to the sub-sequent investigation, resolution and analysis of these cases.

Over 2000 organizations use our telephone hotline, web-based reporting and case management services as a critical component of their overall governance, risk and compliance efforts.


SAUGATUCK OFFERINGS AND SERVICES

Saugatuck Technology is a strategic advisor to senior

executives, information technology vendors and investors,

providing strategy consulting, subscription research and

thought-leadership programs focused on emerging

technologies, key business / IT challenges, and effective

management strategies.

STRATEGIC CONSULTING SERVICES

• Market Assessment • Strategy Validation • Opportunity Analysis • Scenario Planning • Competitive Analysis

CONTINUOUS RESEARCH SERVICES (CRS)

• Subscription access to Saugatuck’s ongoing Research Alerts, QuickTakes, Strategic Perspectives and fact-based and in-depth Research Reports

• Research agenda focuses on emerging technologies such as SaaS, Open Source and Virtualization / Utility Computing, as well as disruptive market forces and players at the business process layer

THOUGHT-LEADERSHIP PROGRAMS

• Custom research programs targeting key technology and business/IT investment decisions of CIOs, CFOs and senior business executives, delivered as research reports, position papers or executive presentations.

VALUE-ADDED SERVICES

• Competitive and market intelligence • Investment advisory services (M&A support,

venture fundraising, due diligence) • Primary and Secondary market research.

For more information about this or any other Saugatuck

Technology report or service, please reach us through the

contact information below

To learn more about Saugatuck consulting and research

offerings, go to www.saugatech.com or email

[email protected]. While there register for our compli-

mentary Research Alerts, focused on emerging and dis-

ruptive technologies, key business / IT challenges, and

effective management strategies.

Saugatuck Technology Inc.

US Headquarters:

Westport, CT 06880

+1.203.454.3900

Silicon Valley:

Santa Clara, CA

+1.408.727.9700

Germany:

Eltville, DE

+49.6123.630285

saugatuck-ethicspoint research pape-weblayout-jan2009-final

Documents

effective

proactive

key business

coordinating

professional

time employee

information

ethical culture