Measuring value of risk mitigation
Anyone have examples of how you measure product value of something whose primary feature is risk mitigation. For example, if you've had insurance for 5 years, but don't have any claims, how is your vendor supposed to prove and report on the value you have received. They are essentially re-selling every renewal.
Our product are in the information governance space, so intended to reduce risk and ensure policy compliance. The challenge is that in most cases it is very difficult to quantify value to our customers.
Thought? If you'd be up for a brief discussion, message me directly.
Comments
-
Are your customer's executive teams willing to underwrite the greater risk of operating the business without your product, particularly if their business operates in a space where they have contractual obligations or regulatory standards that must be maintained and regularly certified?
Have you had any success working with stakeholder champions or design partner customers to help you quantify ROI? Especially if any current customers have been impacted (prior to using your product) by the circumstances that your product is designed to mitigate or remediate. Is there a form of monitoring your product provides that demonstrates compliance or efficiency gains that you can use to regularly reinforce value realization?
I've had some success creating a set of counterfactuals. Let's play out a likely scenario and ask what would the impact be on the brand and business if____were to occur. Discussing a set of facts that may be true under different circumstances can be illuminating where the ROI may seem an unattractive or low priority at first.
If the resources are available perhaps partnering with a well-known firm that provides cybersecurity or IT consulting would be helpful in calculating potential cost savings, risk reduction, or efficiency gains that can result from using your product vs manual effort.
Try using industry benchmarks to demonstrate how your product creates alignment with regulatory standards and industry norms or enables compliance with specific regulations or frameworks like GDPR, HIPAA, ISO 27001. Large enterprise buyers from the CIO/CISO suite may be willing to share insight from relevant build vs buy work their team has done.
Happy to chat anytime, Rich!
1 -
This really stood out: Try using industry benchmarks to demonstrate how your product creates alignment with regulatory standards and industry norms or enables compliance with specific regulations or frameworks like GDPR, HIPAA, ISO 27001. Thanks!
1
Categories
- All Categories
- 180 GGR Information
- 155 GGR Cafe
- 19 Welcome to the Community
- 6 Badge and Rank Program
- 185 Specialized Groups
- 19 Future Customer Success Professionals
- 772 CS Conversations
- 190 CS Conversations
- 32 CS Operations Conversations
- 270 CS Org Conversations
- 29 Industry Insights
- 192 Strategy & Planning
- 59 Customer Journey
- 712 Technology and Metrics
- 275 Digital CS (Engagement Programs)
- 200 CS Technology
- 237 Metrics & Analytics
- 17 Value Realization