The BEST way to justify the implementation of a single sign-on (SSO) product is to use:
A.
return on investment (ROD.
B.
a vulnerability assessment.
C.
annual loss expectancy (ALE).
D.
a business case.
Explanation:
A business case shows both direct and indirect benefits, along with the investment required and
the expected returns, thus making it useful to present to senior management. Return on
investment (ROD would only provide the costs needed to preclude specific risks, and would not
provide other indirect benefits such as process improvement and learning. A vulnerability
assessment is more technical in nature and would only identify and assess the vulnerabilities. This
would also not provide insights on indirect benefits. Annual loss expectancy (ALE) would not
weigh the advantages of implementing single sign-on (SSO) in comparison to the cost of
implementation.