It would be a challenge to come up with a payback analysis to justify a unified-authentication-management investment, because there isn't necessarily a direct monetary return. Rather, what you get with stronger authentication and authentication management are:
Reduced risk that outside attackers will steal and exploit user accounts and passwords,
Assurance that users at all levels are being properly authenticated, and
Reduced likelihood that insiders will impersonate others to gain unauthorized access to resources.
Finally, note that a strong, enforced authentication policy provides the foundation for building access-control systems for internal and external users. If you'd like to attempt calculating the return on your security investment, try this:
(R-E) + T = ALE, R-ALE = ROSI
R =the cost per year to recover from an intrusion
E = the savings gained by stopping the intrusion
T = the cost of the intrusion detection tool
ALE = the Annual Loss Expectancy
ROSI = Return On Security Investment
A University of Idaho team developed the above equation to find a security investment ROI (see www.csds.uidaho.edu/director/costbenefit.pdf). While the formula is pretty straightforward, it's difficult to define "E," the savings gained by stopping the intrusion. To do that you need to figure out what your data is worth. Sometimes that is well known, sometimes not. Next, you need to figure out "R." Recovery costs too are difficult to nail down--they depend on your environment and your exposure to attack. Once "E" and "R" are determined, the rest is just arithmetic. This equation, when used properly, can be a compelling tool to sell security investments to upper management. For a more in depth look at risk assessment, check out "Risk Assessment Strategies".