Return On Investment Tool

Requirements and Usage Guide for our ROI Tool

Product Description

The Patch My PC Return On Investment Tool helps identify the products supported in the current Patch My PC catalog which are in use in your environment.


Get the ROI Tool now from

How Does it Work?

The ROI Tool scans your Configuration Manager and/or your Intune environment for application inventory. It then compares this inventory data against our latest list of Supported Products, which it downloads at run time.

User Experience

Assuming the permissions required below are satisfied, running the tool will allow the user to click on the Scan Intune or Scan ConfigMgr buttons:

The interface will update dynamically as the tool runs, showing progress as it scans all inventory. In testing the tool requires around 1 minute for every 5,000 clients.

The Your Apps tile shows the number of applications in your environment which have been found in the Patch My PC current catalog. This is the number of apps which Patch My PC could provide management of in your environment today.

The Annual Quote tile shows the list price of the license version selected, this can be Enterprise Premium (default) or Enterprise Plus.

The Annual Hours and Annual Cost savings tiles show an estimate of the impact of using Patch My PC to handle your application updates over a manual approach. The parameters used to create these estimates can be edited in the bottom right section of the tool to reflect your cost and experience.

Clicking the Request Quote or Schedule Demo buttons will take you to the Patch My PC website to complete a short form requesting one of these services. Where possible we will pass the parameters from the tool into these forms to save you some time.

What Permissions are Required?

Configuration Manager

  • Read-only Analyst

To scan Configuration Manager the tool must be run on your SMS Provider Server. By default, this will be your primary site or CAS. The account running the tool must have at least the "Read-only Analyst" role in Configuration Manager.


  • Application Administrator

  • DeviceManagementManagedDevices.Read.All

To scan Intune you must accept the application's request to read your Intune data. The account approving the request must have at least the "Application Administrator" role in azure. The Tool's access to this data will only persist for as long as you keep your session open (1 hour max).

Once the app registration is approved, subsequent executions will ask for a run-as account only. This account requires, as a minimum, Intune DeviceManagementManagedDevices.Read.All rights.

Last updated