My first thought
Have Microsoft detailed their policy on signing enterprise software specifically:
1) How long the process will take ?
A 24-hour turnaround would be acceptable. However I suspect there will be all sorts of hurdles to jump over that means an organisation needs to have a definite timeline to fit into migration/deployment projects.
2) Cost ?
3) Support lifecycle
because once you have Device Guard in your organisation, it would be a little unfortunate if Microsoft suddenly stopped offering to sign Enterprise software, or decided that it would charge $10,000 per executable.