James, I'll throw out some comments here, from an ICA Sales Engineer standpoint. Happy to provide some additional whitepapers or case studies if desired. Generally, ICA running alongside DLP provides some significant benefits. From a perspective of security alerts, ICA utilizes UEBA capabilities to determine the "risky" incidents that are occurring and highlights those in various stack-ranked lists and scenario groupings for simple analysis. The idea is to essentially show the "needles" in the haystack without having to pore through the haystack itself. ICA also contains many OOTB reports/dashboards centered around DLP content, with the added ability to easily create ad hoc reports, metrics, and dashboard views without having to understand query languages. ICA can assist with policy tuning by monitoring areas where employees are consistently violiating policies during the course of getting their job done. Generally, remediation efforts can move from Enforce into ICA, although policy tuning efforts still occur in Enforce. It's easy to classify false positives and ICA will utilize that information to auto-classify future events.
Daryl