Case Study: Defence Export Controls Reform and ICT

Enablement

Client: Department of Defence

Project: Legislative Reform and ICT Enablement for Defence Export
Controls (DEC)

Introduction
Profectus has played a pivotal role in enabling legislative reform and enhancing ICT systems for Defence Export Controls (DEC), a critical branch responsible for regulating the movement of defence-related goods, technology, and services within and outside Australia. DEC ensures compliance with export control laws and supports government, industry, education, and research in upholding Australia’s international obligations within global non-proliferation and export control regimes.

This case study outlines Profectus’ comprehensive approach to modernising DEC’s operational structure, workflows, and ICT systems to meet stringent compliance standards, improve efficiency, and enhance security.

Background
The DEC faced significant challenges following updates to the legislative framework governing Defence export controls. These changes necessitated a comprehensive overhaul of its organisational structure, workforce processes, and ICT systems. Profectus was engaged to lead and support the reform initiatives, focusing on process improvements, ICT upgrades, commercial management, and strategic communications.

Objective
To align DEC’s operations with updated legislative requirements while enhancing
operational efficiency and security. This involved:

• Modernising ICT systems for compliance and scalability.
• Reengineering workflows to improve efficiency.
• Ensuring financial and contractual compliance.
• Developing a strategic communication framework to engage stakeholders.

Approach
Profectus adopted a structured, collaborative approach to meet DEC’s objectives, covering several key areas:

Strategic Assessment and Roadmap Development:
Conducted a thorough analysis of DEC’s existing processes, workforce capabilities, ICT infrastructure, and financial frameworks.

Identified optimisation opportunities and developed a strategic roadmap to realign ICT systems and operational workflows with legislative mandates.

Prioritised scalable solutions to accommodate future changes and ensure long-term compliance.

ICT Modernisation:
Upgraded DEC’s IT environment, aligning it with new legislative requirements.

Assessed existing hardware and software, introduced advanced security measures, and transitioned data to cloud-based platforms for enhanced accessibility and scalability.

Collaborated with vendors to ensure the seamless integration of new systems while maintaining compliance with Defence’s security standards.

Process and Workflow Optimisation:
Evaluated existing workflows to identify inefficiencies, redundancies, and bottlenecks.

Designed and implemented optimised processes, leveraging digital solutions to automate tasks.

Ensured robust change management through clear documentation, stakeholder training, and open communication channels.

Commercial Management:
Oversaw budgeting, cost controls, and financial reporting to ensure fiscal viability.

Managed contract negotiations, tracked variations, and ensured all changes were documented and authorised.

Enhanced project sustainability by maintaining alignment with Defence’s fiscal policies.

Strategic Communication Framework:
Developed a strategic communication framework to foster collaboration and manage expectations among internal and external stakeholders.

Planned and executed outreach programs, working group sessions, and targeted communications to build trust and maintain transparency.

Provided regular project updates and progress reviews to keep stakeholders informed and engaged.

Training and Stakeholder Engagement:
Delivered ongoing training sessions for DEC staff and external stakeholders to ensure effective utilisation of new systems.

Co-designed ICT frameworks with Defence Industry partners, academic institutions, and government agencies to meet compliance needs.

Vendor and Partner Collaboration:
Maintained effective communication and collaboration with vendors and OEMs to meet contractual obligations.

Performed a gap analysis to align tools and processes with policy and business requirements.

Challenges

Legislative Alignment:
Adapting operational workflows and ICT systems to meet updated legislative requirements.

Resistance to Change:
Ensuring stakeholder buy-in and minimising disruption during the transformation process.

Scalability and Security:
Designing systems to support future growth while maintaining stringent security standards.

Complex Stakeholder Environment: Managing communication and collaboration among diverse stakeholder groups, including internal staff and external partners.

Achievements

Enhanced Efficiency and Compliance:
Successfully modernised DEC’s ICT infrastructure, ensuring alignment with updated legislative requirements.

Streamlined workflows and automated tasks, significantly improving operational efficiency.

Improved Communication and Stakeholder Engagement:
Fostered collaboration and trust through a robust communication framework and regular updates.

Enhanced transparency and alignment among stakeholders, enabling smoother implementation of reforms.

Sustainability and Scalability:
Transitioned data to cloud-based platforms, providing scalable solutions to accommodate future changes.

Established a foundation for ongoing process improvement and operational resilience.

Financial Integrity:
Ensured fiscal sustainability through rigorous budgeting, cost controls, and financial reporting.

Cultural and Process Improvements:
Increased organisational buy-in for continuous service improvement initiatives through effective communication and training.

Reduced operational bottlenecks and downtime through enhanced process efficiency.

Conclusion
Profectus’ instrumental role in the DEC reform project underscores its capability to deliver complex, high-impact transformation initiatives. By modernising ICT systems, optimising workflows, and fostering collaboration, Profectus enabled DEC to meet its legislative requirements, enhance operational efficiency, and maintain compliance with international obligations.

This case study highlights Profectus’ commitment to delivering value-driven solutions that align with Defence’s strategic objectives and operational needs, ensuring sustained success in a dynamic regulatory environment. 

Case Study: ITSM & SIAM Governance

Client: Defence Industry Security Program (DISP)

Program: DISP Transformation Project / DISP Management System Sustainment

Resources: Profectus Sustainment Process Uplift Lead

Period: February 2024 – Ongoing

Introduction
Profectus, as a minority shareholder in Curijudi Services, consistently
delivers industry-leading IT Service Management (ITSM) and Service Integration and Management (SIAM) capabilities. While Curijudi has not directly provided these capabilities, it leverages Profectus’ expertise to ensure clients receive exceptional service transformation solutions.

This case study outlines how Profectus, through its collaboration with Curijudi, has significantly uplifted DISP’s ITSM maturity, streamlined governance, and enhanced service delivery operations, ensuring alignment with DISP’s strategic objectives and operational needs.

Objective
Deliver a new service operating model aligned to the SIAM framework, uplift all
Service Design, Service Transition, and Service Operations ITIL capabilities, and provide ongoing service governance within the DISP program. Profectus aims
to assign, onboard, educate, and empower newly introduced Process Operators, Process Owners, and Policy Owners both internally and within service provider groups. Ensuring roles and responsibilities are effectively documented and operationalised while championing improvements among service management stakeholders remains a key focus.

Approach
Profectus engaged in a collaborative delivery plan with the Defence Industry
Security Branch to achieve prioritised milestones across the following categories:

SIAM Operating Model:
Assessed the maturity of the existing System Support Model Plan (SSMP) and its alignment with a newly introduced vendor.

Developed a revised hybrid Operating Model with designated roles (Policy Owner, Process Manager, Process Operators) across all ITIL functions.

Established decision and escalation pathways, defined governance, management, and operational layers, and produced educational materials with training workshops.

Process and Procedure Uplift:
Conducted an in-depth review of Service Transition and Service Operations ITIL policy, process, and procedural documentation.

Measured maturity using Profectus’ criteria aligned with the Axelos ITIL Maturity Model.

Documented recommendations, prioritised actions in collaboration with stakeholders, and tracked progress through CSI sprint cycles using a Kanban board.

Authored Process Definition Documents (PDDs) for Change & Release Management, Incident Management, Problem Management, Access Management, and more, including: Business rules, process workflows, RACI matrices, CSFs, KPIs, and SOPs.

ITSM Tool and Process Gap Analysis:
Identified efficiencies achievable through a dedicated ITSM tool.

Facilitated discussions to integrate DISB into the DSMS ITSM platform.

Performed a gap analysis to align tools with developed PDDs and policy requirements.

Critical Success Factors, Key Performance Indicators & SLAs:
Defined unique CSFs and corresponding KPIs for each ITIL capability.

Operationalised live dashboards for ongoing review and performance tracking.

Engaged with contract managers to develop realistic SLAs based on KPI trial periods and vendor performance, complemented by a Service Level Management (SLM) Process.

Governance Meetings:
Established governance forums at Strategic, Tactical, and Operational layers with clear terms of reference, agendas, and participant roles.

Introduced a centralised SIAM Governance website with dynamic Kanban boards for
action item tracking.

Achievements

Improved Role Understanding:
Clearly defined roles and responsibilities enhanced adoption of the new SIAM Operating Model.

Matured Processes:
Standardisation reduced risks and incidents, leading to fewer unplanned outages and improved operations.

Efficiencies Gained:
Automation in ITSM tools reduced manual resource expenditure.

Performance Metrics and CSI:
Educated resources leveraged performance data to drive continual service improvement (CSI).

Resource Optimisation:
Eliminated duplicate meetings and reallocated resources more effectively.

Improved Visibility:
Auditable Kanban boards improved action item progress tracking.

Risk Management:
Better risk capture and analysis allowed for informed mitigation strategies.

Change& Release Planning:
Defined approval gates and communication plans reduced deployment risks and ensured effective outage notifications.

Conclusion
Profectus’ passion for providing industry-leading ITSM through SIAM
transformation resulted in a significant increase in DISP’s ITIL maturity.
While this measurable improvement is notable, the true success lies in enhanced daily operations and service delivery effectiveness.

The revised operating model, integrating DISP and vendor services, empowered team members by clarifying accountabilities and establishing robust communication channels. This alignment ensured DISP’s strategic objectives were met while fostering a culture of continual service improvement and operational excellence.

Delivering the DISP Management System (DMS): A Case Study 

Introduction 
The Defence Industry Security Program (DISP) initiated a transformative project to modernise its application process by introducing the DISP Management System (DMS). This initiative aimed to replace outdated systems with a robust, scalable solution leveraging Microsoft PowerApps Portal and D365 CRM. Initially, Profectus was engaged to provide transition management expertise, but as the project encountered systemic challenges, Profectus took on broader responsibilities. Ultimately, Profectus moved from leading technical delivery to program delivery, overseeing not just the technical execution but the entire program, including governance, change management, and
delivery. 

Background 
The DISP application process was heavily constrained by inefficiencies and risks: 

Webform limitations: inflexible, unintuitive forms with missing fields forced applicants to input critical information into comment sections, reducing data integrity and usability. 

Spreadsheet risks: prone to corruption, lacking redundancy, and incapable of supporting real-time collaboration among case managers. 

Manual triaging: applications submitted via DISP’s email mailbox created significant bottlenecks, delays, and resource constraints. 

Recognising these inefficiencies, DISP initiated the DMS project following an external analysis that identified Microsoft PowerApps Portal and D365 CRM as the optimal solutions. However, Defence leadership quickly realised that the project lacked the structure necessary to succeed.
Defence was effectively flying blind, grappling with mounting scrutiny and
pressure from senior leadership due to: 

Lack of a schedule or firm dates: no signed-off project management plan or traceable milestones existed. Leadership was unable to provide clear timelines to senior stakeholders, causing frustration and increased scrutiny. 

Unstructured requirements: agile methods were poorly applied, resulting in shifting scopes, incomplete documentation, and no traceability matrix to connect requirements to deliverables. 

Loss of key resources: the abrupt termination of PwC’s contract left DISP without an application processing team, creating a vacuum in institutional knowledge and capacity. 

Profectus’ Role and Actions 
Profectus initially provided transition management expertise but quickly identified systemic issues requiring intervention beyond its original remit. Profectus expanded its role to become technical delivery lead and eventually assumed the position of program lead, running the entire project across technical, governance, and operational dimensions. 

Establishing control: from blind spots to clarity 
Developed a comprehensive master schedule using MS Project, detailing milestones, dependencies, and resources. This enabled Defence leadership to provide clear delivery dates and regain senior management confidence. 

Pivoted the delivery methodology to a hybrid agile-waterfall model, accommodating Defence’s need for fixed schedules and budgets while retaining agile flexibility. 

Delivered a revised schedule with clear milestones, including soft launch and initial operating capability. 

Provided regular updates to stakeholders, mitigating scrutiny and restoring trust at all levels of the organisation. 

Transition management and functional realignment 
Conducted stakeholder workshops to baseline requirements, securing sign-off to eliminate scope creep. 

Introduced a traceability matrix, linking functional requirements to product backlog
items and features in DevOps for transparency and accountability. 

Created a detailed transition into service checklist, outlining service acceptance criteria required for sustainment. 

Taking technical delivery to the next level 
Replaced ineffective sprint-based delivery with parallel task execution, improving developer productivity and reducing bottlenecks. 

Collaborated with business subject matter experts to refine user stories and establish realistic effort estimates for product backlog items. 

Partnered with KPMG to manage data migration complexities, ensuring schema alignment and synchronisation between CRM development and migration teams. 

Standardised development practices to ensure seamless integration across the portal, CRM, and data migration efforts. 

Rising to program lead: owning the entire project 
Profectus assumed full ownership of the program after DISP leadership recognised that piecemeal approaches were inadequate. In the role of program lead, Profectus’ responsibilities expanded significantly: 

Governance and leadership: established robust reporting frameworks, chaired program-wide meetings, and maintained direct engagement with Defence leadership. 

Change management: mitigated the impact of PwC’s contract termination by onboarding new resources and creating training materials, knowledge articles, and work instructions to bridge knowledge gaps. 

Stakeholder management: engaged with Defence stakeholders, vendors, and external consultants to ensure alignment across all workstreams. 

Risk mitigation: maintained a detailed risk register and escalated strategic risks to senior stakeholders, proposing actionable mitigations. 

Navigating adversity 
The sudden termination of PwC’s contract led to significant disruptions, including the loss of application processing capabilities and institutional knowledge. Profectus responded by: 

Developing contingency plans to address resource shortages and maintain continuity. 

Revising project plans to accommodate new resource onboarding timelines while minimising delays. 

Reassessing dependencies to ensure that critical deliverables aligned with the revised schedule. 

Key Challenges from the DMS Update 

Dependency management: aligning data migration, CRM development, and application processing tasks required extensive coordination. 

Leadership scrutiny: senior Defence leaders demanded firm dates and progress updates, which were previously unavailable. 

Capability gaps: the absence of organisational change and application processing teams required Profectus to build capacity from scratch while maintaining delivery momentum. 

Outcomes and Deliverables 

Operational success 
Delivered initial operating capability, achieving project objectives on time with only one minor UI defect. 

Replaced manual triaging processes with a fully integrated PowerApps Portal and D365 CRM system, significantly improving efficiency and data integrity. 

Strategic benefits 
Enhanced SME engagement: simplified DISP accreditation processes allowed greater participation from SMEs, fostering a more competitive and inclusive Defence marketplace. 

Scalability and resilience: the modernised platform introduced redundancy and scalability, enabling DISP to adapt to future demands. 

Knowledge transfer: Profectus provided comprehensive training and documentation, equipping DISP staff to sustain and improve the system independently. 

Quantifiable outcomes 
Firm timelines: delivered fixed schedules that Defence leadership could confidently communicate to stakeholders. 

Improved productivity: parallel task execution and streamlined workflows accelerated delivery and reduced bottlenecks. 

Minimal defects: only one minor issue identified at initial operating capability, reflecting the robustness of the delivered solution. 

Conclusion 
Profectus’ ability to step into a leadership role, first as technical delivery lead and ultimately as program lead, was instrumental in the success of the DISP Management System. By restoring structure, transparency,
and confidence to Defence leadership, Profectus ensured the program overcame
significant challenges to deliver a transformational solution. 

This case study demonstrates Profectus’ expertise in managing complex, high-pressure ICT projects, reinforcing its reputation as a trusted partner for the Australian Government. Profectus continues to set the standard for innovation, efficiency, and inclusion in Defence’s most critical
operations. 

 

Case Study: HQJOC IT Service Management and Operational Support

Client: Department of Defence

Project: Personnel Services and ICT Support for Joint Collective Training Branch (JCTB) and HQJOC J7

Introduction
HQJOC J7 is responsible for delivering high-quality, innovative, timely, and focused live, virtual, and constructive joint collective training to ensure that directed Australian Defence Force (ADF) elements are prepared to achieve success. Profectus provides a broad range of critical services which include, IT Service Management, ICT infrastructure management, skilled personnel eployment, operational support for high-profile training exercises, and continuous improvement initiatives. By integrating technical expertise with strategic service delivery, Profectus ensures the success of complex training environments and operational readiness for HQJOC J7. This case study outlines Profectus’ multifaceted approach, actions, and results in supporting HQJOC J7’s diverse operational objectives.

Background
The Joint Collective Training Branch (JCTB) within HQJOC J7 ensures that ADF elements are prepared for operations through simulation-based training exercises. Major exercises like VITAL PROSPECT test operational command and control in complex conflict scenarios. These activities demand robust ICT infrastructure, skilled personnel, seamless service delivery, and comprehensive ITSM support to meet Defence’s operational requirements.

Profectus sustains these environments by providing skilled personnel and managing ITSM processes critical to mission success. Contributions include:

Supporting more than 20 annual simulation exercises, including high-profile operations such as Exercise Vital Prospect.

Delivering ITSM, logistics, and service coordination for complex, multi-vendor environments.

Ensuring compliance with Defence’s stringent ITIL-aligned frameworks and security standards.

Challenges

Operational Complexity:
Managing ICT infrastructure to support live and simulated training environments in multi-national scenarios while integrating multiple vendors and stakeholders within a cohesive service management framework.

Stringent Criteria:
Ensuring all personnel meet Defence’s high standards for qualifications, security, and technical capability while adhering to stringent SLAs for incident resolution, change management, and operational performance.

Dynamic Demands:
Adapting ICT systems and personnel capabilities to evolving Defence standards and exercise requirements.

Service Continuity:
Maintaining operational readiness and ICT infrastructure under high-intensity conditions.

Continuous Improvement:
Innovating and optimising service delivery to meet the dynamic demands of ADF training exercises while maintaining compliance
with security protocols against the ISM, DSPF, and PSPF.

Approach
Profectus’ strategy to support HQJOC J7’s ICT and ITSM needs is built on three
core pillars:

ITIL-Aligned ITSM Processes:
Implementing robust incident, problem, and change management processes tailored to Defence’s operational environment.

Developing SOPs and knowledge bases to standardise ITSM practices across JCTB and HQJOC J7.

Establishing escalation protocols and workflows to minimise service disruptions.

Skilled ICT Personnel Deployment:
Recruiting and deploying personnel with qualifications such as ITIL, PRINCE2, Cisco (CCNA/CCNP), VMware, Red Hat, and ServiceNow.

Conducting ongoing training to align team skills with Defence’s operational objectives.

Applying rigorous recruitment standards to ensure alignment with Defence’s cultural and operational needs.

Infrastructure Management and Continual Improvement:
Configuring and maintaining HQJOC J7’s ICT infrastructure, including networks, storage, and systems.

Utilising technologies such as Cisco IOS, NetApp storage, and VMware for virtualisation.

Performing rigorous testing, including network load testing, security vulnerability assessments, and application compatibility checks.

Conducting post-exercise reviews to identify lessons learned and implement improvements.

Leveraging data-driven insights to enhance service delivery, efficiency, and SLA compliance.

Introducing automation tools to streamline ticket management and reporting.

Actions
Profectus executed the following actions to support HQJOC J7’s ICT and ITSM requirements:

Infrastructure Setup and Maintenance:
Managed network configurations, device deployments, and firewall settings to ensure secure and reliable connectivity.

Provided robust Role-Based Access Control (RBAC) protocols to enhance security and operational efficiency.

Exercise Support:
Delivered ongoing infrastructure development and deployment to meet the multi-national requirements of exercises like VP.

Conducted continuous monitoring and real-time adjustments to maintain performance during high-stress scenarios.

Quality Assurance and Documentation:
Performed automated and manual testing to validate infrastructure readiness.

Developed detailed documentation covering configurations, access levels, and
troubleshooting steps.

Operational Support:
Managed ticketing systems (transitioning from JIRA to ServiceNow) for incident, change, and request management.

Participated in Change Advisory Board (CAB) meetings to align modifications with
Defence’s standards.

Workforce Development:
Ensured personnel met or exceeded Defence’s certification requirements.

Focused on upskilling, performance management, and continuous improvement to maintain alignment with Defence standards.

Results

Enhanced Operational Readiness:
Supported all training exercises and Event Functional Tests (EFTs) with consistent success over 24 months.

Delivered seamless ICT functionality for exercises, enabling secure coalition command and control operations.

Security and Compliance:
Implemented RBAC protocols and rigorous change management processes, enhancing security and system integrity.

Maintained 100% compliance with Defence’s stringent standards and SLAs.

Continuous Improvement:
Conducted post-exercise reviews to identify improvements and adapt ICT infrastructure to evolving needs.

Built a comprehensive knowledge base to support continuity, training, and compliance.

Stakeholder Trust:
Established strong relationships with Defence stakeholders by delivering transparent performance reports and proactive service management.

Conclusion
Through its skilled personnel, robust ICT infrastructure management, and ITSM processes, Profectus has enabled HQJOC J7 to achieve operational readiness and efficiency across all training exercises. Profectus’ commitment to quality, compliance, and continuous improvement has reinforced Defence’s confidence in their capabilities.

The successful delivery of Exercise VITAL PROSPECT highlighted Profectus’ technical and operational expertise, solidifying its
role as a trusted partner for HQJOC J7 and the Department of Defence.