The defence sector is one of the silent innovators around software, hardware and new processes. However, because of the importance of what each organisation does and the levels of secrecy that have to be maintained, this is not often heard outside those select groups. At the same time, spending on defence projects is coming down as UK public finances continue to be stretched. A report by RUSI on defence budgets estimated that around £1.1 billion of savings may have to be found over the next few years as part of the overall £10 billion savings target.

Because of the complexity of its requirements, defence is not an industry that is considered to innovate around its IT processes. Yet this is exactly what the defence sector in general is currently looking to achieve. The problem is that defence projects have time-scales in the decades to consider, rather than months. The sheer mix of different platforms is huge - from mainframes through to distributed systems - while the need for security and audit around every action is a necessary requirement too.

As Agile development has started to be taken up across the UK government through UK.GOV, the defence industry is also evaluating how to become more agile in general to avoid waste and reduce costs while retaining processes and security. One approach that organisations have used to cut costs is by using commercial off-the-shelf (COTS) software rather than creating their own bespoke solutions from scratch for each and every requirement.

For providers into the defence sector, this use of COTS represents a real change to their approach as well as for the defence organisations themselves. However, this does not represent a wholesale shift to COTS but a combination of different technologies in order to achieve the same or better results. The strategic thinking and emphasis has moved from the technical layer to the process that the software supports.

By thinking about processes rather than projects, defence organisations can concentrate on the results that they need to achieve rather than the individual solutions that are used to get there. Even if the project is valued at millions of spend, the ability to see things through as processes rather than being linked into specific islands of tech is a huge leap.

The second benefit from looking at process instead of projects is that it encourages organisations to view their tech investments as components than can be used or removed as they are required rather than the end result. If a new technology can deliver the same result at the same level of security, then the process-led approach can accommodate a change being made without affecting the results that are delivered.

This works both ways: for organisations faced with either developing their own software to fulfil a need or going out to tender, the emphasis will be on meeting the overall business requirement. However, by looking at process rather than the technology itself, this discourages lock-in to one approach. This change management strategy should suit defence organisations better as they can avoid the problem of being tied into specific vendors or teams of individuals to fulfil their needs. Shifting to another vendor or bringing a project back in-house can be achieved more easily as the process can run in parallel, rather than being a jump from one to another.

It goes without saying that data security is paramount for defence organisations. Becoming more agile often means greater visibility of processes and information for IT stakeholders. This sharing of data around results being achieved has to be kept as secure as is required. However, this should not discount information sharing and agile being taken up. Instead, checking through all the outcomes that could exist around events and processes from a security perspective should be at the heart of all decisions made. Working effectively with both internal and external stakeholders that are part of the defence supply chain is becoming increasingly important. With an increased focus on collaboration, there is a greater need for efficient processes coupled with governance and appropriate security of what information is shared.

Similarly, delivering a full audit trail around all changes and requests will demonstrate that all activities went through the appropriate levels of security and scrutiny - whether this was a change request for a new desktop to be provisioned all the way up to new software code being written and installed on an aircraft.

Looking to the future, IT will continue to grow its role within delivering defence requirements. However, the approach to these projects will focus less on building up significant IT edifices that have to stand the test of time, and more into creating processes that deliver the same results. By taking a page from the IT service rule-book and looking at the process and the people, defence IT will be able to reduce the costs of delivery and meet its security and audit requirements.

Mark Slater is regional director for the UK and Ireland at Serena Software