Our Information and Communications Technology (ICT) services provide the foundation for businesses to achieve a competitive advantage by aligning ICT capabilities with strategic business goals. 

We partner with customers, leveraging technology and know-how to plan, deliver and manage highly available, reliable, maintainable and secure ICT systems.

In doing so we have developed expertise with:

  • Robotic process automation and business intelligence
  • Cyber security, service management and predictive analytics
  • Identifying and implementing best-fit technology solutions
  • Optimising technology to proactively manage and meet changing demands and conditions
  • A range of technology domains and best in class vendors.

As part of Downer's delivery of urban services, providing reliable infrastructure and systems to Australian businesses and citizens, Downer’s Defence and National Security business is focused on improving the security posture of critical assets in an increasingly complex threat environment.

Cyber security

Our cyber security approach is aligned with the System Development Life Cycle (SDLC) ensuring planning, analysis, design, implementation and maintenance are considered. Our expertise comes from an intimate understanding of the cyber security domain and how we incorporate risk management.

At every step of the SDLC is the assessment of risk which considers likelihood, consequence and the effectiveness of controls to achieve a desired residual risk. This ensures the planning, requirements, designs, testing and operations are focused on priorities and there is an ongoing review of security controls against existing and future architectures and changes to the threat environment.

Strategy and planning services

An overarching approach to building and maintaining secure capabilities is essential and includes:

  • Security strategy
  • Security concept development
  • Security management planning.

Architecture and design

Our architecture and design services ensure capability designs meet security objectives. This includes incorporating controls from security standards and developing security policies and procedures to ensure the operation is secure. Areas of focus include:

  • Security requirements
  • Security architecture
  • Security design and integration
  • Security policies and procedures
  • Security compliance review.

Implementation and deployment

Our implementation and deployment services ensure the capability is built securely and is independently verified against the relevant standards. Key activities include:

  • Security testing
  • Security certification and accreditation
  • Security training.

Operation and sustainment

Our operation and sustainment services ensure the system is secure throughout its day-to-day operations, with an ongoing focus to ensure that it remains that way. This includes ongoing assurance to validate that core security functions are maintained.

Crisis management

Crisis Management Capability (CMC) development ensures business resilience in the event of a crisis through a coordinated approach to achieve resolution. Effective CMC requires leadership, communications, policies, reporting and procedures for any foreseeable urgency.