Continue in 2 seconds

The Importance of SOA Governance

  • August 01 2007, 1:00am EDT
More in

Service-oriented architecture (SOA) has become the new de facto standard for designing and creating reusable business rules and logic that can be shared enterprise wide in a distributed (multiplatform) manner. Well-executed SOA implementations will bridge the wide gap between enterprise architecture and business strategy, as companies achieve a closer alignment of IT and the business and, in parallel, implement the robust reuse of existing technology and application code with unprecedented agility and cost effectiveness. However, the rapid adoption of distributed cross-platform Web services and SOA architecture fundamentals has resulted in a multitude of unmanageable complexities for IT managers and architects, many of whom are just now starting to take their first steps in untangling their SOA webs.

Without an adequate means of control, SOA can quickly lead to trouble. Because business logic is shared outside of traditional silos (organizational units, dedicated systems, etc.), the potential company-wide impact of any given piece of code (or service) becomes greatly increased. One change to a service may impact many business segments, thus, there is a pressing need to fully comprehend service interrelationships because they may (more often than not) solve multiple (though similar) business problems and contain complex domains of ownership. It is very difficult to rein in the sprawling operational complexities that are inherent in SOA and incorporate them into an enterprise architectural layer that is solid, reliable, secure and scalable. SOA governance must be introduced into all IT and corporate governance portfolios.

The failure to implement SOA governance will result in a brittle and unmanageable architecture where a distributed mess of software components that offer poor business support will flourish unchecked. For example, it is often very easy to create, invoke and consume rogue Web services; furthermore, often a very raw and undocumented SOA emerges as a result of a bunch of independent projects that were originally charted to solve mutually exclusive business problems. An enterprise that fails to realize the importance of an effective SOA governance structure - one which unequivocally aims to align IT service delivery with business strategy - may not be well positioned to greatly benefit from SOA. SOA governance creates a higher return from all SOA investments by establishing lucid communication channels, ones where effectiveness and accountability can be measured and quantified.

During the planning phase of building an SOA framework, managers must have an understanding of what is required from a holistic governance perspective and bake it into all phases of the project lifecycle. It is important for all stakeholders to understand that weak governance practices during planning and development phases will lead to projects that do not correctly serve the business or maximize/leverage current IT investments to the fullest allowable extent. As would be expected, major software vendors are now incorporating the mechanisms of SOA governance into their product suites. The availability of software/tools that help organizations model, map, monitor, manage and govern their SOA topographies and infrastructures has increased exponentially so that maximum communication and code reuse is achieved and typical architecture and business risks are mitigated. IT architects and managers can ill afford to be without a proper means of visual analysis of their SOA environments if they are to effectively promote robust code reuse, consistent performance and security, broad support for governance policies and acceptable business continuity, as well as centrally manage and guarantee that service level agreements are being fulfilled across business lines - throughout service lifecycles. Best-of-breed tools will help managers track and monitor SOA infrastructure and control the most important components of change management such as versioning and impact analysis. At the core of SOA governance is that proper care and diligence is applied to the SOA repository and registry. A registry promulgates the universe of available deployed services and the rules for their consumption and invocation. The repository will help assist in the managing of services and their associated artifacts through their full lifecycle - from planning to development to deployment. Metadata about services will capture information about service interactions and relationships as well as store important related details such as policies, procedures and milestone information. The sub-task of data governance as it relates to SOA metadata becomes critical, as it will be the primary means to managing the inventory of services (and provisioning new ones). Like other forms of metadata, information and attributes that describe services must be compiled, maintained and stored in a fashion that is consistent, secure and transparent.

General rules and guidelines that touch on important attributes and behaviors of services must be unified and codified into enforceable and well-defined policies. Currently, however, SOA governance standards are still evolving: there is not any one industry-accepted standard that attempts to cover it all - ensuring continuity of business operations, limiting SOA security exposure, managing and planning dependencies, reducing integration problems, minimizing risks and liabilities and beyond. SOA governance serves as a mechanism to facilitate solid relationships between all interested parties (service consumers and providers) and to ensure that all services are managed in compliance with a company's standards, policies and business strategies. A culture of governance in which roles, rights and responsibilities are clearly defined will make the difference between SOA success and failure. 

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access