Professional Documents
Culture Documents
A Guide To SOA Governance: Executive Summary
A Guide To SOA Governance: Executive Summary
A Guide To SOA Governance: Executive Summary
SOA Governance
Executive Summary
SOA projects have to normally justify themselves through quantifiable results, one at a time, to
get wider internal adoption. SOA Governance could help realize the ROI by defining reliable,
quantifiable results for SOA implementations through a regular collection of metrics and
mandating changes to improvise implementation. This document describes SOA Governance
and the typical stages through which such Governance could be implemented. It briefly discusses
the types of Governance and typical Governing bodies that could be formed to deliver a
successful SOA project.
The ROI realized through SOA is a much-debated topic today. Considering the effort it takes to
build a SOA, in-terms of the people, training, tools, processes and internal discipline, benefits of
reuse would need to be realized early on, to gain confidence. Carefully planned governance could
be a critical catalyst in realizing ROI for a SOA project.
Governance is:
Governance is a tool that defines organizational roles and empowers individuals conducting these
roles. Various technical tools available in the market today help automate a certain aspect of the
governance process; however, as would be expected, Governance does involve considerable
human intervention.
IT Governance refers to a subset of the organization’s governance that deals with the
management and control of its IT systems, processes, people, IT assets, infrastructure and the
way IT processes support a business goal. IT governance forms a significant part of the
Enterprise governance – considering the horizontal IT spread in any organization.
Identify phase involves gathering business requirements & objectives, identifying the
independent business processes in design, which will be translated to achieve the business goal
– mapping the requirement to the design and breaking the design down into business processes.
Create phase concerns the creation of the identified business processes or realigning them
(through addition/modification/integration) to the business goal.
Integrate suggests creating a host environment for composite (service-oriented) applications and
their testing. This includes evaluating capacity planning, operational efficiency & performance,
integrity, security and other dependencies.
Manage & Improve phase involves the actual deployment and maintenance of the operational
system. This includes performance monitoring, service response time, problem log & fix, among
others to get the service operational. This would also involve tuning the services to achieve an
updated business design.
Understand the current IT governance, which includes all the business line procedures,
policies, principles, measures, decision roles and cultures.
Identify the processes/applications that can be reused and the overall impact of SOA
adoption.
Select the best practices for existing business models.
Create a prioritized SOA adoption plan
Involve all stakeholders for communication & suggestions.
Review and control the transition plan during the course
Implement the agreed plan
Continuously measure the implemented model and log performance & issues
Consider future regulatory needs
SOA projects typically require higher governance owing to hidden dependencies & less available
standardization. We believe that SOA Governance must be diligently implemented and treated as
a full-fledged project, rather than as an overhead.
Hence, we recommend that SOA governance principles be applied in a similar fashion to the 5
stage lifecycle as described in the ‘SOA lifecycle & processes section’ above:
1) Identify
Document the SOA benefits & prepare a business case to get an internal buy-in.
2) Create
Formulate a SOA strategy i.e. document the critical roles, responsibilities & engagement
model.
Understand the current governance structure and document the proposed structure for
SOA adoption.
Review the proposed SOA governance plan.
Layout the new policies & structures.
Identify new/modify authority roles & responsibilities.
Highlight success factors and metrics.
Identify funding model & owners.
Define a SOA centre of excellence.
Identify & approve the required SOA infrastructure during course.
3) Test
Review the plan and start a vendor engagement.
Implement the approved governance model & infrastructure.
Educate and assign the identified roles and responsibilities.
Deploy policies.
Identify any additional process/training required.
Align new roles with vendor and its engagement model.
4) Integrate
Kick-off the SOA planned initiative
Monitor the project progress.
Organize meetings and report metrics.
SOA governance can be logically divided into design time and runtime governance.
Run
Time
SOA
Design + = Governance
Time
In practice, design and run time governance overlap in several places. Following are the specific
areas to be addressed during governance:
1. Service registration
2. Service versioning
3. Service ownership
4. Service funding
5. Service monitoring
6. Service auditing
7. Service diagnostics
8. Service modeling
9. Service identification
10. Service publishing
11. Service discovery
Company Confidential - 10 -
12. Service development
13. Service consumption
14. Service provisioning
15. Service access
16. Service binding to form a composite application
1. Service maturity
2. Capacity planning
3. Performance & problem logs
4. Education & training
5. Organizational changes.
6. Service policy enforcement.
THBS recommendations
We recommend the following teams to form a governing body for a typical SOA initiative across
design time and run time:
Company Confidential - 11 -
6) SOA Funding Team
The SOA funding team will keep an eye on ROI and examine frequently the project
progress. This team will examine and recommend the project status and suggest the
financial gains or losses. SOA funding team will plan the funding proposals i.e. when and
where a central funding is required compare to separate department funding for their
exclusive services.
SOA governance does not consist of a set of rigid bureaucratic policies and procedures. It
involves regular collection of metrics and mandating changes to improvise the implementation.
Policies would change as per business and enterprise needs. Consistent waivers are regularly
identified and examined.
An example RACI matrix is as below (which of course would differ from enterprise to enterprise):
Company Confidential - 12 -
SOA Service Life Cycle Management
SOA service life cycle management is an integral part of any SOA governance.
SOA service life cycle management addresses the processes, procedures, patterns, tools, best
practices, configuration management & repositories involved. The diagram below provides an
overview of the repositories in a typical SOA project:
Service Life Cycle Management consists of an array of topics that would need to be dealt with
individually and is outside the scope of this document. Please refer to
‘THBS_SOA_Service_lifecycle_management.pdf’ for more details.
Company Confidential - 13 -
Torry Harris SOA engagement
Company Confidential - 14 -