Sunday, January 18, 2009

SOA Governance

As we all know SOA is about business and SOA is about technology. A business oriented SOA (organization of well defined and autonomous business service units) needs a technology oriented SOA (modular standards based composition of functional autonomous software components) to support optimal continuity of the service delivery in an ever changing context. Whew…!

What is less commonly recognized is that a technology oriented SOA can also serve business continuity if the business itself is not service oriented. So starting with a technology oriented SOA in an organization that is not explicitly organized in a service oriented way (which I think is still common practice at the deeper levels than just the surface of most organizations today) is not a bad idea.

This being said most of us, clever architects, will agree that without a solid governance SOA will fail at the business level as well as at the technology level. From an IT-perspective SOA is not as much as another way of doing things we used to do, but it is much more an additional layer on the things we already used to do; doing things “SOA” adds an extra dimension to doing things as we are used to in the past decades. We still design, build and test software, we still implement user requirements, we still manage configurations, we still release versions, and we still organize and manage projects. With SOA we add additional requirements to the design, construction and deployment of software in the IT-realm. These requirements significantly broaden stakeholders’ involvement. That is why current development policies and processes need an additional governance layer on top of the current IT-governance to guide the design, construction and deployment of these additional requirements.

But how do you define and implement such an SOA governance layer? Who else but fellow blogger Todd Biske could give us a sound answer to this question. He has written a book on his ideas of SOA governance and states that SOA governance is the key to successful SOA adoption in your organization. Of course, reading a 200 page book will not put a SOA governance layer in place. But it will definitely help you evangelize the need for it in your organization. It will help you to find the answers on what, why, how, when, where and who with regard to the governance aspects of SOA.

Todd approaches SOA governance from the perspective of people, policies and processes to establish and maintain desired behavior in order to succeed in an IT-oriented SOA. Aptly illustrated around a fictive case of the enterprise architecture team of Advasco, a leading financial conglomerate, he teaches his readers the aspects of avoiding a BoS (Bunch of Services), controlling life cycles and versioning, governing design-time and run-time, establishing SOA governance at your organization (I think the hardest challenge of all), and celebrating success to help in changing behavior.

Reading this book felt like taking a hot shower. As professional architects, we all understand what Todd has written (or don’t we?). But owning one handy book of hardly 200 pages with all those thoughts structured and combined at an appropriate level of understanding feels like possessing a jewel. Thanks, Todd!

[Click the picture for details]


fsmullin said...

I recommend that you also take a look at the Information Technology Infrastructure Library (ITIL). ITIL v3 provides a great model for Portfolio Management of services as well as maintenance of a Service Catalog that feeds Service Strategy and Service Design phases of the ITIL v3 service delivery model. It does not tell you how to do it, but it recommends best practices and then leaves it to you to design a system that works best for you. Between ITIL and this book, you should be able to evolve a good governance model.

Jack van Hoof said...

Hi fsmullin,

You are right, I previously posted about it here.

fsmullin said...

Thank you! I appreciate you referring me to it.

home for sale costa rica said...

Hi, i'm really interested in this post...I want to know more about "SOA Governance".

Thats exactly what I was searching in this time...


Raju said...

Thanks for the information shared here. that was an interesting and informative. I had a good experience by participating in the Cloud Computing and SOA Conference in 2009 which is most influential Business Technology Conference covering latest innovations and trends of Cloud Computing, SOA and its technologies. I learnt lot of new technologies in Cloud Computing and SOA. And I am planning to attend 2010 edition as well. I found the information about the conference from

Ian said...

I didn't know about Todd's book.

I've just come across this post looking for the most recent information on SOA governance as it applies to Change management.

Is the book sufficiently current to deal with the requirements of the Sarbanes-Oxley act and it's latest amendements?

I guess it would be???

Help appreciated.