Service-oriented architecture (SOA) provides a way of aligning the business strategy and imperatives of an enterprise with its IT initiatives. Thus, SOA governance is as much about organizational issues and how people work together to achieve business goals as it is about technology.
Governance is about getting approval for changes, about power, about who wields that decision-making power and how long such decisions take, given the speed of business change. SOA can reduce the need for IT governance dramatically by reducing the incidence of decision-making. However, in order to derive this benefit, your enterprise must first adopt SOA.
|Other Articles by Marcia Gulesian|
SaaS: Financial, Legal & Negotiation Issues
IT Forecasts, Budgets and Post Audits
Yet Another Business Case For Proactive IT Capacity Planning
The SOA Evolution
SOA adoption does not provide a quick ROI, but requires strategic investments, including investments in governance and a cultural change to align IT and business. Nonetheless, according to Gartner, it is not a question of whether an SOA will supplant today’s architectures, but rather, how long it will take to complete this evolution.
A huge roadblock for many organizations wanting to adopt SOA is their current IT cost allocation models. Many companies associate project development and support costs one-for-one to the line of business or department that has authorized the project. In SOA, where the services are often shared between multiple applications and lines of business, this can mean a project participating within your SOA strategy is actually billed for everyone who comes after.
A better approach is to create a shared allocation structure for SOA application assets, and even to offset SOA development costs that may be above and beyond what stand-alone development would cost in a non-SOA way.
Because reuse benefits come only after there are multiple consumers of a service, there must be an incentive to ensure services are published and designed for reuse. Similarly, there must be incentives to promote taking advantage of existing enterprise services. This is especially difficult to accomplish when you are outsourcing projects, which is something you should actively manage.
Organizations seem to overlook governance and enforcement activities more easily when dealing with their implementation partners. This happens for many reasons. For one, the decision to outsource certain projects is often made by individual business units outside the scope of IT. Even within IT, the focus on approved vendor lists and procurement is often disconnected from internal governance processes and decision-making.
Governance and Adoption
One of the challenges of SOA is it is not implemented all at once. Rather, it is achieved through many discrete projects across both space and time. This spatial and temporal distribution of SOA projects makes governance all the more critical to SOA success. SOA governance and enforceable policies are the keys to managing conformance to the SOA across geographic and time horizons.
The spatial distribution, the proliferation of services that need to be maintained by different organizations both within and outside the enterprise, and temporal distribution, where the services themselves or their combinations change continuously as the business processes they support change, makes governance especially challenging.
On a large scale, this distribution of services across organizational boundaries can function properly and efficiently if, and only if, the services comply with requirements dictated by a service level agreement (SLA) for factors such as security, reliability, performance, cost and so on.
Identifying, specifying, creating, and then deploying enterprise-level services to achieve SOA governance is best achieved by forming a compliance office that has enterprise-wide oversight and is staffed with business analysts, software developers, and so on.
It is very easy to get caught up in the technical details of implementing an SOA plan. Fortunately, SOA governance brings the focus back to the importance of the partnership between business and technology. In the end, what matters is not technology, it’s customer adoption. End users will adopt and use SOA-based applications if they believe they create an economic benefit.
Traditional vs. Federated Governance Approaches
Traditionally, there have been two approaches to IT governance: centralized and decentralized.
In the former, the IT department retains control over development budgets and adoption of technical standards. This relationship between business and IT has at times been tense. Business wants agility to implement new strategies quickly. Requirements are handed off to IT and not only does it seem to take a long time to implement the required functionality, but often much is lost in the translation from requirements document to executable system.