Exec2Exec Voice
Timely, informative, insightful

  SOA Governance: A Matter for Senior Execs

SOA governance is central to running your business—not just overseeing IT.

The new IT approach

The new IT is based on a Service Oriented Architecture (SOA), where services—such as verifying a customer’s identity, or notifying manufacturing that an order has been placed—are mixed and matched on demand to create composite applications. Compared with traditional IT, which is built around monolithic applications (such as CRM software for managing customers or ERP systems for tracking suppliers), SOA is a more flexible approach. It makes it easy to change applications as the business changes, which gives you a competitive edge. And because it lets different business processes share the same services, SOA can result in attractive returns on IT investments over the long haul.

Changing apps as the business changes

Chief executives have heard a lot about SOA’s promises, but not all are familiar with SOA governance—or know why this emerging discipline matters to senior management. Designed to help companies control and manage the collection of shared services used to create composite applications, SOA governance is beginning to play a crucial role in running the business.

SOA governance deals with performance and availability issues, such as who ensures a service is available, and who makes sure the service runs fast enough. But its real promise is much bigger than that: SOA governance lets senior executives and other line-of-business managers make changes to composite applications in ways that are all but impossible with traditional IT.

Is Paypal taking too long to credit your account? Swap it out for a competing payment service. Are customers complaining that your Web package-tracking service is difficult to use? Switch to FedEx. Using the BEA’s collaborative tooling environment, WorkSpace 360, senior managers can make and implement these decisions without involving software developers. That simply can’t happen with traditional applications, where choices are hard-wired into the code.

Managing an ecosystem of shared services

As composite applications gain in size and complexity, SOA governance gains importance, too. Many of the services that composite applications depend on remain outside the direct control of the team that designed and implemented it. Some services, such as those that look up a customer’s purchase history, may be administrated from within the company, but others—services that calculate customer credit scores, for example—are provided by third-party businesses. In this scenario, how can you guarantee that the required services will function as expected? What recourse do you have if these expectations are not met? These questions are the heart of SOA governance.

Trust and governance are enabled by contract

The best way to address these issues is by establishing contracts between service provider and service consumer. Contracts should specify what, why, how and when a service is delivered, and spell out penalties to be meted out if conditions are not met. The parties involved can specify different levels of service, such as bronze, silver, and gold, if they choose to. The contract guarantees that every time the consumer invokes the service, it will respond as it should—or else.

But the critical point is that with composite SOA applications, there must be an ongoing relationship between the service consumer and the service provider. With so much at stake, financially and otherwise, it’s critical that SOA governance policies and rules are applied, administered and followed up on properly.

IT moves beyond the back office

SOA governance is ushering in a fundamental shift in how senior management interacts with IT. The older model required senior executives to do little more than pay for IT expenses. But SOA governance demands the active involvement of business executives. And that, at long last, is moving IT beyond its roots as a back-office function.

 

SOA Governance at-a-Glance

Proper SOA governance spans the following levels:

  • Corporate: Policies on business strategy, goals, and objectives
  • IT : Procedures enforcing corporate level IT policies
  • SOA : Architectural principles and standards to enable IT and business goals

* Service Lifecycle: Enforcement of SOA principles and standards throughout the life of a service

SOA Governance Goals

Key objectives for SOA governance throughout the service lifecycle include:

  • Ensuring defined business and IT objectives are met
  • Authenticating the granting of ecosystem membership to properly defined and designed services
  • Identifying owners and authority for better IT response and agility
  • Promoting service visibility
  • Supporting checks and balances (trust) across the SOA
  • Enforcing policy at run time
  • Ensuring quality of service
  • Accommodating changes in near real time as a result of governance-defined policy violations



  
     
In This Issue

Stop Downtime Before It Starts

SOA Governance: A Matter for Senior Execs

The 2007 CIO Agenda

Exec2Exec Archives

Vol. 21 — Jul 2007
Vol. 20 — Jun 2007
Vol. 19 — May 2007
Vol. 18 — Apr 2007
Vol. 17 — Mar 2007
Vol. 16 — Feb 2007
Vol. 15 — Jan 2007
 


2315 North First Street, San Jose, CA 95131 Copyright 2007 © BEA Systems, Inc. All rights reserved.



  



     Feedback