Thursday, 25 October 2012

SOA - Governance Principles

Governance is the application of controls to processes that change corporate assets, with a view to ensuring that those assets comply with (or move towards compliance with) with a set of corporate goals
Governance Needs Balance:-
Given the necessary overheads of governance, a balance needs to be struck between too much governance (which will cripple processes), and too little governance (which will result in chaos).
Governance Needs A Raison D’ĂȘtre:-
Governance only makes sense against a backdrop of well-defined drivers and goals. For example, an organisation may decide to standardise on a particular architecture, or tool set, for reasons of reduced total cost of ownership. Governance would be used to drive or direct changes to current assets in compliance with these goals.
Governance Must Be Effective:-
Effective governance will impose light-weight, thorough and widely-accepted controls around the changes being applied to those assets. Governance that is seen as pointless, or a hindrance to progress, will be resisted and ineffective.
Governance Needs A Yardstick:-
Governance needs to be applied with respect to a set of corporate goals that are defined in terms of concrete technology standards and architectural blueprints.  For example:
·         Technology registry detailing emerging, preferred, and deprecated technologies for different subject areas
·         Technology blueprints, e.g. LAN topology
·         Architecture blueprint, e.g. service, messaging, security, email, scheduling, monitoring architecture
·         Application Architecture blueprints, e.g. REST web service architecture (structure and technologies used)
Standards and blueprints have the added benefit of defining clearly and explicitly “how we do things”.

The Open Group have produced an excellent guide to SOA governance, from which the following principles have been taken:

  • SOA governance must promote the alignment of business and IT
  • Conform to organization's governance
  • An SOA Reference Architecture is required
  • Provider & consumer contracts
  • Service metadata
  • Identified governance stakeholders
  • Tailor SOA governance processes
  • Automate SOA governance processes
  • Implement funding model