Governance within a Smart SOA continuum

IBM has created an approach to implementing SOA over time. This Smart SOA approach is based on understanding that implementing SOA takes time. It allows businesses to start small and grow their SOA in the future.

Many customer SOA implementations demonstrate that SOA Governance is a critical success factor in achieving service reuse and agility. This article describes how governance can be accomplished in three stages that align with the Smart SOA stages.

These are the central tenets of the Smart SOA principles:

• There is a continuum of approaches, from basic to advanced, for pursuing SOA projects, allowing an organization to match its efforts to its objectives.
• All approaches mandate a commitment to simplicity and robustness, regardless of how basic or advanced they are.
• The approaches build on one another in such a manner that doing a basic project is valuable by itself, but also lays the groundwork for more-advanced deployments without having to replace the original investments.
• Any approach needs to manifest integrity in the business processes it supports — drawing from the underlying integrity of the hardware and software platform, middleware, systems infrastructure, and application design.

Overview of the Smart SOA continuum 
The Smart SOA approach is a set of guiding principles based on thousands of real-life deployments and experiences with SOA. It is not a product customers can buy, nor does it require abandoning existing, dependable investments. It is a way of leveraging the value of SOA deployments, regardless of whether a basic approach, an advanced approach, or an approach somewhere in between makes the most sense for a given business situation.

Just as the Smart SOA guiding principles progress from basic to intermediate and advanced stages, SOA governance needs to take a parallel approach of allowing customers to start with a basic level of governance to support the basic level of a Smart SOA project, and to add governance capabilities as needed to match the level of Smart SOA maturity over time.

Two fundamental aspects of effective SOA governance are required at every stage. The first involves the processes established by an organization to determine who is empowered to make certain decisions. The second includes the mechanisms and policies that are used by the organization to measure and control the way those decisions are implemented. IBM’s approach to the governance of Smart SOA projects addresses both requirements.

The stages of governance within a Smart SOA continuum 

Basic stage: Assess and establish initial SOA environment

When getting started with SOA, most businesses already have a number of both Web and non-Web services in production and being run. As a first step, companies need to find out what the current services environment looks like. This will be the starting point for moving to SOA. However, moving to SOA requires not just technical changes, but also organizational changes and training.

The focus areas for this stage are:

• Creating an inventory and gaining control of the current services. These are called rogue services in SOA, since they are not known to the SOA environment.
• Preparing the company from an organizational and training perspective by creating an initial Center of Excellence. This is a team with the business and IT SOA knowledge to assist the company staff and executives in changing to an SOA environment.
• Implementing an initial level of tracking and handling the security of services with a registry/repository. This could be as simple as a spreadsheet or, more appropriately, a registry/repository product that is easy to get started with, but has the capability to grow throughout the Smart SOA continuum.

Intermediate stage: Support key business opportunities

Once the SOA environment has been created at a foundational level, it is time to start getting increased reuse and agility value from SOA. At this intermediate stage of governance, it is important to be able to answer several key questions, such as who decides on the prioritization of services, who owns the services, and how are they funded.

The products and services developed in the first stage are still available, and additional functionality can be implemented in those products. The intent of Smart SOA and governance principles is that each phase builds upon the prior phase.

The focus areas at this stage encompass creating an end-to-end governance process, and creating the organizational and cultural change needed for long-term success of SOA.

• Expanding governance processes and policies, including both the SOA governance lifecycle process and the SOA lifecycle process.
• Enhancing cultural and organizational change and implementing it. This includes developing any organizational or cultural changes needed within both business and IT for staff to understand and buy into the SOA promise of value.
• Enabling Service Lifecycle Management tools that support service development and track governance-related activities.

SOA lifecycle and corresponding SOA Governance lifecycle 

Advanced stage: Enhance cross-organizational adoption

Finally, once a company has moved to the advanced level of a Smart SOA implementation, governance needs to expand to provide a more cross-organizational view. The initial SOA efforts tend to be focused within a vertical group such as one division of a company. As the usage of SOA expands, it becomes a more horizontal effort across the entire company. This puts additional pressure on governance to be more automated, and to allow changes and communication to happen more quickly.

The focus at this stage is on improving the overall governance environment, including making sure SOA governance is aligned with both corporate and IT governance. It means being able to create a measurement and reporting environment that works horizontally across the company. This environment must be able to handle problems as quickly and as automatically as possible.

The focus areas for this stage are:

• Enhancing and automating business/IT governance by establishing an automated SOA Policy environment, which can take business rules and turn them into policies that are applied to all services.
• Expanding infrastructure measurements and metrics to provide not just the reporting, but also the ability to report and respond quickly and automatically, if possible, based on pre-defined decision criteria.

Across all stages: End-to-end quality management

Services need to be high quality from day one when implementing SOA. Quality management is important from the start of an SOA implementation. Increasing levels of quality management will be needed at each stage of the Smart SOA continuum.

• The focus for quality management at the basic level will be on testing the current services to make sure that they have an SOA level of quality to be reusable.
• At the higher levels, once SOA is fully operational, an end-to-end view of quality is needed.

No matter where you are in your Smart SOA journey, there is a level of SOA governance that is designed to fit your requirements to achieve the SOA promise of value of service reuse and agility.