Jump to content

SOA governance: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Modified the definition of SOA Governance as a subset of IT Governance to include a contrasting opinion that it is nothing more than IT Governance when SOA is the organising principle of IT..
Removing link(s) to "Governance Interoperability Framework": Removing links to deleted page Governance Interoperability Framework.
 
(18 intermediate revisions by 13 users not shown)
Line 1: Line 1:
{{Refimprove|date=January 2008}}
{{Refimprove|date=January 2008}}
{{Governance}}
'''SOA governance''' is a concept used for activities related to exercising control over services in a [[service-oriented architecture]] (SOA). One viewpoint is that SOA governance can be seen as a subset of [[IT governance]] which itself is a subset of [[corporate governance]]. A contrasting viewpoint, expressed by blogger Dave Oliver (<ref>http://geekswithblogs.net/SabotsShell/archive/2007/02/04/105428.aspx</ref>) and others, is that service orientation provides a broad organising principle for all aspects of IT in the company — including IT governance. Hence SOA governance is nothing but IT governance informed by SOA principles.
'''SOA Governance''' is a set of processes used for activities related to exercising control over services in a [[service-oriented architecture]] (SOA). One viewpoint, from IBM <ref>IBM SOA pages, [http://www-01.ibm.com/software/solutions/soa/gov/ Definition of SOA Governance]</ref> and others, is that SOA governance is an extension (subset) of [[IT governance]] which itself is an extension of [[corporate governance]]. The implicit assumption in this view is that services created using SOA are just one more type of IT asset in need of governance, with the corollary that SOA governance does not apply to IT assets that are "not SOA". A contrasting viewpoint, expressed by blogger Dave Oliver <ref>Dave Oliver's Blog, [http://geekswithblogs.net/SabotsShell/archive/2007/02/04/105428.aspx What is SOA Governance?]</ref> and others, is that service orientation provides a broad organising principle for all aspects of IT in an organisation — including IT governance. Hence SOA governance is nothing but IT governance informed by SOA principles.


The focus is on those resources to be leveraged for SOA to deliver value to the business. SOA requires a number of IT support processes as well as organizational processes that will also involve the business leaders. SOA needs a solid foundation that is based on standards and includes policies, contracts, and service level agreements. The business is expected to be able to use services to build and change the organization's business process quickly. To do so, a degree of granularity in the services available will be required. Consequently a SOA increases the need for [[good governance]] as it will help assign decision-making authorities, roles, and responsibilities and bring focus to the organizational capabilities needed to be successful.
The focus of SOA governance is on those resources to deliver value to the business.<!-- what other ones are there? --> SOA systems require IT support processes as well as organizational processes that will also involve the business leaders. SOA needs a solid foundation that is based on standards and includes policies, contracts, and service level agreements. The IT community is expected to use services to quickly automate new and changing business processes. To do so, services should be produced with several design qualities, such as composability, loose-coupling, autonomy, data representation standardization. In addition, a SOA governance infrastructure should be in place to support the service delivery life-cycle, which includes a registry of services to enable service discovery. Consequently, SOA increases the need for [[good governance]] as it will help assign decision-making authorities, roles, and responsibilities and bring focus to the organizational capabilities needed to be successful.


== Definition ==
== Definition ==
Line 13: Line 14:


To quote Anne Thomas Manes again: “SOA is about behavior, not something you build or buy. You have to change behavior to make it effective.”
To quote Anne Thomas Manes again: “SOA is about behavior, not something you build or buy. You have to change behavior to make it effective.”
<ref>Philip J. Windley, [http://akamai.infoworld.com/pdf/special_report/2006/04SRsoagov.pdf SOA Governance: Rules of the Game], InfoWorld.com, 23 January 2006</ref>
<ref>Philip J. Windley, [http://akamai.infoworld.com/pdf/special_report/2006/04SRsoagov.pdf SOA Governance: Rules of the Game] {{webarchive|url=https://web.archive.org/web/20080724200254/http://akamai.infoworld.com/pdf/special_report/2006/04SRsoagov.pdf |date=2008-07-24 }}, InfoWorld.com, 23 January 2006</ref>


[[Gartner]] defines SOA Governance as “Ensuring and validating that assets and artifacts within the architecture are acting as expected and maintaining a certain level of quality.” <ref>Gartner, Magic Quadrant for SOA Governance, 2007</ref>
[[Gartner]] defines SOA Governance as “Ensuring and validating that assets and artifacts within the architecture are acting as expected and maintaining a certain level of quality.” <ref>Gartner, Magic Quadrant for SOA Governance, 2007</ref>
Line 19: Line 20:
[[ISO 38500]] describes a framework with six guiding principles for corporate governance of information technology and a model for directors to govern IT with three main tasks: evaluate, direct and control. ISO 38500 differentiates between "Governance", "Management" and "Control".
[[ISO 38500]] describes a framework with six guiding principles for corporate governance of information technology and a model for directors to govern IT with three main tasks: evaluate, direct and control. ISO 38500 differentiates between "Governance", "Management" and "Control".


== Scope of SOA governance ==
== Scope ==
Some typical governance issues that are likely to emerge in a SOA are:
Some typical governance issues that are likely to emerge in a SOA are:
* ''Delivering value to the stakeholders'': investments are expected to return a benefit to the stakeholders - this is equally true for SOA.
* ''Delivering value to the stakeholders'': investments are expected to return a benefit to the stakeholders - this is equally true for SOA.
* ''Compliance to standards or laws'': IT systems require auditing to prove their compliance to regulations like the [[Sarbanes–Oxley Act]]. In a SOA, service behavior is often unknown.
* ''Compliance to standards or laws'': IT systems require auditing to prove their compliance to regulations like the [[Sarbanes–Oxley Act]]. In a SOA, service behavior is often unknown.
* ''Change management'': changing a service often has unforeseen consequences as the service consumers are unknown to the service providers. This makes an impact analysis for changing a service more difficult than usual.
* ''Change management'': changing a service often has [[unforeseen consequence]]s as the service consumers are unknown to the service providers. This makes an impact analysis for changing a service more difficult than usual.
* ''Ensuring quality of services'': The flexibility of SOA to add new services requires extra attention for the quality of these services. This concerns both the quality of design and the quality of service. As services often call upon other services, one malfunctioning service can cause damage in many applications.
* ''Ensuring quality of services'': The flexibility of SOA to add new services requires extra attention for the quality of these services. This concerns both the quality of design and the quality of service. As services often call upon other services, one malfunctioning service can cause damage in many applications.
Some key activities that are often mentioned as being part of SOA governance are:
Some key activities that are often mentioned as being part of SOA governance are:
Line 31: Line 32:
* Monitoring performance of services: because of service composition, the consequences of service downtime or underperformance can be severe. By monitoring service performance and availability, action can be taken instantly when a problem occurs.
* Monitoring performance of services: because of service composition, the consequences of service downtime or underperformance can be severe. By monitoring service performance and availability, action can be taken instantly when a problem occurs.
* Managing how and by whom services are used<ref>Wohl Associates, SOA Governance An IBM White Paper, October 2006 (http://www-01.ibm.com/software/solutions/soa/Amy_Wohl_SOA_Governance_Analyst_White_Paper.pdf)</ref>
* Managing how and by whom services are used<ref>Wohl Associates, SOA Governance An IBM White Paper, October 2006 (http://www-01.ibm.com/software/solutions/soa/Amy_Wohl_SOA_Governance_Analyst_White_Paper.pdf)</ref>

==See also==
*Governance Interoperability Framework


== References ==
== References ==
Line 37: Line 41:
[[Category:Service-oriented (business computing)]]
[[Category:Service-oriented (business computing)]]
[[Category:Information technology governance]]
[[Category:Information technology governance]]

[[de:SOA-Governance]]
[[es:Gobernabilidad de arquitectura orientada a servicios]]
[[zh:SOA治理]]

Latest revision as of 06:22, 10 October 2024

SOA Governance is a set of processes used for activities related to exercising control over services in a service-oriented architecture (SOA). One viewpoint, from IBM [1] and others, is that SOA governance is an extension (subset) of IT governance which itself is an extension of corporate governance. The implicit assumption in this view is that services created using SOA are just one more type of IT asset in need of governance, with the corollary that SOA governance does not apply to IT assets that are "not SOA". A contrasting viewpoint, expressed by blogger Dave Oliver [2] and others, is that service orientation provides a broad organising principle for all aspects of IT in an organisation — including IT governance. Hence SOA governance is nothing but IT governance informed by SOA principles.

The focus of SOA governance is on those resources to deliver value to the business. SOA systems require IT support processes as well as organizational processes that will also involve the business leaders. SOA needs a solid foundation that is based on standards and includes policies, contracts, and service level agreements. The IT community is expected to use services to quickly automate new and changing business processes. To do so, services should be produced with several design qualities, such as composability, loose-coupling, autonomy, data representation standardization. In addition, a SOA governance infrastructure should be in place to support the service delivery life-cycle, which includes a registry of services to enable service discovery. Consequently, SOA increases the need for good governance as it will help assign decision-making authorities, roles, and responsibilities and bring focus to the organizational capabilities needed to be successful.

Definition

[edit]

The definitions of SOA governance agree in its purpose of exercising control, but differ in the responsibilities it should have. Some narrow definitions focus on imposing policies and monitoring services, while other definitions use a broader business-oriented perspective.

Anne Thomas Manes defines governance as: “The processes that an enterprise puts in place to ensure that things are done [...] in accordance with best practices, architectural principles, government regulations, laws, and other determining factors. SOA governance refers to the processes used to govern adoption and implementation of SOA.” [3]

The specific focus of SOA governance is on the development of services that add value to the business, effective SOA governance must cover the people, processes, and technologies involved in the entire SOA life cycle from business point of view and connectivity and reuse from IT point of view, thus aligning business with IT.

To quote Anne Thomas Manes again: “SOA is about behavior, not something you build or buy. You have to change behavior to make it effective.” [4]

Gartner defines SOA Governance as “Ensuring and validating that assets and artifacts within the architecture are acting as expected and maintaining a certain level of quality.” [5]

ISO 38500 describes a framework with six guiding principles for corporate governance of information technology and a model for directors to govern IT with three main tasks: evaluate, direct and control. ISO 38500 differentiates between "Governance", "Management" and "Control".

Scope

[edit]

Some typical governance issues that are likely to emerge in a SOA are:

  • Delivering value to the stakeholders: investments are expected to return a benefit to the stakeholders - this is equally true for SOA.
  • Compliance to standards or laws: IT systems require auditing to prove their compliance to regulations like the Sarbanes–Oxley Act. In a SOA, service behavior is often unknown.
  • Change management: changing a service often has unforeseen consequences as the service consumers are unknown to the service providers. This makes an impact analysis for changing a service more difficult than usual.
  • Ensuring quality of services: The flexibility of SOA to add new services requires extra attention for the quality of these services. This concerns both the quality of design and the quality of service. As services often call upon other services, one malfunctioning service can cause damage in many applications.

Some key activities that are often mentioned as being part of SOA governance are:

  • Managing the portfolio of services: planning development of new services and updating current services
  • Managing the service lifecycle: meant to ensure that updates of services do not disturb current service consumers
  • Using policies to restrict behavior: rules can be created to which all services must conform, ensuring consistency of services
  • Monitoring performance of services: because of service composition, the consequences of service downtime or underperformance can be severe. By monitoring service performance and availability, action can be taken instantly when a problem occurs.
  • Managing how and by whom services are used[6]

See also

[edit]
  • Governance Interoperability Framework

References

[edit]
  1. ^ IBM SOA pages, Definition of SOA Governance
  2. ^ Dave Oliver's Blog, What is SOA Governance?
  3. ^ Anne Thomas Manes, The Elephant Has Left The Building, 1 July 2005
  4. ^ Philip J. Windley, SOA Governance: Rules of the Game Archived 2008-07-24 at the Wayback Machine, InfoWorld.com, 23 January 2006
  5. ^ Gartner, Magic Quadrant for SOA Governance, 2007
  6. ^ Wohl Associates, SOA Governance An IBM White Paper, October 2006 (http://www-01.ibm.com/software/solutions/soa/Amy_Wohl_SOA_Governance_Analyst_White_Paper.pdf)