Subscribe to CIO Magazine »

SOA What? Why You Need SOA Governance Framework

Without a well-thought out governance plan SOA can seem like the lawless Wild West.

Adopting services oriented architecture (SOA) in your enterprise without thinking through IT governance can cause something like the Gold Rush in the 1800s; extreme rates of growth and minimal law and order which produce unexpected outcomes.

The promise of SOA is that developers can write software code once and have that code re-used by many disparate systems for a variety of functions, thus saving time and money. Governance is a set of processes, tools, and organizational structure that allows for oversight of the IT operation and is essential for delivering on the SOA promise.

Let's say your developers create a new service to open and track a "case" whenever a customer contacts your enterprise (let's call this service the 'Open Case Process'). By the nature of SOA other developers within the organization (or sometimes across an eco-system such as government organizations) may leverage that same service for their similar processes. So a sales department may use the Open Case Process to track contacts in their sales workflow software. The billing department may use the Open Case Process to track billing disputes in their contact center software.

Without an established governance plan and policy, the original author and support organization may not even know this "use" of their software is happening. This can lead to a lawless environment where: 1.) Increased volume may cause a jump in users from hundreds to thousands overnight. Servers or networks being used for this process may not be able to handle the load; 2) Contrarily a service is created but "no one comes" to re-use it because there is no established procedure about how to communicate service availability within the enterprise; 3) Finally, it is easy for a developer to read a service definition and create a sample request message in minutes. In a SOA world, the data travels on the wire in the clear and even has tags identifying each and every data element. Ease of access to SOA services raises an important issue of security policies and SOA governance.

So without a well-thought out governance plan SOA can seem like the lawless Wild, Wild West.

The SOA Sheriff: A Governance Framework

To capture the maximum benefits of SOA while not opening up the enterprise to additional challenges, companies are adopting SOA governance frameworks.

Enforce, Set up, Deploy and Regiment is the 'mantra' for implementing a successful SOA Governance framework. The following are recommended best practices:

1) Enforce Architecture Governance a. Define SOA reference architecture b. Identify the infrastructure capabilities it will have c. Evaluate and identify vendor technologies that the SOA architecture will be built with d. Specify management, security, reliability and availability characteristics for the SOA infrastructure

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
  • How to Successfully Select an ERP System
    An Enterprise Resource Planning (ERP) system is a series of software applications that collect and compiles data from different departments to enhance collaboration and co-ordination within the business. If you’re looking to implement your first ERP system, or to upgrade from an existing system, this whitepaper offers eight simple steps for selection that will lead to long-term strategic success.
    Learn more »
  • Delphix and Pure Storage Team to Super-Charge Database Deployments
    This webcast presentation, prepared by Delphix and Pure storage, explores super-charge database deployments and how they can aid business strategy. The presentation details the main features of a new flash solution – high performance, inline data reduction, resilience and scalability, and the value of simplicity. Viewers can learn how to put an end to inefficient or delayed QA, Sharing DB environments, using DB subsets and slow environment builds.
    Learn more »
  • Top 20 Critical Security Controls - Compliance Guide
    Simply being compliant is not enough to mitigate attacks and protect critical information. Organizations can reduce chances of compromise by shifting away from a compliance-driven approach. This guide provides the Top 20 Critical Security Controls (CSCs) developed by the SANS Institute to address the need for a risk-based approach to security.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments