A business-focused approach in SOA design, governance

If you listen to industry discussion of service-oriented architecture (SOA), you are likely to get the impression that SOA is best thought of as a technical approach for application integration. The reality is that SOA is much more. According to Forrester's Q1 2011 Global Application Architecture, Design, And Portfolios - SOA And Beyond Online Survey, organisations that use SOA for strategic business transformation must be on to something because they are much more satisfied with SOA than those that do not use SOA for strategic business transformation. According to the survey, all 16 respondents who reported strategic business use of SOA are satisfied enough to expand their use of SOA. By contrast, 7 of 27 respondents without a strategic business focus with SOA are struggling or cutting back on SOA.

A business-focused approach begins with SOA business services, which embody major business units of work - transactions and queries such as submit order, retrieve customer lifetime value, or schedule production run - inside clearly-defined software interfaces that are accessible when and where needed by any employee, process, customer, or business partner.

Why is this important? Because when it's time to do business through a mobile channel; when it's time to directly connect your processes with your customers' processes; when you need business transaction insight; or with any number of other business changes, your SOA business services provide business building blocks for changing your business. By contrast, an integration-focused approach to SOA, while useful and good, provides only technical building blocks. Technical building blocks are good, but they only indirectly provide agility for ongoing business optimisation and transformation.

Survey results also reveal that SOA governance, combined with a business-focused approach to SOA, provides a solid foundation for SOA success and satisfaction. Your SOA governance initiative may start with general practices, such as architectural reviews or an SOA steering committee, and then mature to include specific governance practices and mechanisms such as the following (presented in order of Forrester - general guidance for a prioritised sequence of specific SOA design and governance mechanisms):

1. Service interface design review and approval

Forrester prioritises this first because it builds a foundation for other SOA governance practices. As the fulcrum of SOA, well-designed business service interfaces establish a strong foundation for business success with SOA. Poorly designed interfaces set you up for many challenges. Build service interface reviews into project plans whenever services are created (or updated). At review meetings, include staff members who can ensure that each SOA business service makes sense as a complete business unit of work (or technical unit of work, for SOA application services and SOA infrastructure services).

2. SOA service portfolio management

SOA business services embody your important business transactions and queries. Since you know what business you are in, you can plan for and (over time) build toward the coherent portfolio of business services that you need in order to do business (as opposed to a haphazard library built by project whims). All of our survey respondents doing SOA portfolio management were satisfied with SOA, even if they create only a "lightweight view of what services [they] eventually want." For example, one way to start is to gather five or six staff members who understand a given business domain and have the group spend an afternoon or a day answering the question, "What are the major business transactions and queries in this business domain?" Each of these is a candidate SOA business service. To shepherd your portfolio of candidate services going forward, identify an ongoing working team to periodically review existing and candidate services within each domain.

3. Application road maps and SOA opportunity reviews

Although sometimes you can prove SOA value within the context of a single project (e.g., a multichannel solution in which more than one user interface accesses the same functions), SOA more commonly delivers value across a portfolio of projects. Understanding your application road map provides a foundation for identifying how each project will contribute to your overall progress toward SOA maturity. Building an SOA opportunity review into your project planning, wherein SOA-qualified staff identify how (and how much) SOA to use on each project, can ensure that a strong architecture is built into your projects from the start, before the project budget is set.

4. SOA management as input to business insight

Because SOA business services embody business transactions, the data flowing in and out of your business services is interesting business data from which businesspeople may be able to gain important insights. As a business-focused addition to your SOA efforts, you can keep asking the question, "Would it be valuable for businesspeople to understand something from the flow of data in and out of this service?" If so, SOA infrastructure can siphon off business data from your service flows and use it for business analysis. However, this is a more advanced use of SOA that takes a bit more experience and expertise with SOA than the three practices listed above, as well as greater planning and design in your use of SOA infrastructure. So, you must assess more carefully when your SOA maturity is strong enough for it.

5. SOA policy for business control

Certain types of business policy decisions touch closely on the processing that your SOA business services do. For example, a service - behavior might change according to the monetary amounts in the service request. In such cases, encoding the decision as an SOA policy can make it easier and faster for businesspeople to change the decision criteria based on changing business dynamics. However, SOA policy management is an advanced area of architecture design, and policy-based control of services is the business-focused SOA practice that takes the greatest amount of SOA experience and expertise. Forrester first published its vision for SOA policy management three years ago, knowing it would take a while to mature in the industry, and indications are that interest in SOA policy increased significantly this year over previous years. In any case, you should approach this area carefully and plan to evolve your approach over time.

Randy Heffner is a vice president and principal analyst at Forrester Research, where he serves Enterprise Architect professionals. He is a leading expert on architectures and design approaches for building enterprise applications that are secure and resilient in the face of continuous business and technology change.