Microsoft SOA Governance

Last session for me today at Microsoft SOA and BP Conference was on flexible SOA Governance. Frank Martinez from SOA Software was presenting this topic with his software portfolio. So this was a kind of product session. His company is a Microsoft Partner and has products in

- SOA Governance
- SOA Policy Management
- SOA Security
- SOA Mediation
- SOA Management

And has customers like jetBlue, Verizon, Amgen, Thomson, Ford, and Ingram Micro…

Ok so here are some blurts from his session.

SOA Goals
- Reduce cost
- Increase agility to better align IT and Business
- Reduce Risk, fragility and complexity of integration by improving interoperability through standards

SOA-Driven Technical Governance Challenges

- Lifecycle related concerns
- Operations related concerns

Top 5 SOA Governance Fallacies

#5 We already have good IT and application lifecycle governance
#4 We don’t have an SOA program…therefore, we don’t need SOA governance
#3 We don’t have any services..therefore we don’t need soa governance
#2 We already have run-time SOA Management… therefore we have soa governance
#1 We already have an SOA Registry/Repository therefore, we already have soa governance

Common Inhibitors To A Successful SOA Program

No SOA Strategy, program, organization, people, policies, process, disproportionate early investment
Very little SOA based transformation, socialization and governance automation strategy

Governance Defined…The Blowhard Version

SOA Governance can be thought of as a decision right and accountability framework;
IT Governance mythologies, such as ITIL, COBIT

SOA Governance is most effective when this decision rights and accountability framework is combined with the operationalization of processes and supporting systems required to encourage the desirable ..

Enterprise Drivers for SOA Governance

SOA Governance = SOA Scalability
Balance enterprise needs

Role of sharing in SOA governance

Kindergarten lesson
Sharing is essence of collaboration
Economies of scale

Why sharing is hard

People don’t like to share
It is a behavior challenge
Not ready represented in the 7 layer of OSI stack
Not about technology…it’s about people, process and organization (layer 8,9,10)


How we make it work

Balance compromises
Emphasize sharing as the path of success
Disproportionate rewards for effective sharing and collaborations

Popular Perception of Governance

Costly and resources intensive
The governance implication is that we cannot be trusted to do it right
Focus on striking a balance between governance and chaos

A Framework for Effective Governance

Identify (key word)
- Goals and implications of your governance initiative
- Appropriate structures supporting your governance models
- …

Formality and Centralization

No governance
Self governance
Formal governance
Centralized
Decentralized

Manual versus automated Governance

Don’t just start with technology, also start with your goals and objectives
Start with Manual Governance
In time Automate manual governance tasks

Late-cycle versus early cycle governance

Introduce governance when it can make a difference…throughout the course of various service developments
Treat governance as a first-order concern of your enterprise SOA Program

Shared Contract Management to support late/early cycle governance (SOA Software)

Prescriptive versus collaborative governance

Don’t just assume that people are going to go along with the program, give them a reason to engage in the dialogue and process
Acknowledge and promote the fact that there are separate (but interrelated) SOA lifecycles

Policy versus process

Easier to introduce
Changes faster
Scales better

Products

  • Workbench SOA Governance

  • Service Manager SOA Management and Security



  • Takeaways

  • There is no one size fits all SOA Governance model

  • Effective SOA Governance has to address people, policy, process and technology in that order

  • Governance automation delivers economies of scale

  • Early cycle SOA Governance model can act as an accelerator for enterprise SOA goals and objectives

  • Closed-Loop policy definition, enforcement, auditing and compliance reporting is a MUST HAVE for effective governance automation


  • Technorati:

    Labels: