In a well-written, in-depth article on SOA and SOA governance in the Virtualization Journal entitled "Blending Discovery, Governance, Security, and Management in SOA," Andrew Lawlor (chief architect of Aptaria) points out why SOA governance matters:
"With power comes responsibility. The promise of Service Oriented Architecture (SOA) offers significant opportunity for service reuse and the realization of a fully integrated enterprise. But left unchecked, the flexibility enabled by an SOA will result in a Wild Wild West of enterprise IT. To properly harness the power of SOA while delivering value for the enterprise, certain controls are essential. Incorporating service discovery, service security, service management, and policy governance in a ubiquitous and transparent framework is essential to the success of any enterprise SOA deployment."
One of the key points that Lawlor makes is that good SOA requires more than just a SOA infrastructure:
"Effective SOAs employ service discovery, service governance, service security, and service management in proper proportions."
In the piece, Lawlor goes on to detail the different aspects of a SOA architecture, including the Publish-Find-Bind notion that underlies the loose coupling of services and allows services to be coupled from providers. Of course, managing that effectively requires additional layers of control (hence the importance of the management and governance aspects).
Lawlor goes on to discuss aspects of "Publish-Time" (or change time) governance, which helps manage the services as they're published (logically) to ensure adequate quality and conformance to standards.
Of course, once a service is published and running, there's a whole range of run-time governance or management aspects to take care of, including security, management, and runtime governance enforcement.
It's a great article to dig into.