Perhaps a good analogy for a service-oriented architecture is a condo or homeowner's association. The structure belongs to everyone in the organization. There is, in theory, no single owner. But, collectively, the co-owners entrust management of the enterprise to selected officers of the association, and everyone is expected to abide by their enforcement decisions.
The model works well for homeowners' associations (unless you're the one being told to take down your holiday lights) -- is this a good approach for enterprises as well?
The fact that SOA has no single owner creates a host of governance issues. I recently explored some of these issues in a podcast I hosted with special guest Ashish Mohindaroo, Oracle's Fusion Middleware Director. The podcast was conducted as part of last week's InfoWorld SOA Executive Forum, at which Ashish was a featured speaker. (Link to the podcast here at InfoWorld.)
Whereas in past enterprise projects a single department had complete control over a project, SOA breaks down departmental barriers -- and that raises new questions, Ashish says. Questions such as: Who has access rights? Who manages services? Who pays? Without answers, notes Mohindaroo, tension could emerge between departments if companies are made to play it by ear.
That's what makes governance so important, Ashish continues. Governance provides a management structure for SOA, which lacks the direct or centralized control that technology projects typically have. "The whole idea behind governance is to really define a path of how a company can start from a point project and then scale it out by breaking down the departmental barriers across the enterprise."
While Ashish believes most companies are past the point of needing to be convinced of the value of SOA, most projects are still in the early phases. That's why starting early with governance is important. Governance is more than creating a repository of available services, he says. "Governance means having a standard of service has to pass certain parameters. It has to be defined in a specific manner. It has to meet a certain service-level agreement. And it has to conform to the specifications that have been defined by this governing body within the organization." Once these standards are set, Ashish explains, "it's very easy for companies to change policies or change definitions without going back into the hard process of manually recording these policies and structures into individual Web services."
(Link to the podcast here at InfoWorld.)
Leave a comment