Process disruptions, lack of reuse, escalations in help desk and field supports costs, non-compliance, information access failures and security breeches are just a few of the cataclysmic issues associated with deploying a service-oriented architecture without a corresponding governance organism, warned Jake Sorofman, vice president for product marketing at Systinet.

Governance – and the financial services industry’s over-arching need for it – was the key theme at the opening session of the Web Services/SOA on Wall Street conference in New York this week.

Sorofman painted a relatively bleak picture for companies whose enterprise leaders don’t recognize that SOA introduces complex interdependencies, which can lose the business money if it isn’t governed properly. “I think there will be visible SOA project failure in 2006 because of lack of governance. Governance is not optional, it’s imperative,” he said.

Building on the theme of the need for governance, Skip Snow, Citigroup’s enterprise architect, said that his company developed a targeted architecture that allows for the organization’s business services to operate. Citigroup governs its SOA tactically, Snow said, in order to handle the company’s generation of a billion dollars of profit approximately every eleven working days.

“Governance is the mechanism by which we make and enforce decisions in our own organization,” Snow said. “SOA allows for automated support and audibility of the decision-making process.

“Our departments and sectors want to govern in a way that is autonomous; there is no one-size-fits-all for SOA governance. One-size-fits-all would not be a good starting place for SOA in our enterprise,” he said.

Citigroup's needs for its SOA are relatively typical for the financial services industry, but the size of the company -- 300,000-plus employees worldwide -- makes it important for the SOA to be custom-built, Snow said. Citigroup has the need to create a top-down and bottom-up enterprise SOA governance model to manage the lifecycle and definitions of business services, allowing for cross-domain information sharing and transactions.

The targeted architecture that Citigroup has developed to meet these needs, Snow explained, include what he called a human process layer, which governs the enterprise by defining the portfolio, making policy, approving change, resolving conflict and managing risk. Other architectural layers that Snow said were important were the governance information services layer and the business services layer, which includes management of such responsibilities as document management, an orchestration engine and registry services, project management, identity and entitlement management.