I like doing things right; It's extremely satisfying when you know you've accomplished
a task successfully, and have done so in a way that will stand the test of time.
The problem is, I don't always do things right. Sometimes I don't have time
to do something right. Other times I'm not sure I know the right way to do something,
so I make up a solution as I go along. Or perhaps I simply think that this time,
there's no one watching me, so it doesn't make a difference how I do it. It
won't matter, as long as it gets done.
In the same way, there are a million ways to do SOA wrong -- and a lot fewer
ways to do it right. That's where SOA governance comes in.
SOA governance provides ways for organizations to help ensure that their SOA
environment and SOA implementations are being built and maintained correctly.
That not only are things being done, but that the right
things are being done. Consistently.
As I mentioned in my last column, SOA really isn't about technology, and it
isn't about picking which ESB is better than another ESB, or which version of
what standard to use (though all these types of questions must, of course, be
answered at some point). Rather, it's about creating a culture and a set of
processes that let an organization invest in services-oriented approaches that
will deliver real benefits.
In short, SOA is about culture, not technology. The goal of SOA is in creating
re-usable systems. Good SOA results in systems composed of services that are
and can be re-used in different systems.
However, doing SOA right requires significant changes from the way that organizations
traditionally develop, deploy and maintain applications. It requires more and
deeper collaborations across business units, IT architecture, infrastructure
managers and project teams. It requires a level of detail and strategic thought
-- even at the project and task level -- that has generally not been required
in most IT shops.
In short, there is no way to "instant SOA." Individual products or
projects can certainly move you along the path and help your organization put
some components of a good SOA strategy in place.
However, that's where SOA governance comes in. Governance might just be the
one "SOA product" that you can't do without. It's the secret sauce
that can make SOA work. So, I guess there is one at least one "SOA product"
that is absolutely essential for a successful SOA implementation. As I noted
in the last column, without governance, SOA environments will spiral into chaos.
It's not hard to see why it is so hard to control SOA environments. For one
thing, SOA is unfamiliar. For the most part, designing services is different
from the way that people have built applications in the past. Not completely
different, but different enough so that it can dramatically impact the productivity
and effectiveness of a SOA development team. For example, in the past, applications
were typically written to solve specific business problems. There may have been
components or services within those applications that would be used multiple
times, but such services or components were designed to be used outside of its
original application. It wasn't built to be re-used or leveraged into new environments
or applications or by a different line of business.
Of course, that's where technologies and approaches such as CORBA and DCOM
came in -- helping organizations build distributed-object environments that
were used across applications. However, these approaches did not reach the critical
mass of developers and did not completely replace the more traditional approaches
to application development. Even if they did, there are still subtle (and even
sometimes large) differences in the granularity of services. Defining what's
a service or what's not a service can be a very hard distinctions for even experienced
organizations to make.
Another reason it's hard to control SOA environments that, in addition to being
relatively new, many of the SOA technologies are pretty complex. We have all
different types of standards and versions of standards. We have many standards
that are still evolving and are standards in name only. It's tremendously difficult
for most organizations to stay on top of, let alone ahead, of all these changing
In addition, the very fact that SOA environments and solutions are designed
to be loosely coupled and distributed creates an even more complex environment
than many IT shops are used to. For example, the providers building SOA services
don't always know who the consumers will be. The consumers consuming SOA service
don't always know who the producers were. And no-one seems to understand the
implications of managing different version of the same service over time.
So what's the solution? In short, I believe its governance. Governance doesn't
specifically fix all of the problems and issues I've raised, but it can undoubtedly
help organizations limit the extent of such problems and help move an organization
towards a consistent, effective and efficient approach to implementing SOA.
In fact, I believe that the difference between simply implementing SOA and implementing
SOA effectively (from both a financial and capability perspective), comes down
to effective SOA governance. Putting the right governance policies in place
will help you not just do SOA, but do it right. And even though
sometimes I personally take shortcuts and don't always do things right, I would
like to think that my IT group is doing things right when it comes to SOA.
About the Author
David Kelly - With twenty years at the cutting edge of enterprise infrastructure,
David A. Kelly is ebizQ's Community Manager for Optimizing Business/IT Management. This category includes IT governance, SOA governance,and compliance, risk management, ITIL, business service management,registries and more.
As Community Manager, David will blog and podcast to keep the ebizQ
community fully informed on all the important news and breakthroughs
relevant to enterprise governance. David will also be responsible for
publishing press releases, taking briefings, and overseeing vendor
submitted feature articles to run on ebizQ. In addition, each week,
David will compile the week's most important news and views in a
newsletter emailed out to ebizQ's ever-growing Governance community.
David Kelly is ideally suited to be ebizQ's Governing the
Infrastructure Community Manager as he has been involved with
application development, project management, and product development
for over twenty years. As a technology and business analyst, David has
been researching, writing and speaking on governance-related topics
for over a decade.
David is an expert in Web services, application development, and
enterprise infrastructures. As the former Senior VP of Analyst
Services at Hurwitz Group, he has extensive experience in translating
the implications of new application development, deployment, and
management technologies into practical recommendations for enterprise
customers. He's written articles for Computerworld, Software Magazine,
the New York Times, and other publications, and spoken at conferences
such as Comdex, Software Development, and Internet World. With
expertise ranging from application development to enterprise
management to integration/B2B services to IP networking and VPNs,
Kelly can help companies profit from the diversity of a changing
ebizQ is the insiderís guide to next-generation business process management. We offer a growing collection of independent editorial articles on BPM trends, issues, challenges and solutions, all targeted to business and IT BPM professionals.
We cover BPM standards, governance, technology and continuous process improvement, as well as process discovery, modeling, simulation and optimization, among many other areas. We follow case management, decision management, business rules management, operational intelligence, complex event processing and other related topics. We closely track important trends such as the rise of social BPM, mobile BPM and BPM in the cloud. We also explore BPMís use in functional areas, such as supply chain and customer management, and in key verticals, such as financial services, health care, insurance and government.
ebizQ's other BPM-oriented content includes podcasts, webcasts, webinars, white papers, a variety of expert blogs, a lively online forum and much more.