Datasheet
c01_1 07/08/2008 36
the assumption that SOA governance is an event or a milestone. ‘‘Once
we implement SOA governance, we’re all set.’’ SOA governance is not
an event, a ‘‘one and done’’ kind of activity. Rather, it is an ongoing,
sustained process of reviewing SOA and services on an ongoing basis.
SOA governance must be managed, evolved, measured, and tuned
based on the relative maturity and progress of SOA adoption. You must
evolve and manage your SOA governance model, processes, principles
and policies, all as you maintain alignment to the business and IT strat-
egies as well as business and IT goals. SOA governance is a process, to
be sustained and managed over time. Your initial SOA governance
model will not be your end-state SOA governance model.
&
Overly Technical Governance—Focus too Narrowly on Technical
Policies. One of the most common mistakes we see is focusing too nar-
rowly on technical service policies and run-time governance. This is a
mistake only if the other aspects of SOA governance are ignored. The
technical governance issues must be addressed; however, they must be
addressed from an overall SOA governance perspective, working top-
down from the SOA strategy and goals, and then determining what
SOA governance will help ensure realization of the SOA strategy and
goals, using metrics to track progress. The most interesting aspect of the
technical governance focus is that most of these SOA policies can be en-
forced using automation and software tools. However, the most chal-
lenging SOA policies to define and enforce are business and processes
policies, which are difficult to automate and normally require manual
enforcement via governance boards, reviews, and manual process check-
points. These are the policies that drive behavioral and cultural changes,
and thus demand the most attention and offer the most value. The body
of SOA business and process policies most directly affect the value of
SOA and an organization’s ability to capitalize on their SOA investments.
&
Substitute Governance Processes and Policies with Faith-Based Gover-
nance. The last SOA governance mistake we will discuss here is substi-
tuting a formally defined SOA governance model, processes, and
policies with kumbaya governance or what I call ‘‘faith-based gover-
nance.’’ Kumbaya governance is where an organization entrusts its
SOA governance to informal processes and personal empowerment
rather than an explicit, policy-driven, formally defined governance
model and clear, unambiguous processes. Under kumbaya SOA gover-
nance, we hold hands, believe in each other, and trust that something
good will happen. Voila!!! SOA governance happens. But optimally ef-
fective SOA governance does not and cannot happen this way. SOA
governance requires an explicit governance model with clear policies,
well-defined processes, clearly-defined roles and responsibilities, and
36 THE SOA GOVERNANCE IMPERATIVE