Certificate Authentication

What is SOA Governance?

• Compliance to standards or laws
• Change management
• Ensuring quality of services
• Managing the portfolio of services
• Managing the service lifecycle
• Using policies to restrict behavior
• Monitoring performance of services

The SOA Governance issue

• Governance appearing as SOA initiatives
• A dynamic environment for services to interact
• Encouraging the reuse of services
• Controlling how services interact with each other
• The long-term ROI and manageability

Governance questions

• Where they start on the governance ladder?
• Governance as core feature of any SOA initiative
• Establishing a timeline
• Personnel training and operational procedures
• Putting skills and procedures in place well ahead

SOA Governance Stages

• First: realization that governance is needed
• Second: governance improving business execution
• Third: mixing technology & changes in behavior
• Fourth: technology selection & implementation

Service Management

• Design-time perspective
• Run-time perspective
• Repository of service for reuse
• Services contained in heterogeneous platforms
• Service-virtualization for run-time management of services

Critical governance components

• Service registry service and an asset repository
• Creating a "SOA Centre of Excellence”
• Focusing on establishing SOA organizational guidelines
• The organizational maturity
• Agreed governance policies

SOA Governance tools

• Real time monitoring of events
• Failures in a BSM framework
• Service-level instrumentation
• Hooking into operational management systems
• Virtualization as enabler to separate governance/service logic
• Service virtualization managed by operational staff

Achieving governance

• Measuring the goals for governance
• The internal audit
• Automating the audit

Developing core SOA governance

• Why SOA technology stack has grown complex
• Mixing between COTS & in-house
• Justifying external consultants to help out
• Figuring out which business we are really in

Roles and responsibilities involved in SOA Governance

• Establishing a SOA Centre of Excellence
• Enterprise-wide planning and assistance in execution
• The roles of the SOA architect/governance architect
• Solving potential conflicting interests
• Ensure that governance guidelines are followed

Barriers to SOA governance

• Not realizing the need for governance
• Lack of Governance technologies
• Lack of Service virtualizations

State of good governance

• Interaction with external parties
• Managing the business rules and BRE mgmt
• Regulations for good governance
• The agreements repository
• Proactively embedding governance in the business
• Governance by action rather than by statement
• SLA monitoring to establish premium prices

Critical success factors

• Start thinking about governance early
• View governance as a moving target
• Manage policies as entities with their own lifecycles
• Choose a technology platform
• The platform should address immediate governance needs
• Future support as SOA infrastructure scales
• Enforce service level agreements

Service virtualization

• External configuration of encryption & routing
• Authentication and schema validation
• Transferring control from programmers to operational staff
• Alleviating many of the SOA core pains
• Avoiding services with internal policies
• Technology and deployment neutral services

The 'dark path' in SOA

• What if the service produces non-compliant data
• Logging, tracking and auditing
• Halting erroneous operations as they occur
• Involving corrective business processes

Final thoughts and Conclusions

• Greatest challenges with SOA
• Critical aspects of SOA governance
• Service reuse as a key benefit of SOA
• The governance of reuse
• Visibility, risk and control