Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Service Oriented Architecture (SOA) Governance:


Published on

  • Be the first to comment

Service Oriented Architecture (SOA) Governance:

  1. 1. Service Oriented Architecture (SOA) Governance: Revolutionizing Business to Meet Customer Demands A Knowledge-Driven Consulting® White Paper © 2007 Hitachi Consulting Corporation 1
  2. 2. Contents Introduction to SOA...........................................................................................3 The Top 10 Challenges of Organizations Adopting SOA ...............................3 Need for SOA Governance................................................................................5 Purpose of SOA Governance ...........................................................................5 SOA Governance Best Practices and Principles ............................................6 SOA Governance Structure ..............................................................................7 SOA Governance Rules and Responsibilities.................................................7 SOA Governance Leadership Team.................................................................8 The Role of Organizational Change Management ..........................................8 Conclusion .........................................................................................................10 Next Step ............................................................................................................11 About the Authors .............................................................................................11 About Hitachi Consulting..................................................................................11 About Hitachi .....................................................................................................11 2
  3. 3. Introduction to SOA The pace at which business is conducted has increased dramatically over the past decade. A recent study indicates that the timeframes for completing certain transactions—such as airline operations and call center inquiries—have been condensed from days and hours to seconds. Because timeframes are much shorter and products and services must be introduced more quickly, innovation is critical for the survival of many companies. External and internal factors, such as compliance, changes in demand, SOA is an architectural philosophy that and budget cuts, have also put tremendous pressure on the promotes the development of applications infrastructure resources of many organizations. Customers now not as single units with tightly coupled demand instant and integrated information. They want to access data anytime, anywhere. In order to respond to changing customer needs business logic, but rather as loosely coupled and stay competitive, companies are adopting Service Oriented business services, each of which performs a Architecture (SOA). logical, discrete, business function. The need to gain market share is another important factor forcing companies to adopt SOA. For organizations to grow market share, they must determine how to integrate the customer and supplier into a complex information matrix, regardless which channel the customer taps into. All customer data must be immediately updated and internally transferred throughout the supply chain. Corporations need the ability to set strategy and align technology and processes to deliver and manage the information flow, achieving a level of agility that will enable them to more easily respond to market needs and to improve customer service with efficient and effective delivery. SOA reduces the complexity associated with integrating applications and processes by standardizing the way information technology (IT) assets are used with common components and processes. By focusing on delivery of integrated business services rather than single unit performance, SOA can provide real-time benefits to customers and stakeholders. But, SOA is not without its challenges. The Top 10 Challenges of Organizations Adopting SOA 1. Misunderstanding SOA SOA is not a magic bullet; nor is it a new idea. However, it is a way to improve service to business users and speed delivery time to market. SOA allows for more effective process change with less complexity than other approaches, as shared services streamline business processes. Unfortunately, many companies are not structured to easily adopt or implement SOA. The hype in the marketplace as to what SOA can do—the magic bullet syndrome—is not providing enough guidance for companies to capitalize on its prospects. SOA initiatives must follow a “think big, start small” approach. To effectively accomplish this, an SOA governance model is a must. SOA governance depends on integrated management to join business units and information technology together. 2. Isolated implementation of SOA Too often, service teams isolate or disconnect SOA from the work that the approach is designed to impact. A centralized team builds what they think developers should use, rather than design an approach that is both appropriate and integrated. Many companies procure software packages and embark on large SOA initiatives without defining their SOA strategy or understanding what SOA will deliver. The cross- functional integration of business processes is necessary to support a value- generating activity chain. To achieve greater effectiveness, SOA implementation teams should consider executing a demonstration approach: start small with a low risk/high value proposition, demonstrate positive results from the solution, and then replicate on a larger scale. 3
  4. 4. 3. No culture of reuse For SOA to be successful, companies must foster a culture of reuse, where developers and line managers use the same services toward a common goal. In some situations, developers do not see the value of using SOA. If they are not required to use available services, they will frequently want to build their own custom applications to use existing applications, rather than using another’s creation. Corporate culture must promote cross-functional communication to break down barriers and demonstrate the importance of SOA. Without collaboration and interaction, companies will have a difficult time realizing the full potential and reaping the benefits of SOA. 4. Lack of strategic alignment Many IT initiatives have not been fully linked to a company’s strategic goals and objectives. IT services often focus on a specific application to solve finite problems or satisfy the need of a particular business unit. The nature of the SOA approach dictates horizontal integration of business processes across business unit boundaries. To support an organization’s critical success factors, SOA must align people, process, and technology. 5. Inability to anticipate and capitalize on change It is no longer enough for business and IT to respond to change; instead they must move in lockstep to anticipate and capitalize on change. Companies are now focusing their service strategies on a business approach tied to the customer. Understanding customers—who they are, what they want, and how to sell to them— is vitally important if companies want to effectively capitalize on changes in the global marketplace. Companies must closely monitor customer preferences and profiles and quickly incorporate solutions to satisfy change throughout the company. 6. Traditional business structure is not conducive to SOA Consider how your company is structured when formulating a strategy to implement SOA. In a traditional functional organization, the design of the reporting relationships and ownership of business activities and outputs are based upon functional expertise, such as manufacturing, marketing, customer service, and order management. Individual organizational functions support each of the vertical business units of the company. However, if SOA is to be effective, a company requires a value-chain process based on contributing activities that level silos and deliver services horizontally, as well as vertically. 7. Organizational barriers For SOA to be successful, you must coordinate and align business functions with IT. Companies may be hindered by an inability or reluctance to integrate systems across departmental or functional lines. They may also discover duplication in delivery of services or conflict in policies and procedures. Other internal barriers may stem from a lack of understanding about how SOA provides benefit or applies to discrete departmental functions, as well as to overall company goals. Multi-lateral buy-in is necessary to overcome these organizational barriers and to break down silos. 8. Resistance to standardization Defining technology standards, usage guidelines and overall principles of adoption is a complex task for companies. However, a robust SOA must be scalable, manageable and reusable. To successfully implement and govern SOA, a governance model must be put in place to manage and control the lifecycle of a service from its inception to its expiration. The model also needs to protect shared services development through ownership of information and guidelines. The development community is often reluctant and resistant to this standardization, for fear of losing control or oversight in design and delivery of custom technology. 4
  5. 5. 9. Lack of integrated technology SOA is all about using open standard technology and requires technical interfaces that can be applied consistently and compatibly across business processes. By providing the guiding principles and introducing new competency standards, SOA helps companies pro-actively address the technology and vendor products that exist within the company at a granular level. This standards-based compatibility also protects shared services development and prevents or minimizes proprietary product ownership by vendors, eliminating vendor lock-in. 10. Value to the business An organization needs to consider the desired benefit(s) of SOA and engage the appropriate groups to successfully implement the approach. Services can be combined and leveraged to create new business processes that make the company more agile. In addition, organizations need to expand the scope of SOA outside IT to ensure greatest impact. IT Executives will need to clearly articulate the solution parameters (translate a highly technical approach into terms a non-technical stakeholder can understand) and benefits of SOA to their business counterpoints in order to build the business partnership that is essential to realize the full value of SOA to the organization. Need for SOA Governance A service oriented approach to governance is a must if a company is to maintain and grow market share in a marketplace where customers expect and demand speed of delivery. One of SOA’s greatest strengths is its enhanced flexibility of services. To create this increased flexibility, SOA brings together and orchestrates a host of individual parts from various locations within a company. Usually, more work products and elements are required to create SOA. This service-oriented approach spans horizontally across business functions, vertically up and down the technology stack, temporarily across the application development lifecycle, across collaborating project teams and cultures, and with vendors and other stakeholders. SOA governance helps minimize complications that may result from “SOA is a revolutionary approach extraction and integration of these parts into a single service delivery that should be adopted in an approach. It also helps set the clear terminology and standards of communication where SOA crosses traditional enterprise boundaries and evolutionary manner.” operational contexts, increasing the connection among business processes, functional capabilities, organizational entities, end users, — Sa’d Kanan, Vice President applications, and data. Hitachi Consulting It is critical to the ultimate success of any SOA implementation that strong executive sponsorship (business and IT) is actively in place throughout the transformation lifecycle. This sponsorship will force the necessary changes to align the business process, organizational design, and performance management. Due to the nature of SOA and the requirement for organizational and process alignment across the value chain, executives must understand the barriers they will face and develop a change management plan to address, and be actively involved in execution of the plan. Purpose of SOA Governance SOA governance begins with mapping corporate, business, and IT policies to identify specific SOA business services. It then defines and enforces the compliance rules and policies for managing those services, and dictates policies for services reuse, IT compliance, and security. The governance ensures simplicity and process capability based on scale. Strong organizational processes are critical to SOA success. The executive team must see SOA initiatives aligned with business goals; and strategies articulated with clearly defined project charters, requirements, and performance metrics. 5
  6. 6. SOA initiatives require an organizational structure that balances project resource requirements and operational flexibility to ensure appropriate allocation of IT and business assets. For SOA initiatives to work, business users must be willing to engage with IT governance on improving processes and integrating systems. SOA governance is only as strong as the adoption and use of clearly defined business requirements and processes by key stakeholders and user groups. Often, a reward system is implemented to encourage compliance with SOA governance. It is critical to create a set of standards and usage principles that are clear and easy to understand and then effectively communicate the organization’s expectation relative to the published standards. Access and availability to resources are two important issues that must be resolved ahead of time to increase adoption and compliance. In many cases organizations put standards and principles of use and reuse in place without making it easy for developers and business users to gain access to the resources they need to do their job. This example issue can easily be resolved by centralizing services in a services repository. Successful SOA governance occurs in several ways. SOA is often explored as a prototype at the business unit level to test the system internally and limit the investment risk. This “think big, start small” approach allows executives to measure results and prove value prior to implementation on a broader scale. SOA can also be implemented through incremental acquisition, where various business units are integrated in phases to manage the change. Either approach requires an internal champion to define, develop, and deploy SOA and demonstrate its benefits to the company months in any one role before being moved to another role or leaving the company. At the core of governance is the ability to monitor, measure, and analyze the organization’s SOA service network. Business units must be managed at the micro- level, often using service level agreements (SLAs) to determine the performance benchmark. Policy enforcement is vital to ensuring that all business units work in tandem and use a standards-based process for interoperability. For instance, applying Business Process Executive Language or Unified Modeling Language is a great way to communicate and govern, so that ultimately SOA provides business value. SOA Governance Best Practices and Principles Successful SOA governance policies have a pervasive influence on IT governance. The following four IT areas are key to defining comprehensive SOA governance strategy: • Architecture governance: the design and structure that determines the IT enterprise landscape • Business governance: how the IT enterprise supports the evolving needs of the company • Data governance: the principles that dictate how data is managed across the IT enterprise • Technical governance: the core technical standards that vendors and users must apply within the IT enterprise Within each of the key SOA governance areas, several principles need to be addressed when devising the SOA governance model: • Compliance of standards among enterprise and specific groups • Identification and categorization of business services • Service provisioning and delivery • Reuse, granularity, and modularity • Methodology used to perform SOA tracking and evaluation 6
  7. 7. Executive sponsorship is another key factor for any successful SOA governance model. Defining roles and responsibilities of the various parts of the organization also contributes to the success. SOA Governance Structure Ultimately, SOA governance should focus on aligning the business goals with technology. It is a part of an existing IT governance framework that is aligned with corporate governance principles. SOA may require greater upfront funding to build the infrastructure, or portfolio of services, necessary to compose new applications and solutions. Therefore, it is important that a solid foundation ‘architecture’ be put in place that will eventually enable the organization to build upon services that exist in its portfolio, and span business unit boundaries to achieve horizontal integration. This foundation must include a governance structure for both evaluating what business processes are service-worthy and at what level of granularity, and to establish the roles and responsibilities of how and what technology will be used to both author and publish services. If value chains are in place and investment is available, executives may choose to establish a high-level SOA approach to filter down to various business unit levels and users. However, a company officer must sponsor the initiative to demonstrate its importance to business performance. Although companies may initially look to consultancies to help them implement SOA, they should also identify the right individual within their organization to collaborate with the consultants so they build the right skills during the lifecycle. This individual should develop a holistic understanding of the strategy/vision behind the implementation effort and support the new technologies in place. Unlike other more traditional IT initiatives, SOA will more than likely require the creation of new roles and competencies within the organization. SOA Governance Rules and Responsibilities SOA governance provides companies with standards and guidelines to ensure that services are properly developed and managed. By introducing the concept of domain ownership, SOA creates a paradigm where managed sets of services share a common business context. It also produces consistent execution and delivery of SOA through a guidance framework. SOA governance also oversees change management and communication to track progress against the company’s strategic vision. Several key groups impact the successful implementation and oversight of SOA governance. Here is a brief outline of their roles and responsibilities: Governance Sponsorship and Leadership Scope and Delivery Management SOA Governance Leadership Team Line of Business Control and Owner Monitoring Business PMO Project Application Manager Owner Quality Assurance Execution and Delivery SOA Domain SOA Domain SOA Domain Team Lead Team Lead Team Lead • SOA business • SOA business • SOA business analyst analyst analyst • SOA technical • SOA technical • SOA technical analyst and analyst and … analyst and developer developer developer • Business • Business • Business Service Tester Service Tester Service Tester • … • … • … 7
  8. 8. SOA Governance Leadership Team Governance first requires a leadership team to approve and monitor SOA’s strategic direction. This group will set SOA priorities and approve technology standards. The SOA Governance Leadership Team will also arbitrate key SOA issues to enforce policies and procedures. These key responsibilities will help ensure alignment with the organization’s strategic objectives. Program Management Office (PMO) Guided by the Governance Leadership Team, the Program Management Office is responsible for the development and implementation of the SOA governance. This office allocates strategic resources—funding, personnel, infrastructure, and technical support—to sponsor SOA. The office also champions key SOA policies and procedures, and handles disputes arising from SOA project issues. The PMO has the flexibility to apply and tailor common service delivery based on size, complexity, risk, and business value. It determines IT priorities for each key SOA initiative, based on business planning and budget. With this intimate oversight, the PMO must also provide project management training, expertise, and information/direction regarding best practices to successfully deliver the SOA approach. SOA Domain Team Lead A domain often impacts several business units, and therefore requires an entity to manage the applications that supports its specific services. The domain team leader must also maintain the interfaces to its services so that other domains can access them. This team is ultimately responsible for overall direction, execution, and delivery of the SOA domain, as well as business application of the SOA services within the domain. Business Representatives These individuals share information regarding specific business requirements and identify the cross-organizational SOA business services applicable to their domain. In this way, these business representatives can help the PMO address issues or make necessary adjustments to keep SOA beneficial and sustainable. SOA Business Analyst (business process steward) Working closely with IT, the business analyst directs how services shall be implemented. The steward also identifies normal business services and translates their specific business requirements into SOA definitions. Domain SOA Technical Developer The technical developer is responsible for building and maintaining services that are consistent with business requirements. The developer also implements services consistent with guidelines and SOA principles to ensure continuity and compliance. Business Service Tester This individual or group certifies that each service conforms to the unique applications required by business. The business service tester regularly tests situations to determine how effectively the service interfaces with the business units. Each of these individuals or entities is critical to successful SOA governance. A structure that allows vertical and horizontal integration helps domains interface, streamlines management, focuses on consistent delivery of services, and demonstrates organizational value by providing the speed required to gain market share. The Role of Organizational Change Management As companies move toward SOA architecture and cross-functional, business- process orchestration across the value chain, a comprehensive organizational change management (OCM) approach is necessary. OCM aligns the people, processes, and technologies necessary to guide the creation of the future-state and eventually manage the new service oriented environment. While it may seem that SOA governance is a technical function, it truly requires organizational change. 8
  9. 9. Change occurs when companies identify and articulate a clear, new vision that is backed by management commitment, investment, and procedures to support implementation, involvement by employees and users, and measured performance. As companies plan for and undertake the transformation to an SOA-enabled environment, it is essential that change management activities are included within the implementation plans. Change management activities should, at a minimum, address the following four disciplines of change management in order to help address the organizational and people barriers the company will have to overcome to ensure the ultimate success of the initiative: 1. Leadership and stakeholder commitment Actively engaging leadership is the first step in transitioning change. Helping managers to educate employees on how to accept, adopt, and implement transition practices will result in the desired change. Companies must provide the tools and resources to help leaders, as well as individual stakeholders, transition effectively from one approach to another. 2. Organizational impact and readiness Understanding and assessing the current corporate environment will help the leadership team identify and select the most appropriate strategy for developing the infrastructure that will result in a sustainable change. The strategy should include: • Business case or well-articulated argument for the recommended change • Assessment of the organization’s readiness for change • Analysis of the organization’s track record for adopting change • Management plan (with strategy and approach) for the change • Assessment of the impact on the organization after the change • Assessment of the impact on jobs after the change 3. Communication Creating a plan that articulates the appropriate tools and messages to guide the organization through the change process must be developed on two levels. First, the company must educate stakeholders about the change. Second, it must help navigate the constituents through the change process. Development and distribution of appropriate collateral materials are critical steps in the communication cycle. 4. Training Providing the necessary instruction on the new approach and technology processes is fundamental for SOA governance. Equally important is helping stakeholders understand how to apply the skills learned to their on-the-job activities in order to sustain and evaluate change. A custom curriculum for various business units and contributing stakeholders is required for implementation, along with a knowledge transfer plan, to help turn information into action. Change management and governance are two very important components of an SOA approach. Ensuring that sponsors are on board to endorse and navigate the change process is as important as designing the appropriate system. Companies must conduct the necessary research, planning, and development prior to implementation of SOA to ensure that the proper management and measurement strategies are in place to effect positive and sustainable change. Integrating the IT and business governance functions; however, can help streamline the company and create greater efficiency for customers and user groups. 9
  10. 10. Linking SOA Requirements to OCM Best Practices and Activities Service Oriented Architecture Organizational Change Management Obtain commitment from senior leadership to operate Executive Sponsorship / Education more efficiently/effectively and to shift paradigms/think differently (process focus, information providers / brokers / consumers / etc.) Clearly articulate vision for SOA and business benefits to the Business Case for Change and Strategy Articulation / enterprise, organizations, and individuals Communication Overcome resistance to availability and sharing of Culture / Leadership and Stakeholder Involvement / information across organizational boundaries and traditionally Education / Communication “siloed” functions Educate business leaders and end users regarding SOA Organizational and Job Impact Analysis / Education / transformation requirements, process changes, and new Communication interdependencies within the SOA environment Achieve consensus on shared services, level of granularity, Leadership and Stakeholder Involvement / Communication etc. (business side and IT), and align projects Adjust organizational structures and/or relationships as Design Enabling Organization Structures and Processes / well as individual roles and responsibilities, and Education increase collaboration Establish new standards (technical, policy, data, security, etc.) Performance Metrics and Accountabilities / Education / and educate the organization Communication Ensure / enforce compliance with standards Adopt “trumps” compliance Conclusion Building a Service Oriented Architecture obviously does not happen overnight, and sustainable implementation of the approach requires significant organizational change and technical planning. The investment of time and resources, as well as the complexity of the SOA implementation may also influence companies to pilot solutions and test ROI. SOA governance ensures that performance measures can be sustained throughout the involved business units and provide optimum benefits for the organization. A strong SOA governance model should enable the organization to answer basic questions, such as: • What business processes are service-worthy? • At what level of granularity should they be abstracted? • Who can produce them? • How are they published? • How are they consumed? • When do they expire? • Why are they consumed? • Can they be used internally and externally? • With what security standards must they comply? • Who owns them? Governance enables an organization to effectively implement an SOA approach with results that will positively impact the organization’s ability to respond to external factors and integrate internal delivery systems. With SOA and the appropriate internal governance procedures, your company will have the responsiveness and speed desired for key service delivery. 10
  11. 11. Next Step Hitachi Consulting recommends that most IT organizations adopt SOA as quickly as possible, but be realistic about timelines and control expectations. Gaining control of the hype cycle as soon as possible and setting expectations are critical. Also critical is reducing risk by starting small, learning from mistakes, and building the internal skills and corporate culture you will need to ensure continued success. For more information about Hitachi Consulting’s SOA services and examples of how we have helped IT leaders and IT organizations plan, control, and move forward with their SOA strategies and initial projects, please call us today at 877.664.0010. About the Authors Sa’d Kanan, a vice president for Hitachi Consulting’s Pacific Southwest practice, provides custom development, integration and service-oriented architecture (SOA) methodology implementation. Kanan has more than 10 years of consulting experience in the areas of custom development, software development methodology, systems integration and strategic technology roadmaps for fortune 2000 companies. He has focused principally on enterprise integration and implementation, and for the past three years, has led the SOA practice for Hitachi Consulting. Joanne Page, a senior manager in Hitachi Consulting’s Pacific Southwest practice, provides business process improvement, organizational change management, and governance methodology to our custom developed/SOA implementation projects. Page has more than 10 years professional experience delivering solutions in the areas of strategy and process improvement, customer care and channel, organizational change management, and packaged/custom developed technology implementations. She has focused on product lifecycle requirements, customer data integration, and governance for the past three years. About Hitachi Consulting As Hitachi, Ltd.’s (NYSE: HIT) global consulting company, Hitachi Consulting is a recognized leader in delivering proven business and IT solutions to Global 2000 companies across many industries. We leverage decades of business process, vertical industry, and leading-edge technology experience to understand each company’s unique business needs. From business strategy development through application deployment, our consultants are committed to helping clients quickly realize measurable business value and achieve sustainable ROI. With offices in the U.S., Japan and Europe, Hitachi Consulting’s client base includes nearly 35 percent of the Fortune 100, 25 percent of the Global 100, as well as many leading mid-market companies. We offer a client-focused, collaborative approach, which integrates strategy, people, process and technology, and we transfer knowledge throughout each engagement. For more information, call 877.664.0010 or visit Hitachi Consulting – Inspiring your next success!® About Hitachi Hitachi, Ltd. (NYSE: HIT/TSE: 6501), headquartered in Tokyo, Japan, is a leading global electronics company, with approximately 356,000 employees worldwide. Fiscal 2005 (ended March 31, 2006) consolidated sales totaled 9, 464 billion yen ($80.9 billion). The company offers a wide range of systems, products and services in market sectors including information systems, electronic devices, power and industrial systems, consumer products, materials and financial services. For more information on Hitachi, please visit the company's Web site at 11