SOA Governance Best Practices   Management of Enterprise Architectures April, 2007 Scott Murray Bridle Park Consulting 46 ...
Objective <ul><li>Provide informational briefing on Governance Best Practices for Service Oriented Architecture (SOA) solu...
Agenda <ul><li>Why should I care about SOA Governance? </li></ul><ul><li>The Government of Canada Service Oriented Archite...
Why should I care about SOA? <ul><li>Because SOA is coming from so many places,  </li></ul><ul><li>SOA is happening to eve...
Why use SOA? Source: GCR – 2006 study of over 150 large organizations with, at least, a SOA pilot underway The Primary Bus...
The Government of Canada SOA <ul><li>TBS – CIOB has developed the GC SOA.  </li></ul><ul><ul><li>This provides an architec...
GC Service Oriented Architecture Context – Business Program Design Recruitment Application Personnel Mgmt Application Appl...
On-boarding a new GC employee GC On-boarding Program Recruitment Application Personnel Mgmt Application Applicant Mgmt App...
On-boarding a new GC employee GC On-boarding Program Payroll Application Financial Application Administration Applications...
On-boarding a new GC employee GC On-boarding Program Security Mgmt Application Financial Application Facility Mgmt Applica...
On-boarding a new GC employee GC On-boarding Program Personnel Mgmt Application Pension Admin Application Training Applica...
The Key to Delivering SOA: Governance <ul><li>Gartner Group:  A well thought out SOA framework will increase the chance of...
SOA Governance Requirements are Different Operational program  Human Capital Management program  Personnel Admin Applicati...
SOA Governance Requirements are Different Operational program  Human Capital Management program  Personnel Admin Applicati...
SOA Governance Requirements are Different Operational program  Human Capital Management program  Personnel Admin Applicati...
What is Governance? <ul><li>Wikipedia definition:  </li></ul><ul><li>Corporate governance is the set of  processes, custom...
Where does SOA Governance Fit? <ul><li>Business strategies, goals, objectives & policies </li></ul>Corporate  Governance I...
What Does SOA Governance Entail? The Foundation <ul><ul><li>High level principles regarding how SOA is to be used in the o...
Alternative Governance Styles Note: Some governance styles inspired by Tom Davenport,  Information Ecology.   Oxford Unive...
SOA Governance Best Practices
1. Have a Governor <ul><li>It’s good to have a benevolent dictator! ….or at least a community-approved arbitrator. </li></...
2. Establish Boundaries <ul><li>Situation:  </li></ul><ul><ul><li>A service is built by Group A and now five other Groups ...
3. Create an Oversight Committee <ul><li>Another early requirement. </li></ul><ul><li>Oversight Committee members:  </li><...
4. Govern the Architecture <ul><li>Another early requirement. </li></ul><ul><li>Ensures that the SOA solution evolves by d...
5. Use Multiple Governance Patterns <ul><li>Publishing Pattern:   </li></ul><ul><ul><li>Have established governance polici...
6. Establish SOA Roles Governor Oversight  Committee SOA Steering Board Infrastructure Service Group Business Shared Servi...
7. Govern the Complete SOA Lifecycle SOA  Governance Life-Cycle Service Use Service Deployment Service Operation Service C...
SOA Design Time Considerations SOA  Governance Life-Cycle Service Use Service Deployment Service Operation Service Creatio...
SOA Run Time Considerations SOA  Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation S...
8. Govern Service Evolution SOA  Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation S...
Governance Best Practices <ul><li>Have a Governor. </li></ul><ul><li>Establish Boundaries. </li></ul><ul><li>Create an Ove...
SOA Governance Best Practices   Thank You. Scott Murray Bridle Park Consulting 46 Bridle Park Drive Kanata, ON, K2M 2E2 (6...
Upcoming SlideShare
Loading in …5
×

SOA Governance Best Practices Management of Enterprise ...

914 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
914
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
44
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SOA Governance Best Practices Management of Enterprise ...

  1. 1. SOA Governance Best Practices Management of Enterprise Architectures April, 2007 Scott Murray Bridle Park Consulting 46 Bridle Park Drive Kanata, ON, K2M 2E2 (613) 299-5898 [email_address]
  2. 2. Objective <ul><li>Provide informational briefing on Governance Best Practices for Service Oriented Architecture (SOA) solutions. </li></ul><ul><li>Primarily based upon: </li></ul><ul><ul><li>Research into public information from Gartner, IBM, WebLayers, TIBCO, ZapThink and other organizations; and </li></ul></ul><ul><ul><li>Experience with & input from TBS-CIOB. </li></ul></ul>
  3. 3. Agenda <ul><li>Why should I care about SOA Governance? </li></ul><ul><li>The Government of Canada Service Oriented Architecture (GC SOA). </li></ul><ul><li>Why is SOA Governance different? </li></ul><ul><li>What do we mean by Governance? </li></ul><ul><li>Alternative Governance Styles. </li></ul><ul><li>SOA Governance Best Practices. </li></ul>
  4. 4. Why should I care about SOA? <ul><li>Because SOA is coming from so many places, </li></ul><ul><li>SOA is happening to everyone! </li></ul><ul><li>Business Application Developers. </li></ul><ul><ul><li>SAP, Oracle, Microsoft are all developing business applications as services & SOA. </li></ul></ul><ul><li>Integration Middleware Developers. </li></ul><ul><ul><li>All major infrastructure vendors deliver their products as SOA. </li></ul></ul><ul><li>Application Developers. </li></ul><ul><ul><li>Developing services, components & composite applications. </li></ul></ul><ul><li>G2G & G2C interactions. </li></ul><ul><ul><li>Increasing value (and demand!) for delivering services. </li></ul></ul><ul><li>Everybody Else. </li></ul><ul><ul><li>Consumer centric applications enable anyone to create/deliver services. </li></ul></ul>
  5. 5. Why use SOA? Source: GCR – 2006 study of over 150 large organizations with, at least, a SOA pilot underway The Primary Business Drivers for SOA IT Cost Savings Customer Service Improvements Faster time to Market Information Visibility New Products / Services Regulatory Compliance New Channels Mergers & Acquisitions Major Competitor Has SOA Initiative 30% 23% 21% 6% 6% 5% 5% 4% 1% The Expected Business Impact 65% 56% 53% 48% 36% 32% 25% 16% 75% Business Agility
  6. 6. The Government of Canada SOA <ul><li>TBS – CIOB has developed the GC SOA. </li></ul><ul><ul><li>This provides an architectural framework to address business, information and technology design. </li></ul></ul><ul><ul><li>It includes specific guidance and flavouring as appropriate to the Canadian federal government. </li></ul></ul><ul><li>The GC SOA is an enabler to creating integrated business processes that utilize both ERP and non-ERP solutions / services. </li></ul><ul><ul><li>The key to the GC SOA is establishing discrete, re-usable services that can be quickly and effectively packaged to deliver new government business capabilities. </li></ul></ul>
  7. 7. GC Service Oriented Architecture Context – Business Program Design Recruitment Application Personnel Mgmt Application Application Mgmt Application Business Solution (Application) Architecture Architected Solutions (Applications) Hardware / Software Environment Legacy Application Product Legacy Application Product Legacy Application Product Technology Component Architecture Generalized Components Infrastructure Services Service Exchange Architecture Automated Business Services B C D E A F
  8. 8. On-boarding a new GC employee GC On-boarding Program Recruitment Application Personnel Mgmt Application Applicant Mgmt Application GC Hardware / Software Environment Other Application(s) Product SAP Finance Application Product PSFT HRMS Application Product Scenario: Collect and enter employee data, set up employee in systems, establish employee access and assets, hold employee start date / orientation. B C D E A F
  9. 9. On-boarding a new GC employee GC On-boarding Program Payroll Application Financial Application Administration Applications GC Hardware / Software Environment Other Application(s) Product SAP Finance Application Product PSFT HRMS Application Product Scenario: Collect and enter employee data, set up employee in systems , establish employee access and assets, hold employee start date / orientation. B C D E A F
  10. 10. On-boarding a new GC employee GC On-boarding Program Security Mgmt Application Financial Application Facility Mgmt Application GC Hardware / Software Environment Other Application(s) Product SAP Finance Application Product PSFT HRMS Application Product Scenario: Collect and enter employee data, set up employee in systems, establish employee access and assets , hold employee start date / orientation. B C D E A F
  11. 11. On-boarding a new GC employee GC On-boarding Program Personnel Mgmt Application Pension Admin Application Training Application GC Hardware / Software Environment Other Application(s) Product SAP Finance Application Product PSFT HRMS Application Product Other Env. Other Application(s) Product GC Business Program B Outsourced Application Scenario: Collect and enter employee data, set up employee in systems, establish employee access and assets, hold employee start date / orientation . B C D E A F 2 3 4 5 1 6
  12. 12. The Key to Delivering SOA: Governance <ul><li>Gartner Group: A well thought out SOA framework will increase the chance of successful SOA implementation. Key ingredients are the service registry and the concept of policy enforcement. </li></ul><ul><li> SOA Registries, Policy enforcement bolster SOA Governance and Consumption </li></ul><ul><li>Computer Weekly: “The main reason that SOA projects fail is because there is a lack of governance. (It) isn’t an option, it’s an imperative” said Paola Malinverno, VP research Gartner </li></ul><ul><li> SOA will fail without governance warns Gartner </li></ul><ul><li>ZapThink : Governance is no longer an option for those seriously pursuing SOA. </li></ul><ul><li> The State of Worldwide SOA Adoption </li></ul><ul><li>Redmonk : “Without solid architecture and governance in place, SOA is basically a waste of time” James Governor, Principal Analyst, </li></ul>
  13. 13. SOA Governance Requirements are Different Operational program Human Capital Management program Personnel Admin Application Workforce Mgmt Application Training Application GC Hardware / Software Environment Procurement Application Product SAP Finance Application Product PSFT HRMS Application Product Matrix, rather than monolithic, business solutions. B C D E A F 2 3 4 5 1 6
  14. 14. SOA Governance Requirements are Different Operational program Human Capital Management program Personnel Admin Application Workforce Mgmt Application Training Application GC Hardware / Software Environment Procurement Application Product SAP Finance Application Product PSFT HRMS Application Product Service-usage (and service design!) cross program / organizational boundaries. B C D E A F 2 3 4 5 1 6
  15. 15. SOA Governance Requirements are Different Operational program Human Capital Management program Personnel Admin Application Workforce Mgmt Application Training Application GC Hardware / Software Environment Procurement Application Product SAP Finance Application Product PSFT HRMS Application Product Other Env. Other Application(s) Product New Program New Application Who pays to support & run newly reused services?. B C D E A F 2 3 4 5 1 6 2 3 4 5 1 6
  16. 16. What is Governance? <ul><li>Wikipedia definition: </li></ul><ul><li>Corporate governance is the set of processes, customs, policies, laws and institutions affecting the way a corporation is directed, administered or controlled. Corporate governance also includes the relationships among the many players involved (the stakeholders) and the goals for which the corporation is governed. </li></ul><ul><li>Governance has a value focus: </li></ul><ul><ul><li>Good corporate governance is the use and management of an organization’s resources , in order to promote and enforce their use for targeted benefit . </li></ul></ul>
  17. 17. Where does SOA Governance Fit? <ul><li>Business strategies, goals, objectives & policies </li></ul>Corporate Governance Information Technology Governance <ul><li>Procedures that enforce Corporate-level IT Policies. </li></ul>Architectural principles and standards to enable business & IT goals. SOA Governance <ul><li>Enforcement of SOA principles and standards throughout the lifecycle of a service. </li></ul>Enterprise Governance Enterprise Information Technology Governance Enterprise SOA Governance
  18. 18. What Does SOA Governance Entail? The Foundation <ul><ul><li>High level principles regarding how SOA is to be used in the organization. </li></ul></ul><ul><ul><li>SOA investment priorities. </li></ul></ul><ul><ul><li>SOA reference architecture & roadmap. </li></ul></ul><ul><ul><li>SOA service portfolio. </li></ul></ul>The Mechanics <ul><ul><li>SOA Governance organization. </li></ul></ul><ul><ul><li>SOA Governance processes. </li></ul></ul><ul><ul><li>SOA Communications & Tools. </li></ul></ul>
  19. 19. Alternative Governance Styles Note: Some governance styles inspired by Tom Davenport, Information Ecology. Oxford University Press, 1997. BU Leaders or Key Process Owners Centralized More Less CxO Level Execs Corporate IT and/or BU IT A group of, or individual, business executives (i.e., CxOs). Includes committees comprised of senior business executives (may include CIO). Excludes IT executives acting independently. Business Monarchy Individuals or groups of IT executives IT Monarchy Business unit leaders, key process owners or their delegates Feudal Each individual user Anarchy IT executives and one other group (e.g., CxOs or BU leaders) IT / Bus. Duopoly Shared by C level executives and the business groups (i.e., CxOs and BU leaders) — may also include IT executives. Equivalent of the centre and states working together. Federal Decision rights or inputs to decisions are held by:         
  20. 20. SOA Governance Best Practices
  21. 21. 1. Have a Governor <ul><li>It’s good to have a benevolent dictator! ….or at least a community-approved arbitrator. </li></ul><ul><li>Having a Senior Executive “Governor” provides: </li></ul><ul><ul><li>Legitimacy to the SOA initiative and it’s governance processes; and </li></ul></ul><ul><ul><li>The ability to quickly address difficulties & decisions amongst teams. </li></ul></ul><ul><li>Typical Governor tasks can include: </li></ul><ul><ul><li>Prioritizing targeted benefits; </li></ul></ul><ul><ul><li>Establishing clear boundaries; </li></ul></ul><ul><ul><li>Addressing core governance processes; </li></ul></ul><ul><ul><li>Help with business buy-in and culture shock; and </li></ul></ul><ul><ul><li>Establishing an operational / project oversight committee to ensure that things move smoothly. </li></ul></ul>
  22. 22. 2. Establish Boundaries <ul><li>Situation: </li></ul><ul><ul><li>A service is built by Group A and now five other Groups want to use it as well. </li></ul></ul><ul><ul><li>Who is responsible for adding the new horsepower needed to support the users outside of Group A? </li></ul></ul><ul><li>There is a need to identify who is responsible for: </li></ul><ul><ul><li>Building, operating and maintaining services that are used on a cross-organizational basis. </li></ul></ul><ul><ul><li>Where the funding comes from. </li></ul></ul><ul><ul><li>The architecture upon which it is based. </li></ul></ul><ul><li>Part of the solution may be to establish a central common services group. </li></ul><ul><li>This needs to be decided upon early in the process. </li></ul>
  23. 23. 3. Create an Oversight Committee <ul><li>Another early requirement. </li></ul><ul><li>Oversight Committee members: </li></ul><ul><ul><li>Represent their own organizations; and </li></ul></ul><ul><ul><li>Can take on an enterprise-wide view of the SOA initiative. </li></ul></ul><ul><li>It can be useful to have members from groups whose responsibility spans multiple business / IT silos. </li></ul><ul><li>Typical Oversight Committee tasks can include: </li></ul><ul><ul><li>Ensure that the goals of the overall enterprise are targeted; and </li></ul></ul><ul><ul><li>Ensure that the matrixed individual entities involved in the SOA solution are able to communicate with each other. </li></ul></ul><ul><ul><li>Assist in the establishment, publishing and tracking of metrics </li></ul></ul><ul><li>Needs to have the “teeth” to stop projects that are not compliant. </li></ul>
  24. 24. 4. Govern the Architecture <ul><li>Another early requirement. </li></ul><ul><li>Ensures that the SOA solution evolves by design and not by accident. </li></ul><ul><li>Utilize both a top down & bottom-up design approach. </li></ul><ul><li>Architecture tasks can include: </li></ul><ul><ul><li>Establishing technology standards. </li></ul></ul><ul><ul><li>Defining the high-level SOA architecture and topology. </li></ul></ul><ul><ul><li>Determining the SOA platform strategy and making decisions about particular vendor products and technologies. </li></ul></ul><ul><ul><li>Specifying the management, operations, and quality-of-service—security, reliability, and availability—characteristics of the SOA </li></ul></ul><ul><ul><li>Establishing criteria for SOA project design reviews. </li></ul></ul>Business Program Recruitment Application Personnel Mgmt Application Application Mgmt Application Hardware / Software Environment Legacy Application Product Legacy Application Product Legacy Application Product B C D E A F
  25. 25. 5. Use Multiple Governance Patterns <ul><li>Publishing Pattern: </li></ul><ul><ul><li>Have established governance policies and standards </li></ul></ul><ul><ul><li>They are of no value if no-one knows about them. </li></ul></ul><ul><ul><li>Publish them and have then readily available. </li></ul></ul><ul><li>Checkpoint Pattern: </li></ul><ul><ul><li>Establish checkpoints in key processes (e.g., funding a project, moving from design to production, retiring a service, etc.). </li></ul></ul><ul><ul><li>Establish them early and, initially, keep them simple; increase checkpoint sophistication as needed. </li></ul></ul><ul><li>Scoreboard Pattern: </li></ul><ul><ul><li>Most often missed governance pattern. </li></ul></ul><ul><ul><li>Establish metrics, make them publicly available and update them on a regular basis. </li></ul></ul><ul><ul><li>Sample metrics: what services exist, which are being used by whom, levels of reuse, performance, policy conformance, etc. </li></ul></ul>
  26. 26. 6. Establish SOA Roles Governor Oversight Committee SOA Steering Board Infrastructure Service Group Business Shared Services Group Project Team(s) Architecture Group <ul><li>Ensures that services being built comply with established architectural standards. </li></ul><ul><li>Develops SOA architectural standards and policies. </li></ul><ul><li>Manages the reference architecture. </li></ul><ul><li>Develops & delivers non-business specific infrastructure services that can be shared. </li></ul><ul><li>Develops & delivers shared business services. </li></ul><ul><li>Assembles and delivers SOA based business solutions. </li></ul><ul><li>Includes project management & business transformation specialists </li></ul><ul><li>Technical service review to ensure / monitor compliance with established principles and policies. </li></ul>
  27. 27. 7. Govern the Complete SOA Lifecycle SOA Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation Service Management Process Modeling Requirements Identification Service Modeling <ul><li>Align efforts to address both Business & IT needs. </li></ul>Administrator Service Consumer Administrator Administrator Developer All Architect Architect <ul><li>Identify Owners, authority levels & responsibilities. </li></ul>        <ul><li>Establish Checkpoints between steps. </li></ul>
  28. 28. SOA Design Time Considerations SOA Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation Service Management Process Modeling Requirements Identification Service Modeling <ul><li>Identifying which services to build against the backlog of business requirements. </li></ul><ul><li>Determining the fitness of a service as an GC-class asset. </li></ul><ul><li>Ensuring the strategic design of business services. </li></ul><ul><li>Promoting (enforcing) re-use of existing services. </li></ul><ul><li>Validating conformance to established design patterns and other corporate standards and practices. </li></ul><ul><li>Establishing the governance standards to which different categories of services will be held. </li></ul>
  29. 29. SOA Run Time Considerations SOA Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation Service Management Process Modeling Requirements Identification Service Modeling <ul><li>Checking a service against a set of rules before it is deployed into production. </li></ul><ul><li>Securing services so that they are accessible only to authorized consumers. </li></ul><ul><li>Validating that services operate in compliance with prescribed corporate standards. </li></ul><ul><li>Service-level monitoring and reporting. </li></ul><ul><li>Ensuring that Corporate and IT policies are being enforced. </li></ul>
  30. 30. 8. Govern Service Evolution SOA Governance Life-Cycle Service Use Service Deployment Service Operation Service Creation Service Management Process Modeling Requirements Identification Service Modeling <ul><li>The only constant is change! </li></ul><ul><li>Need to maintain close Business and IT relationship. </li></ul><ul><li>Understand inter-service relationships and dependencies </li></ul><ul><li>Perform impact analysis to determine the </li></ul><ul><li>implications of changing a particular service </li></ul><ul><li>within the run-time environment </li></ul><ul><li>Manage the rollout of services into the existing run-time environment </li></ul><ul><li>Manage service custody transfers through the design, creation, and deployment stages </li></ul><ul><li>Manage changes to existing policies and service level agreements. </li></ul>New Requirements
  31. 31. Governance Best Practices <ul><li>Have a Governor. </li></ul><ul><li>Establish Boundaries. </li></ul><ul><li>Create an Oversight Committee. </li></ul><ul><li>Govern the Architecture. </li></ul><ul><li>Use Multiple Governance Patterns. </li></ul><ul><li>Establish SOA Roles. </li></ul><ul><li>Govern the Complete SOA Lifecycle. </li></ul><ul><li>Govern Service Evolution. </li></ul>
  32. 32. SOA Governance Best Practices Thank You. Scott Murray Bridle Park Consulting 46 Bridle Park Drive Kanata, ON, K2M 2E2 (613) 299-5898 [email_address]

×