Uber-governance? Maybe we're not quite ready for that

“Governance needs to involve the entire business. However, opening up the process too hastily is like inviting the passengers in a 747 to contribute their life experience and wisdom to help fly the plane.

“Governance needs to involve the entire business. However, opening up the process too hastily is like inviting the passengers in a 747 to contribute their life experience and wisdom to help fly the plane.”
Paul Lipton, Web services guru at CA, says today’s industry buzzword, governance, goes deeper than managing SOA and Web services. In his latest post at Webservices.Org, Lipton observes that current governance efforts focus on tracking “the location and change of various development artifacts, which may reside in change configuration systems, databases, and specialized management/security policy repositories. Some governance systems also provide their own repository allowing development artifacts to be centrally stored.”

However, things will really start happening when governance is provided at “all levels of the IT technology stack – and not just at the level of Web services” – going beyond XML artifacts to “span the full extent of IT activity, such as documentation, Java code, legacy COBOL copy books, and just about anything else.”

This suggests moving away from SOA governance to uber-governance, which means putting technology decisions in the hands of business users. All makes perfect sense, until you consider what’s on the minds of business users. “Many business executives have no desire to define such policies on an enterprise portal or anywhere else,” Lipton says. “Many high-level business people prefer to keep their eyes completely focused elsewhere.  Businesspeople would rather call IT on the phone and say, ‘please make this happen.’”

Involving business in technology governance is “like inviting the passengers in a 747 to contribute their life-experience and wisdom to help fly the plane. The passengers may want to help steer, but you would want to insure that considerable controls existed first. Until your entire IT infrastructure and the SOA that lives above it are appropriately instrumented to enforce, monitor, and control your runtime and the effects of all policy changes, you want to be careful about who is allowed to help fly the plane.”

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All