How to keep too many cooks from spoiling the SOA broth

As part of InfoWorld's SOA Executive Forum (held last week in New York), I hosted a podcast with with special guest Ashish Mohindroo, Oracle's Fusion Middleware Director. Ashish was a featured speaker at the Forum.

In our chat, Ashish laid out the case clearly and concisely for SOA governance. Many technology-based initiatives have had their share of management challenges in the past, but SOA adds a whole new dimension. Namely, in theory, SOA is not supposed to be owned by IT -- rather, it's a shared ownership arrangement across the entire business. (Link to the 10-minute podcast here at InfoWorld.)

Governance helps reduce inter-departmental tension over SOA

Whereas in past enterprise projects a single department had complete control over a project, SOA breaks down departmental barriers -- and that raises new questions, Ashish says. Questions such as: Who has access rights to the service? Who manages the services? Who pays for the services? How do you change these services? How do you define policy?

Without answers to all these ownership questions, Ashish said, tension could emerge between departments if companies are made to play it by ear. That's what makes governance so important, he continues. Governance provides a management structure for SOA, which lacks the direct or centralized control that technology projects typically have. "The whole idea behind governance is to really define a path of how a company can start from a point project and then scale it out by breaking down the departmental barriers across the enterprise."

While Ashish believes most companies are past the point of needing to be convinced of the value of SOA, most projects are still in the early phases. That's why starting early with governance is important. Governance is more than creating a repository of available services, he says.

"Governance means having a standard of service has to pass certain parameters. It has to be defined in a specific manner. It has to meet a certain service-level agreement. And it has to conform to the specifications that have been defined by this governing body within the organization." Once these standards are set, Ashish explains, "it's very easy for companies to change policies or change definitions without going back into the hard process of manually recording these policies and structures into individual Web services."

Ashish also talked about the emerging links between SOA and Web 2.0 -- as explored further on in the InfoWorld podcast.