Joe McKendrick recently reported in All Too Often, Governance is 'Retrofitted' into SOA that “surveys conducted here at ebizQ, most early SOA efforts do not have governance of any kind in place -- typically, organizations hold off until they have some type of critical mass of services before they consider it worth investing in governance.” We just talked about some useful governance thoughts from Brenda Michelson’s Does your SOA lack social skills? Here she and Hub Vandervoort articulated some useful governance concepts but not doing it was not one of them (see The People Side of SOA post).
It is concerning that Joe’s surveys found that that only one out of seven companies currently have active governance efforts underway. Joe added that, “even among the most advanced sites surveyed, two out of three companies do not yet have comprehensive governance programs in place.” Joe also points to a Butler Group report, Firms That Under-Invest in SOA Governance Won't Reap SOA Rewards. The title speaks for itself.
There is a lot of effort going on to assemble services, but not enough to validate them, and that is the key to having any sense of trust or reliability. We recently talked about this in the Wring ROI out of your UDDI Registry/Repository by plugging in SOA Validation post. Why is this happening? I wrote, “a lot of people like the concept of Governance and having Policies, but it’s not necessarily practical all by itself for the way businesses construct and leverage applications. This happens because SOA Governance without Validation doesn’t provide any assurance that it’s actually meeting the business requirements set forth in the Policies. In essence, it is like posting a speed limit, but not having the radar gun to ensure that drivers are obeying the rules of the road.”
Being able to connect a UDDI registry/repository, where you store all of the metadata of your services, their locations, and their policies for use in one place, with a strong Validation strategy can be a big advantage in this environment. But to make it work, that validation process has to be continuous and ingrained into every phase of the lifecycle of your services.
Comments