SOA Governance - Key to a successful SOA by olliegoblue25

VIEWS: 104 PAGES: 26

									SOA Governance:
Key to a successful SOA implementation

John Falkl
IBM Distinguished Engineer and Chief Architect, SOA Governance
IBM SOA Governance and Service Lifecycle


  Challenge of governance

  Keys to effective governance

  Value of a Center of Excellence

  SOA Governance and Management Method

  Federation approaches

     Continually enhanced based on client requirements
                      and experience
SOA Governance fits within the overall IT
governance environment

                   Chains of responsibility established to empower people
                   Policies to guide the organization to meet its goals
                   Control mechanisms to ensure compliance
                   Communication to keep all required parties informed
                   Measurement to gauge effectiveness

                  IT governance
                    Application of governance to an IT organization,
                    Guide the way those assets support the business

             SOA governance
               IT governance decisions within the context of the
               lifecycle of service components, services and
               business processes.

Scenario on the importance of SOA governance*

   Procurement                                            Admin department                                            Legal

                                         xx           App. 1
                                                               x x
                                                               x x              App. 2
   Project                                                                                                      Purchasing

                                                          Flights Scheduling service

    1. Provide a              2. Other             3. Groups             4. Service       5. Fix works    6. Maintenance
    Flight Scheduling            groups              increase use           is fixed at      temporarily     costs soar /
    service                       start using         of services /         provider’s        but problem      provider
    that fills a specific       the service        quality suffers         expense         reappears         ends service
    project group

* Scenario from Introduction to SOA Governance, Bobby Woolf.

SOA Governance and Service Lifecycle
Management addresses key questions
                                             What processes do we
                  What standards do we      need to identify, develop,
                  need to establish and       deploy and manage
                         when?                     services?

                                                                     How do we govern and
                                                                       manage our SOA
  How do we govern
 and manage the Life
                                                                       development and
  Cycle of services?
                                                                     deployment approach?

    What can I reuse                                                      What metrics and key
  from my existing IT                                                    performance indicators
  Governance Model?                                                           will we use?

    What is our SOA                                              How does the registry
      Vision and                                                  and repository get
      Strategy?                                                  used? What controls
                                                                   are necessary?
                       How do we measure
                        our model and the       Who manages the
                         effectiveness of      Services Repository?
                            services?              Who uses it?
Challenges to effective governance in government
 Large, complex projects
    Bigger the project, the harder to manage
    Lack of agreement on goals
    Inherent need for federation

 Lots of politics and people looking over your
 shoulder                                            “People often talk
    Lack of trust across groups                      about the importance
    Need for stakeholder management and advocate     of developing trust at
                                                     the start of a project,
 Funding challenges across multiple organizations    but trust must be
    Lack of overall ownership                        nurtured throughout its
                                                     life cycle. The
    Funding tightly controlled
                                                     variables that foster or
                                                     hinder trust, such as
 Lack of sufficient control from the leadership      governance, policy
    Lack of good communications                      and funding, remain
                                                     active until the project
 Additional teaming requirements with contractor     is completed.”
 community                                           Rules of engagement, Brian
    Need for additional planning and federation of   Robinson – Federal
                                                     Computing Week
    processes, IT
Keys to effective governance
Plan for evolving governance from the beginning
    Avoid implementing governance after the fact
    Grow governance as project grows
                                                            “If we had had too much
Define scope, objectives, roles, responsibilities,          governance too early,
decision rights, metrics, policies…..                       we would probably have
    Ensure adequate buy-in from all stakeholders            ended up like most
    Build collaborative trust                               other standards
                                                            organizations —
                                                            weighed down by
Communication, communication, communication
                                                            procedure — and it
    Successful organizations use multiple internal          would probably have
    channels to iteratively communicate and secure buy-in   taken a lot longer,”

                                                            Paul Embley, CIO at the
                                                            National Center for State
Ability to execute                                          Courts and chairman of
    Ensure project teams empowered to execute               the Global Justice
                                                            Information Sharing
                                                            Initiative task force

Recent SOA survey: Only 1 in 7 SOA implementations include Governance

Some thoughts on best practices for complex projects

  Federate and distribute functionality                                         “ A number of factors
   – Agree on granularity and abstraction levels of functions, then manage       make developing
   – Federation and management of metadata mandates better management            military and
     of sub processes (e.g. development or management)                           government systems
                                                                                 wickedly hard: the
                                                                                 complexity of their
  Drive a consistent metadata ontology                                           software is growing
   – Ensure all parties are working off a common set of definitions              at staggering rates;
                                                                                 they typically not just
   – Use a business glossary for terms and definitions of information            isolated systems but
                                                                                 rather systems of
                                                                                 systems; the
  Ensure governed processes have clear transition points and                     economics and
  managed aggregation of information                                             politics of
   – Allows for micro governance of sub projects                                 development often
                                                                                 require the use of
   – Positions what is expected and what policies need to be enforced as part
                                                                                 teams distributed in
     of a service lifecycle
                                                                                 time and in space...."

  Support collaborative development, governance and                             Grady Booch
                                                                                IBM Fellow
  management solutions
   – Collaborative environments allow for better team based development

Economic and compliance value of SOA Governance
Client experience highlights the need for SOA Governance:

 From day one of SOA implementation
  – To realize full savings and value that come with reuse of assets

 To meet compliance requirements
  – IBM’s SOA Governance framework provides both a process and
    the enabling tools for tracking and reporting of service usage
    and security
  – Example: Increased legal requirements in the finance industry
    and public sector mean that governance and enforcement of
    service usage is even more important today

    "SOA governance can assure a greater return on investment for SOA
    projects, especially since the impact of these projects can measured
    in a consistent way across the enterprise."
    ebizQ 2008 SOA Governance Survey Report
SOA Governance supports a Smart SOA
approach based on your SOA maturity level
             SOA Governance and Service Lifecycle Management is
             able to support clients across the Smart SOA continuum

                                Extend                             Adapt
        Foundational          End-to-End       Transform         Dynamically

Gain control of              Go after key business      Create cross organization
current environment          opportunities              Business IT alignment

Focus:                      Focus:                     Focus:
 Inventory and control of    End-to-end processes       Enhance Business/IT
 current services            and policies               governance
 Center of Excellence        Culture and Org Change     Expand measurements &
 Registry/Repository         Enabling tools             metrics

                            End-to-end SOA Quality Management

SOA Governance approach to involving all participants

  Alignment of Business and IT requires a good working relationship

                     Center of Excellence
  Business                                                  IT
  Processes                                              Implementation
  Priorities                                             Infrastructure
  Policies                                               Enforcement
  Organization                                           Lifecycle Management
  Ownership                                              Service Creation/Update
  Funding                                                Skills Transfer

                  SOA Center of Excellence Mission
                 Establishing decision rights
                 Defining high value business services
                 Managing the lifecycle of assets
                 Measuring effectiveness

Typical SOA Center of Excellence (CoE) structure
                                                                                              Key touch points to/from
                                          Role Summaries                                      Communicates business
                                                                                              needs, priorities
                                               Sets SOA vision, principles,
                                               Prioritizes SOA efforts; allocates                   Sets SOA standards,
                                               SOA funding                                          policies
        Executive Steering                     Resolves exception requests                          Defines all SOA
           Committee                                                                                architecture elements
                                                                                                    (Tech., application, data,
                                                   Core CoE Team                                    security…)
Sets business                                                                                       Provides thought
direction and priorities                                                                            leadership
Authorizes funding                                               Business                           Harvests assets
Enforces SOA                                                    Relationship                        Supports SOA
mandate                                   SOA                    Directors                          development and
Resolves disputes                                                                                   operations
                                                                                                    (Permanent roles)

                   Pool of skilled resources                                                      Project
                   Executes day-to-day                         CoE Sub-
                   SOA functions                                Teams                             Teams
                   (Rotational) roles                                                          (Project Team
                                                           Develops applications using SOA
                                                           assets, guidance of the CoE
                                                           Ensures project-level compliance
                  =SOA Architecture Review Board
Establishing the SOA governance framework
            Method                     Establish the                     Define the
                                     Governance Need                Governance Approach
 Customer tested IBM SOA
 Governance and Management
 Method (SGMM)
 Comprehensive framework and
 processes span lifecycle of SOA
 Methodology to help clients
 establish SOA Centers of          Monitor and Manage the          Deploy the Governance
                                   Governance Processes             Model Incrementally
 Excellence (CoE)

                                                       Business Value
 SOA Business and IT
                                   Foundation to realize SOA business benefits
 Governance Principles
                                   Leverages existing Governance structures
 Customized processes
                                   Methodology and tools based on best practices and
 Center of Excellence
                                   thought leadership and support for open standards
                                   Skills and experience gained from many SOA
 Roles and responsibilities
 Defined metrics
                                   Catalyst to align business and IT strategy
 SOA Governance Transition Plan
SGMM provides a step by step approach for
customizing SOA Governance

            SOA Governance and Management Method Process

        Plan                   Define                  Enable                   Measure
    Determine the          Define the SOA         Implement the SOA          Refine the SOA
  governance focus        governance model         governance model         governance model
   Tailor method for       Define and refine         Implement the        Measure effectiveness of
  goals / environment    governance processes        transition plan       governance processes

  Understand current     Define organizational        Initiate SOA        Measure effectiveness of
 governance structures          change           organizational changes    organizational change
    Define scope of       Define IT changes in   Launch the SOA center     Review and refine the
     governance            SOA development           of excellence        operational environment
   Conduct change-                                   Implement the
   readiness survey                              infrastructure for SOA

              Continuous SOA governance process measurement and improvement

              Used successfully in hundreds of services engagements

Success drivers are based on a federated
governance approach
 Key Success Drivers:
  Assess organizational readiness for federation
  – Skills, Communications, Leadership, Teaming
  Integrate federation into current SOA implementation plan
  – Understanding, Acceptance, Preparation, Commitment
                       Governance Approaches
                        Centralized – Single solution/product focused
                        Federated – Growth based on Smart SOA requirements
                        Decentralized – multiple, disparate tools (ie, spreadsheets)
             Centralized                                                  Federated                         Distributed or Decentralized
     “We’ll take care of it for you”                                 “We’re all in this together”                         “You’re on your own”
                 CEO/ CIO/ CFO
                                                                                 CEO/ CIO/ CFO                                 CEO/ CIO/ CFO

    IT         GRP 1        GRP 2        GRP 3
                                                                IT             GRP 1       GRP 2    GRP 3        IT         GRP 1        GRP 2        GRP 3
Services /    Functional   Functional   Functional
App Dev         Reqs         Reqs         Reqs                                                                  Infra-     Services /   Services /   Services /
                                                      Project        Program
  Infra-                                                                                                      structure    App Dev      App Dev      App Dev
structure                                                            Program

             Federated approach provides the greatest flexibility and growth capability

IBM’s Federated Registry/Repository approach that supports
Federated Governance
              Key components of a Federated Registry/Repository
   Service and Asset                                                Service Deployment
     Development                                                    Runtime Repository
   Service Discovery                                                Runtime Service Discovery
   Service Development Lifecycle
            Rational                                                Service Registry
         Asset Manager                                               & Repository

Allows multiple                                                          A Federated
                                   Tivoli Change and
contractors (groups)           Configuration Management
to work against                       DB (CCMDB)                         capability serves as
aligned ontologies                                                       a control point for
                                   Service Management
                              Operational Efficiency & Resilience        managing the
                              Configuration Data Discovery               services lifecycle
                              Managing change

SOA Federation Requires Federation of ESBs
Providing Seamless Synchronization Across Multiple Domains

                                               Federated ESB Management
                                            (Tivoli Composite Application Manager for SOA)
        Federated Registry                                                                           Federated Security
           (WebSphere Service                                                                    (Tivoli Federated Identity Manager)
       Registry and Repository- ALE)

                                          Federated Policy Management

           Multiple ESBs… Cross-ESB Manageability… Inter-ESB Connectivity
               …                                                   …
  WebSphere ESB              WebSphere               WebSphere DataPower                       Sonic                         Tibco
                            Message Broker            Integration Appliance

                                               Cross-ESB Capabilities
         Universal Message                                                                   Consolidated B2B Gateway
             Backbone                                                                          (WebSphere Partner Gateway)
             (WebSphere MQ)
                                  Universal Transformation             Universal Adapters
                                 (WebSphere Transformation Extender)     (WebSphere Adapters)

IBM’s approach to SOA Governance at Runtime
                                                                                         Services Manager

       Security Gateway

                                                                 Tivoli Composite Application
                                                                       Manager for SOA
                                         Services Registry &
              WebSphere DataPower
                 SOA Appliance

                                                   WebSphere Service
                                                  Registry and Repository

                                                                                        WebSphere Enterprise
                                                                                        Service Bus

          Federated Identity                                   ESB                      WebSphere DataPower
              Manager                                                                   SOA Appliance

                            Tivoli Federated
                           Identity Manager

Learn more about SOA
                    Event Title                             Date            Time               Location
U. S. Federal SOA Institute Speaker Series Session 16   Thurs, Sept.     8:30 AM to   IBM-IEG
– SOA Governance                                        11, 2008         12:00PM      1301 K St. NW
                                                                                      West Tower, 4th Floor
                                                                                      Washington, DC
SOA Certification and Mentoring – Fall 2008 –           Thurs. Sept.     12:30 PM     IBM-IEG
Kickoff                                                 11, 2008                      1301 K St. NW
                                                                                      West Tower, 4th Floor
                                                                                      Washington, DC
Runtime Governance Proof of Technology (POT)            Sept. 16 – 17,   9:00 AM to   8401 Greensboro Drive,
Session                                                 2008             4:30 PM      Suite 120, McLean, VA

Rational/Telelogic Federal Welcome                      Thur. Sept 18,   8:00 AM to   Madison Hotel, 1177
Register at                  2008             1:00 PM      Fifteenth St., NW
                                                                                      Washington, D.C.
Fall SOA Seminars for Hampton Roads                     Sept – Nov.      8:30 AM to   VMASC
Community                                               2008             12:00 PM     1031 University Blvd
- Sept 23: "Best Practices in Data                                                    Suffolk, Virginia 23435
Integration/Information Management within an SOA"                                     United States

Federal Mashup Day                                      Oct. 21, 2008    8:30 AM      Reston Hyatt

Federal Mashup Proof of Technology (POT)                Nov. 6, 2008     9:00 AM      IBM-Mclean
                                                                                      8401 Greensboro Dr.
                                                                                      Mclean, VA
Web 2.0 by David Barnes                                 Thurs. Nov.      8:30 AM to   IBM-IEG
                                                        13, 2008         Noon         1301 K St. NW
                                                                                      West Tower, 4th Floor
                                                                                      Washington, DC            19
Learn more about SOA Governance
Listen to SOA Governance public sector focused podcasts
 – SOA Consortium meeting – Washington, DC March 2008

Runtime Governance Proof of Technology (POT) Session
 Sept. 16 – 17, 2008 9:00 AM to 4:30 PM
 8401 Greensboro Drive, Suite 120, McLean, VA

    Visit IBM SOA Governance website

       Schedule SOA Governance Proof of Technology Hands-on learning

               Subscribe to the IBM SOA Newsletter –

   Schedule IBM SOA Governance and Center of Excellence briefing       20
Supplemental Material

                        IBM CONFIDENTIAL
Governance support for each phase drives the SOA
reuse promise of value

   Service and Asset                         Service Deployment
     Development                      Controlling and elimination of
          Creating a service that     “rogue services”
          can be reused                         Policy tracking of services
Improving communication and                     for compliance and SLAs
collaboration within teams                          Testing complex
     Adherence to                                   service interactions
     development policies

                                          Service Management
     Developing an SOA Governance          Active, automated
     approach requires executive           enforcement of SOA policies
     commitment                     Dynamic reporting of
                                    service status and alerts

IBM SGMM addresses the three main elements
for effective SOA Governance
  The organization responsible for making SOA and SOA
  Governance work
    Mechanisms - CoEs, ARBs, Steering Committees,
    Decision Making Boards
    Organizational roles, organizational and cultural change
    Communications and stakeholder management

  Regular activities executed so the SOA can be sustained
    Governed Processes - Service Ownership, Funding
    Policy Management and Metrics tracking

  Tools that automate the activities and enable the
  organization to effectively operate SOA
    Registries/Repositories, Quality and Lifecycle Mgmt

Govern from service creation to consumption

       Store and organize assets and services
       Impact assessment of deployed services
       Auditing and reporting on service SLAs

                  WSRR Advanced Lifecycle Edition
          Service and Asset                Service Deployment
            Development                       and Runtime

                      Rational             WebSphere
                   Asset Manager         Service Registry
                                          & Repository
                                                            Available July

                     Low cost starter pack
                     Single organization for support
                     Easy to upgrade
IBM CIO is using RAM for managing assets across
the enterprise along with WSRR
 Business need:                                                        RAM

   Sales wanted to manage a set of cross                Internal SOA Repository
   organizational technical sales assets                               Service
                                                               meta data     artifacts

   Services organization had to manage
   28000+ delivery assets across multiple
   service teams
                                              Service                                      Roles
 IBM’s business areas collectively                                •
                                                                      meta data
 decided to use Rational Asset               WSDL        XSD
                                                                      endpoints          Update Mgr
 Manager (RAM)
 Currently scaled to 40,000+ users          Find deployed service endpoints that could be used
                                            for dynamic service routing
 Over 2700 assets stored in RAM             Analyze impacts of changing service definitions on
                                            deployed services
                                            Manage promotion of services from test through
 Over 16,000 asset downloads from           production
 RAM                                        Manage the service metadata to support SOA runtime


To top