Argh …. SOA Governance
Does this picture sum up how people feel about governance in your organization?
Governance can range from a simple documented standard to a suite of tools, process, and organizational oversight all the way to a mandate like Amazon's from Steve Yegge’s famous post several years ago. Regardless of approach, no one can doubt the benefits of a governance approach to provide the benefits of consistency, reuse and visibility as our use of services and APIs expands daily.
Creativity in the Right Places
Where should our technical and development creativity be directed? As the focus on platforms expands across all industries and companies look for more ways to monetize their data and services, it is key for IT organizations to understand where they add real value and focus their resources there. Much like infrastructure is being automated and moved to the cloud, companies are moving to have standardized formats, service definitions and security to ensure that the creativity of their developers is focused on the business logic and NOT on commodity activities.
Pushback on this can occur from groups or individuals that feel constrained or that they are no longer able to practice their craft. In the end, this is about what is right for the business. Creating custom services that are one-off or do not align to the roadmap might be “fun,” but it is not where IT is heading in 2015.
Do what works in your culture. Yes, you may need to drive change, but look to leverage tools and approaches that work. Examples are wikis, governance tools like API Management and Developer Portals and incentives/rewards that fit your team. Also, look for alternate words to “governance" that might play better with your team such as platform, framework or even standards.
Some change will be needed here — especially if you are new to governance and formal approaches like this. There is no way to avoid it. By investing a little time upfront on this, your way forward will be smoother.
Making the Complex Simple
The topic of governance is a big one — far too big for this one blog post. In addition to the topic of change management, there are dozens of frameworks, methodologies and maturity models in the SOA Governance space. This includes industry consortium standards like TOGAF, the Open Group all the way to vendor-specific approaches from Oracle. With today’s focus on API Management and the push to expose APIs to both internal and external consumers, having a plan and approach for governance is even more important.
At AVIO, we work with many clients that are looking to implement SOA governance. Along the lines of our “Think Big, Start Small, Act Fast” approach for BPM, we advocate taking a pragmatic and iterative approach to SOA programs.
Here are 3 simple ways to help focus your governance efforts:
1. Have a business-aligned roadmap
Ensure you have a roadmap for the future. This should lay out the major goals you have for your integration platform and be aligned to the overall business goals and timeline. The roadmap should be more detailed in the initial 3-6 months and likely be more milestone-focused in future years. It may also include key targets for migrations, service conversions to a new reference architecture or decommissioning legacy systems.
2. Develop a initial reference architecture
Reference architectures can be large documents covering dozens or hundreds of pages. Focus on the top three areas or capabilities. Is it security of services? Is cloud and on-prem hybrid critical? Is it handling peak volume? Is it a micro-services architecture? Is it visibility to partners? There are dozens of possible capabilities within each framework you can focus on. I recommend picking just three for your first cut and diving deeper on these vs. trying to cover each area in depth.
3. Move and Improve!
There is no perfect governance approach. You will never be totally ready. This is where the roadmap in item 1 above is helpful. Focus on acting and moving forward by picking a direction and some key activities. Be open with the team and stakeholders that this will be a work in progress. Update them frequently on progress, setbacks and course adjustments. You will learn more from acting and adjusting than investing a year in developing a perfect plan.
On the tool front, Oracle is active in the space with recent additions to its portfolio of governance products. Both Oracle API Catalog and API Manager are recent additions to the Oracle SOA space that integrate well with SOA Suite and provide a lighter-weight toolset for managing APIs and services.
Where are you in your SOA Governance rollout?