can anyone share if you have successfully implemented a SOA Governance framework anywhere. I would be interested in two scenarios viz a SOA Governance where no tool was used (ie. a Service Repository or any such) and a scenario where the SOA Governance was implemented using the different tools available. My take is that when we are starting at a very tactical level we should not be going in for an exhaustive tool based SOA Governance but rather stick to just defining the processes and standards conformance, naming conventions etc (all on paper) and as we evolve or add more projects under the SOA initiative we should be moving towards using the appropriate tools to enforce an effective SOA governance. can any one echo their thoughts on this thread?
So it does seem like SOA Governance is indeed a grey area. I was hoping that if not a straight answer I can get this discussion thread going on with some inputs from others out there but I guess not many have gone down this road. Currently I'm working stitching together a SOA Governance framework for one of our customers and hopefully I will share it here for everyone's benefit
I now have a WIP document on Governance, which is essentially a document wherein I tossed in all my loose thoughts around what I think one should be doing to establish SOA Governance when the engagement is tactical rather than strategic in nature. I'm willing to share this with any of you (pls provide your email id) if you are serious enough and are willing to come back with your comments and feedback to enhance this document. One day I'll probably publish this for everyone's benefit:)
There is a good SOA Governance framework for Oracle AIA called BSR. It is built on top of OSR and supports ALSR as well.
Though it was developed mainly to handle AIA components but it has many advanced capabilities.
I feel any SOA Governance framework need to have a registry-repository and the registry should be based some industry standard like UDDI.
While I totally agree with your approach for a registry-repository option, my point has been that for someone who is starting with a very tactical engagement (maybe just build a couple of re-usable services to enable some integration) these tools would be an overkill. At the same time as conveyed in my initial post we need to get to that stage as the organization moves up the SOA maturity ladder. Anyone out there has any real time experience of setting up of a SOA governance framework in this kind of a scenario or any other general best practices
A great deal of information is available on the [SOA Governance @ Work|http://blogs.oracle.com/governance/] blog. A great deal of the content was migrated over from BEA blogs over a year ago, but it's still relevant, particularly on the questions of when and how to implement governance.
Throughout those posts the idea that effective SOA governance involves people, process, and technology is heavily stressed. The core of that idea is that technology alone doesn't constitute effective governance.
Another idea to keep in mind is that no single SOA governance strategy or framework will work for every organization. A great deal depends on the level of SOA maturity and expertise, and the level of acceptance of basic SOA concepts. Obviously, an organization that is well-versed in SOA will require minimal governance.
SOA governance has also been the subject of several OTN Arch2Arch podcasts:
[Architect Roundtable: SOA Governance -- Watch Your Step|http://feedproxy.google.com/~r/OtnArch2Arch/~3/i1ju7btP0BY/7564094_Todd_Biske_040309.mp3]
[SOA Governance: Drawing the Line on Reuse|http://feedproxy.google.com/~r/OtnArch2Arch/~3/880Ph3U8Kjg/7613239_Todd_Biske_042908.mp3]
[ SOA Governance: Getting it Wrong|http://feedproxy.google.com/~r/OtnArch2Arch/~3/znHvdxhSmIw/7622514_soa_governance_wrong_050609.mp3]
SOA governance will also be covered in an upcoming Arch2Arch podcast featuring Oracle ACE Director Mike van Alst and Dave Berry, Senior Manager on the Oracle Fusion Middleware SOA Integration product team. Mike and Dave have been using their respective blogs to carry on a conversation about various aspects of SOA governance. That conversation has led to collaboration on an article that will appear in later this year in SOA Magazine.
Dave is one of the authors of the SOA Governance a@ Work blog, and Mike blogs at [Mastering SOA|http://soamastery.blogspot.com/] .
At Oracle, we are making a concerted effort to map SOA Governance tooling/capabilities to various stages of SOA Maturity. It seems to me that job one (whether you are just starting, or you have an ongoing investment in SOA) is to get visibility of the services and artifacts you are implementing or have already delivered. Automatic harvesting of SOA artifacts into a Registry Repository is typically what we suggest first, whether or not you proceed to fully govern the SOA lifecycle using tools. Once SOA artifacts are visibile, it is easier to manage them, change them without disrupting dependencies, and monitor reuse.
I would be interested in comparing notes with you on your observations.
Thanks for your response, this by far has been the most concret evidence for me that SOA Governance is being discussed and worked on seriously. The resources you have pointed out to have been pretty useful. Thanks again