Making the Business Case for SOA Governance
Architects understand that governance is essential to SOA success, but they need to get business to understand as well. Here’s how to make it happen.
by Franco Castaldini
In service-oriented architectures (SOAs), companies have finally found a way to turn the maintenance equation back around again. With SOA, they gain a flexible architecture comprised of reusable components. SOA slashes maintenance demands by reducing the number of unique components. It improves quality and reliability by virtue of the testing required to assure compliance with standards and ensure component reusability. SOA also helps speed the development of new systems and reduces time to market.
To achieve these benefits, SOA development must begin with SOA governance, and this governance must continue throughout the services lifecycle, from design time to run time to change time. Without governance, SOA can turn into chaos and increase the very problem that IT expected to solve.
SOA governance is a discipline used for activities related to exercising control over services in an SOA. It is used to provide IT with the structure to manage the interaction between service consumers and providers and the people who touch both. Typically, SOA governance solutions contain a registry that functions as a service directory, a repository that acts as your library of assets, policy management that governs the interaction between all SOA stakeholders, and lifecycle management that helps automate service development processes.
Anne Thomas Manes from the Burton Group defines governance as “[T]he processes that an enterprise puts in place to ensure that things are done … in accordance with best practices, architectural principles, government regulations, laws, and other determining factors. SOA governance refers to the processes used to govern adoption and implementation of SOA.”
IT understands the necessity of automating SOA governance and freeing their development professionals to focus on innovation (see Note 1). However, IT often has a difficult time making the case for an SOA governance platform to business leaders who hold the purse strings. Before it funds the purchase of a governance tool, a business needs to see the benefits in terms executives can understand. The decision makers need numbers: How much investment is needed? What is the payback? What happens if we don’t invest?
Too often, architects find that they lack the tools and resources needed to perform an objective analysis of the cost-benefit of SOA governance and to articulate their case in terms that business can understand. They need to make a compelling business argument for SOA governance, grounded in the unique circumstances of their company’s own business.
In short, to the business side of the enterprise, SOA governance seems at best a one-off and, at worst, unnecessary overhead and expense. IT’s challenge is to position SOA governance as a must-have, rather than a nice-to-have.
Consequences of a Lack of Governance
According to ZapThink, the primary strategic motivation for most SOA initiatives is business agility, which it defines as being able to respond to changes in the business environment quickly and achieve competitive advantage (see Note 2). However, in the absence of an effective, automated governance strategy, SOA can become brittle rather than agile. By definition, SOA brings a dramatic increase in the number of interdependent moving parts in the systems environment. In turn, an increase in the number of parts is accompanied by an exponential growth in the number and complexity of interdependencies.
Uncontrolled SOA allows services to be developed, invoked, and orchestrated at any time into complicated construction. Rather than creating a platform for effective reuse and responding rapidly to business goals and changing market conditions, uncontrolled SOA leads to redundancy in development and lack of visibility into systems that impact key processes.
Unfortunately, under this scenario companies end up failing to achieve the return on investment they anticipate and they may even spend more time and money over the long term than they would have under traditional development. IT may see more redundancy of services and greater infrastructure complexity as a result of poor SOA governance and through the uncontrolled growth of services that are that are difficult to locate or inadequately constructed or understood.
Without governance, expanding SOA development will result in:
- A fragile architecture
- Services that cannot easily be reused because they are unknown to developers or because they were not designed with reuse in mind
- Lack of trust and confidence in services as enterprise assets
- Security breaches that cannot easily be traced
- Unpredictable performance
- Ultimately, disillusionment with SOA or complete SOA failure
SOA governance is a strategy where each service is an asset that is properly designed to be useful within a larger portfolio of business services. In a well-governed SOA, services are versioned, secured, managed, and monitored to ensure that they perform with the expected quality of service (QoS). Automation is also essential to prevent SOA governance itself from becoming unwieldy (see Note 3).
SOA development must begin with SOA governance. Because of the nature of discrete, well-defined services within an SOA, governance is not exclusively a run-time or design-time activity. SOA governance happens all the time -- design time, run time, and change time -- and architects understand this (see Note 4). Automated governance requires an integrated registry/repository with a single, normalized, and standards-based information model and underlying datastore.
Although effective SOA starts with governance, a governance solution must still be sold to the business. To obtain funding for the solution, you must create a well-rounded business case that achieves five key objectives:
- Positions the solution around the language of business
- Focuses on projects with tangible business benefits
- Includes a value-focused business case
- References third-party validation
- Starts small but thinks big
Positioning the Solution around the Language of Business
The solution should be described in business terms of cost reduction, productivity, competitive advantage, and strategic and tactical goals, rather than “SOA governance.” Business should understand that a well-governed SOA will enable:
- Reduced development time
- Shortened test cycles
- Reduced time to deployment
- Greater reuse
- Higher quality and reliability
- Lower costs over time
For instance, one of the world’s largest distributors of electronic components understood the importance of quality to its overall business. In making the case to deploy an SOA governance and lifecycle management tool, IT leaders stressed the ability to automate the review, testing, and quality assurance of services, all of which were processes and terminology well understood by management.
Today, the company uses SOA governance to address service interoperability, re-use, and performance. Services lifecycle management and implementation consistency are completely transparent to the business teams. These teams can readily identify that IT is producing a higher quantity of high-quality, innovative solutions. This manufacturer has also been able to prove concrete reductions in both IT development time and business cycle times attributed to a well-governed SOA.
Focusing on Projects with Tangible Business Benefits
Choosing projects that integrate and automate business processes that have the most widespread, visible, and positive impact across the organization enables IT to both qualitatively and quantifiably demonstrate the value of well-governed SOA. This step is looking for the classic “win-win” situation and identifying projects that address key IT and business pain points, packaging those projects in terms of business benefits, and showing how those projects benefited from having a well-governed SOA.
Consider the IT department of a large telecommunications firm was dealing with an intricate legacy systems environment that came with increasingly complex integration requirements as business users demanded more and more information and functionality. Maintenance requirements were high and the company lacked the integration skill needed to keep up with demands. SOA offered the opportunity to shift from point-to-point interfaces to shared, common interfaces with an enterprise scope, but the case still needed to be made to management.
To make the case for a SOA governance platform, IT focused first on a call center application that used SOA technologies to integrate data from a number of disparate customer information applications into a common interface. The decision makers were able to see the value of having the right information at the right time and in the right terminology at hand. The business could reduce transaction time and training efforts as well as increase quality, which laid the groundwork for investment in a SOA governance solution.
Including a Value-Focused Business Case
Nothing speaks the language of business like numbers. Management wants to understand the true financial impact of a project before approving funding, which means that IT needs to quantify benefits in a way that justifies funding. Immediate and long-term benefits should be outlined while avoiding technical jargon.
It is possible to build a case, using an ROI methodology that includes:
- Design-time, run-time, and change-time time savings of SOA governance
- Payback period
- Net present value
- Example of SOA governance ROI data points
Referencing Third-Party Validation
Cite analyst data that will complement the business case. Examine the actions of competitors and draw parallels. Finally, leverage the experience of SOA solution providers.
Document the benefits companies typically see and offer both the experience and the resources to help companies make an objective case for SOA governance. Here are some examples of what SOA solutions can accomplish:
- A major U.S. bank defined a human resources solution for staffing and on-boarding new hires, with benefits of over $9M per year gained by monitoring and managing the end-to-end business process in real time.
- A high-technology firm defined an SOA-based quoting management solution that will deliver a revenue increase of $20M per year and $4M in additional profit.
- A health-care provider defined a new, SOA-based real-time order-to-cash monitoring solution with an ROI of 138 percent in two years and five-year savings of nearly $3.3M.
Starting Small, Thinking Big
Focus on manageable projects, implemented quickly, that are under-promised and over-delivered. Show how SOA governance was essential to the success of those projects.
For instance, a national financial services firm began by simply looking for integration opportunities, building services, and creating loosely coupled systems integration. IT was able to demonstrate the ability to reuse those integration points as the business acquired other firms and other systems, turning that simple integration tactic into a competitive market advantage by spending less time on maintenance and development and more time on enabling new business capabilities.
When the firm faced new regulations, IT was able to show how having built common components with which both internal and external applications could interface helped the company comply with those regulations more quickly than it could ever have done before. With business sold on the value of reusable services, it was easier for IT to make the business case for SOA governance to ensure quality and interoperability and to effectively manage a growing portfolio of services.
Evolving From Maintenance to Innovation
With a well-governed SOA, companies can increase productivity across all phases of the development lifecycle and deliver projects faster, which speeds time to market. IT can take on more projects by reducing maintenance demands and leveraging work from previous projects to increase quality and reliability. A well-governed SOA also provides both business and IT with essential transparency into service assets and visibility into service performance.
Note 1: SoftwareAG, Best Practices for SOA Governance User Survey, Summer 2008; 91 percent of respondents said that governance is of “critical” or “moderate” importance to SOA strategy
Note 2: Jason Bloomberg, ZapThink, Business Agility as an Emergent Property of SOA, October 2008
Note 3: Forrester Research, Inc., The Forrester Wave: SOA Service Lifecycle Management, Q1 2008, January 2008.
Note 4: SoftwareAG, Best Practices for SOA Governance User Survey, Summer 2008. Nearly 70 percent of respondents say that run time, design time, and change time governance processes are of equal importance.
Franco Castaldini is director of product marketing for Software AG (www.softwareag.com). You can reach the author at firstname.lastname@example.org