Link: http://davidsprottsblog.blogspot.com/2011/05/beware-gurus-promoting-their-new-book.html
From David Sprott's Blog
SearchSOA.com interviewed co-authors Thomas Erl and Anne Thomas Manes to discuss their recently published book, SOA Governance: Governing Shared Services On-Premise and in the Cloud (Prentice Hall, April 2011). The Q&A didn’t encourage me to buy their book.
Question: How you define SOA governance?
Answer: Manes “The quick definition is ‘governance makes the rules.’ . . . the best governance system is one that people appreciate, that helps people get work done, with the highest quality, and that is beneficial to business.
Commentary: Governance doesn’t just make the rules. SOA Governance is a process that guides policy setting and compliance to ensure service and solution delivery and operations are delivered and remain in compliance. SOA policies are architectural, practice and organizational decisions designed to deliver business value through application of key principles.
Question: You say the first step in an SOA governance effort is to establish a SOA governance program office. What would that consist of?
Answer: Manes “Having a recognized office with the authority to establish rules is a prerequisite for any program. “Erl “The SOA governance program encompasses the governance system, but also all the other logistical aspects of that system, so project plans, roadmaps, tools, and the steps to make it part of the overall means by which projects are regulated.”
Commentary: The first step in SOA governance is to publish policy for delivery programs and the framework of deliverables and responsibilities for publishing and compliance reviews. This activity is best done under the auspices of an existing governance practice. Of course it requires SOA specialist skills, but the objective should be to integrate SOA into business as usual as soon as possible, not to create separate organizational structures that create and perpetuate divergence, or even worse, to consolidate all project practices under governance.
Question: Is there such a thing as agile governance?
Answer: Manes “When defining your precepts you need to constantly be willing to reassess if you’re achieving your goals, by reevaluating and understanding if they’re helping you deliver better solutions more quickly and then going back [and addressing them if they’re not]. That’s the definition of agile.” Erl “The governance system for an SOA initiative needs to be inherently responsive to business changes. To me, a governance system improves the responsiveness of those that function within it because so many decisions have already been made.”
Commentary: This sounds like a recipe for encouraging “policy waivers”. We’re doing Agile, so we can’t comply with the policy! If there was something called Agile governance in my opinion it would apply review/gate criteria that ensured that delivery projects are using agile approaches in a prescribed manner that delivers good business outcomes, specifically – systems, services and ongoing support processes that can evolve at minimum cost and cycle time. This generally requires that SOA delivery programs implement twin track (service and solution) delivery, strong componentization of implementations, iterative delivery of baselined, well architected functionality that is designed to evolve on a continuous basis.
Question: What are the governance considerations specific to cloud-based services?
Answer: Erl “When your resources are hosted by a third-party cloud provider, there is a limitation to the extent of control as to how they can be governed. That’s something to factor into the governance system. If your governance says it has to comply with industry standards and the supplier doesn’t support that, you have to say ‘How can we [govern] within the cloud given these constraints and still be in support of our business requirements?’” Manes “You have more inherent risk in deploying in the cloud and need to take appropriate risk mitigation by deploying [governance] precepts specifically for the cloud.”
Commentary: For many if not most large organizations “business as usual” is delivered by outsourcing and service provider suppliers. The governance of outsourcing will normally be focused on outcomes and risk management. The governance of Cloud based SOA is an extension of the same process – focusing on encapsulated service contracts and bullet proof service level agreements. This is not to trivialize Cloud specific issues, rather to push back against the trend that says we have to reinvent everything we do for Cloud. That’s patent nonsense, we should use proven best practices and architectural patterns to get Cloud deployments up the maturity levels as soon as possible.
Disclaimer: Please note I haven’t read the book. I see there are numerous authors involved in this work and my comments are based entirely on the Q & A which, as I said, didn’t encourage me. Which is a shame for the other authors.
