SOA Governance Framework – SOA Governance Process Information Entities


This appendix describes all information used by The Open Group SOA Governance Framework. The individual artifacts are grouped into a set of components that belong to the high-level areas of the SOA Governance Framework.

Governing Process Artifacts

  • Compliance artifacts
  • Dispensation artifacts
  • Communication artifacts

Governed Process Artifacts

  • Enterprise architecture
  • Service description
  • Service roadmap
  • Solution description
  • Solution roadmap

SOA Governance Vitality Method (SGVM) Artifacts

Plan phase:

  • Maturity assessment
  • SOA governance vision & strategy
  • SOA governance scope
  • SOA governance principles

Define phase:

  • Descriptions of governed process and associated guidelines
  • Descriptions of governing processes and metrics
  • Description of SOA governance organization, roles, and responsibilities
  • Descriptions of SOA governing processes artifacts
  • Description of SOA governance technology
  • Implementation plans for SOA governance organization, roles, and responsibilities, SOA governing processes, and SOA governance technology

Implement phase:

  • Adoptions of the artifacts from the Define phase
  • ….

Monitor phase:

  • Collected metrics from the SOA governing processes
  • Collected metrics from the SOA governed processes
  • Change plans for governing and governed processes

SOA Governing Process Artifacts

Information Artifact


Appeal Record

Documentation of an appeal to an exception and the resolution.

Exception Record

Documentation of an exception at a compliance checkpoint.

Dispensation Record

Documentation of a dispensation to a exception.

Compliance Record

Documentation of the approval at a checkpoint.

Communication Plan

A plan describing how information about SOA governance should be communicated.

SOA Governed Process Artifacts

Enterprise Architecture

This information applies to the overall SOA implementation within the organization.

Information Artifact


Business, IT, and SOA Principles

Business, IT, and SOA principles will guide the decision-making for SOA-based solutions.

IT Funding Model

Description of existing IT funding model for the business domain(s) and the IT group(s) supporting that business domain.

SOA Governance Principles

Principles used for guiding the SOA governance within an organization.

SOA Maturity

A measure of the progression of the organization’s adoption of SOA.

Service Description

The service description information component contains all the information about a service from inception to run-time.

Information Artifact


Service Contract

There is a contract between a service provider and its consumers for the performance of that service.

Contains expected or required volume and other qualities of service requirements.

Service Exceptions

Records of service contract exceptions and contract violations and resolution.

Contract Violation Resolution

Resolution of contract violation:

  • Agreement of parties to meet the terms of the contract
  • Amendment of contact

Cancellation of contract

Service Performance Reports

Performance reports for the service are produced as required by contracts or for financial reports.

Service Requirements

Description of the service(s) function, visibility, and access methods supported, including:

  • A description of any known quality of service or capacity requirements (non-functional requirements)
  • Confidentiality, privacy, audit, and data integrity concerns above and beyond those listed in the Reference Architecture
  • Definition of any common information models that will serve as the basis for entities that are passed to and from services

It also contains service identification results and any requirements documents gathered in the service focus and identification phases

Service Change Proposal

Proposal of change in a service.

Service Ownership

Description of the service ownership including:

  • A document recording the service ownership model and the rationale for the service ownership model for a business domain
  • Should include contact details for requesting and authorizing changes to the service and the decision-making, or “governance” plan specific to that service
  • Confirmation that the service is in the right domain or if it is cross-domain, or if it is application/solution-specific

Service Classification

A taxonomy used to indicate that a service belongs to one of several predefined types based on the nature of the logic it encapsulates, the re-use potential of this logic, and how the service may relate to domains within its enterprise.

For example, the following three service models are common to most enterprise environments, and therefore common to most SOA projects:

  • Task service – performs a task within a business process
  • Entity service – performs a CRUD against an information element
  • Utility service – performs a common processing function such as logging

Service Identity

Description of the service identity including, for example:

  • Proposed service name
  • Proposed service description

Service User Interaction Report

Report on an interaction with a service consumer.

Incident Report

Report on a specific incident with a service usually detected by the consumers or end-users.

Problem Report

Report on problem with a service usually detected by the service monitoring and management process.

Service Performance Feedback

Feedback report(s) to service repository to help ensure trust in service.

Service Infrastructure

The description of IT infrastructure available to support the service contracts (i.e., system pools and failover plans).

Service Audit Reports

Information is produced for periodic security or regulatory audits as well as any security incident reports.

Service Test Results

Description of the test results.

Service Metrics

Service metrics define specific metrics for measuring the reliability of a service and how those metrics are to be transferred from the service to a manager. For each service that requires monitoring, the organization will define the Quality of Service (QoS) requirements for the service and these six metrics that will help the organization manage its services:

  • Number of requests
  • Number of failed requests
  • Number of successful requests
  • Service time
  • Maximum response time
  • Last response time

Also monitoring requirements for the service to support audit, logging, charge-back, and financial reporting.

Service Processes

Processes that the service is participating in.

Service Realization Plan

Defines the key activities of the analysis to build the service, including the service deployment platform.

Service Characteristics

Description of the service capacity, performance plan, and supported qualities of service.

Service Deploy Results

Description of the service deployment results including:

  • Publicizing the service
  • Deploy environment
  • Deploy configuration

Service Definition

The textual description of a service for others to understand its purpose.

Service Test Plan

Plan to validate the accuracy of the service functionality.

Service Test Metrics

Metrics resulting from the service validation and testing.

Service Techniques

Defines the techniques required to design, assemble, test, and deploy the service. These can be predetermined by the Service Portfolio and SOA Reference Architecture.

Service Interface Design Model

Detailed design and specification of the service including:

  • Service policies to be used

Detailed design of the interface definition:

  • Model via use-cases or sequence diagrams to analyze and understand the necessary scope of the new service and how it would be used
  • Supporting documentation; for example, if a data set is part of the arguments or returns, it will need to be referenced or described in detail
  • For web services interfaces, the WSDL definition file and associated XML Schema definitions if needed
  • For non-web services interfaces, specific artifacts will vary, but should be stored here

Services Model

Model to depict the logical relations and characteristics of services.

Service Implementation Design Model

Description of the service implementation design including:

  • Identified service implementation patterns
  • Legacy re-use patterns
  • Re-used legacy functionality
  • Re-used services and their contracts

Service Policy

A service policy offers mechanisms to represent the capabilities and requirements of a service.

Service policy metadata can describe the capabilities and requirements of a service; i.e., representing whether and how a message must be secured, whether and how a message must be delivered reliably, whether a message must flow a transaction, etc. Exposing this class of metadata about the capabilities and requirements of a service enables tools to generate code modules for engaging these behaviors. Tools can use this metadata to check the compatibility of requestors and providers. The Web Services Policy standard can be used to represent the capabilities and requirements of a web service.

Each service can have one or more policies associated with it. Normally, the service policies are not implemented as part of the service itself, but reside outside the service implementation as metadata and can be changed at any time.

Implemented Service

Description of the implemented service including:

  • Code, documentation
  • Deployment platform
  • Used legacy functionality
  • Used external services

Service Portfolio Management

Information Artifact


Service Roadmap

A description of the service roadmap, by quarter or by project, over the next two to five years. These are referenced to particular business initiatives to simplify adapting service portfolio plans when business plans change.

Service Usage Plan

Plan for how existing services should be used.

Service Incentive Model

A program to encourage or reward solutions for re-using existing services or developing new services for the service plan.

Business Needs

The business needs initiating the solution.

Service Funding Model

Description of the rules for service funding as well as enhancing the services and mechanisms used to provide incentives for service re-use (or charge-back) including:

  • Defines the service funding model and the rationale for the service funding model
  • Should include whether the funding model is designed to encourage re-use of the service (incentive and disincentive models)
  • Should specify the project that will bear the cost of developing the service for re-use and if and how cost savings/increased revenue will be directed to the service owner
  • Funding plan guidance for complementing the schedule for the service realization and operation
  • Funding plan for shared SOA infrastructure used – examples are registry/repository and service bus
  • What’s wrong with the funding model for the network/phone infrastructure… treat them as common IT services from a funding perspective… user count or transaction count?

Service Catalog

A collection of available services. A catalog may be stored in electronic or physical media.

Service Change

Any update to an existing service.

Contract Violation Resolution

Documentation that describes the results of a service contract non-conformance.

Solution Description

The solution description component contains all information about the component from requirements to run-time.

Information Artifact


Solution Testing Metrics

Metrics resulting from the results of the solution validation and testing.

Solution User Interaction Report

Description of solution user interactions.

Solution Version

An updated iteration or variation of a solution.

Solution Audit Results

Validation results of an independent evaluation of a solution’s functionality and conformance to the solution requirements and organization’s legal obligations.

Solution Design

The design of the solution.

Solution Techniques

The techniques to be used to implement the solution.

Solution Model

The design model of the solution.

Solution Definition

The general definition of the solution including, e.g., purpose, scope, context.

Solution Canonical Information Model

Represents the universal concept and format of solution data without regard to specific source or target system implementations.

Solution Process

Description of the processes of the solution.

Solution Deploy Results

Report of certification for the deployed solution:

  • Test results for the final configuration and execution of tests that can only be done on final configuration due to variance from test configuration (such as confidentiality verification)
  • Report of capacity and operational and virtualization plan based on load requirements
  • Document describing the IT environment configuration and virtualization techniques used (if any) to meet the solution requirements
  • Should include a list of any shared services used for service dependencies

Solution Change Proposal

Description of proposal for solution change.

Solution Requirements

Description of the requirements of the solution including:

  • Process requirements
  • Business rules
  • Functionality needs

Solution Incident Reports

Description of a solution incident usually detected by the consumers or end-users.

Solution Problem Reports

Description of solution problem usually detected by the service monitoring and management process.

Solution Performance Report

Description of the performance of the solution.

Solution Constraints

Description of constraints on the solution such as:

  • Schedule
  • Resource (business and IT)
  • Cost

Solution Audit Reports

Information is produced for periodic security or regulatory audits as well as any security incident reports.

Solution Modeling Metrics

Numerical statistics associated with a solution model. Examples include number of input systems, number of interfaces, and number of services.

Solution Constraints

Constraints on the solution which limit its scope, functionality, cost, design options, architecture, etc.

Solution Test Results

Description of the solution test results.

Solution Test Plan

Description of the test plans to validate the solution’s functionality and performance.

Business Case

Business case for new investment (business and IT development). This could also be initiated as a cost-savings exploration initiative.

Solution Realization Plan

Description of the key activities of the analysis to build the solution and the techniques required in design, assembly, testing, and deployment of the solution.

Solution Architecture

Description of the solution including:

  • Process requirements
  • UI requirements
  • Information requirements
  • Functional requirements
  • Non-functional requirement
  • Security requirements
  • Agility needs

SOA Solution

Description of the implemented solution including:

  • Code, documentation
  • Deployment platform
  • Used internal & external services

Solution Roadmap

The solution roadmap information component contains an up-to-date roadmap of planned development and integration activities.

Information Artifact


Solution Roadmap

Description of the solution roadmap including any anticipated solution sunset (end-of-life) plans.

SGVM Artifacts

This section describes artifacts used and created in the SOA Governance Vitality Method (SGVM).

Plan Phase

Information Artifact


Maturity Assessment

An evaluation of the organization to determine its level of SOA governance adoption.

SOA Governance Vision and Strategy

The long-term SOA governance goals and action plans for successfully achieving the goals.

SOA Governance Scope

The breadth and depth boundaries of the SOA governance program.

SOA Governance Principles

The underlying foundational beliefs of an SOA governance program.

Define Phase

Information Artifact


Governed Process and Associated Guidelines

The processes and guidelines which the governed processes follow to adhere to the SOA governing processes.

Governing Processes and Metrics

The directional processes and numerical measures which are followed by SOA solutions to implement SOA governance.

SOA Governance Organization, Roles, and Responsibilities

The organizational structure, duties, and obligations of its members.

SOA Governing Processes Artifacts

The documents and templates developed to support the SOA governing processes.

SOA Governance Technology

The products which are used to implement and enforce SOA governance.

Transition Plans for SOA Governance Organization, Roles, and Responsibilities

Plans to evolve or migrate the SOA governance organization, roles, and responsibilities.

Transition Plans for SOA Governing Processes

Plans for maturing and changing SOA governing processes.

Transition Plans for SOA Governance Technology

Plans for migrating or transferring from one set of SOA governance-related technologies to another, such as a next generation software technology.

Implement Phase

Information Artifact


Implementation Plans

Plans to deploy and execute SOA governing processes and SOA governed processes within an organization.

Monitor Phase

This information relates to the continuous improvements of the SOA governance activities and processes.

Information Artifact


SOA Metrics

Statistics that are regularly gathered as part of the normal SOA process to measure what is happening or not happening.

SOA Governance Checkpoint Metrics

Statistics that are regularly gathered as part of the normal SOA Governance Checkpoints to measure what is happening or not happening.

SOA Processes Change Document

Document which identifies the changes needed in the current effort to optimally perform SOA at this organization. This document will be used by the SOA governance effort to drive the needed changes.