• SOA Source Book
• Service-Oriented Architecture
• The Open Group Service Integration Maturity Model (OSIMM) Version 2
• SOA Reference Architecture
• Service-Oriented Cloud Computing Infrastructure (SOCCI) Framework
• Using TOGAF to Define and Govern Service-Oriented Architectures
• SOA Governance Framework
• Service-Oriented Architecture Ontology Version 2.0
• Legacy Evolution to SOA
• Microservices Architecture
• SOA for Business Technology
• Navigating the SOA Open Standards Landscape Around Architecture
• Executive Summary
• Introduction
• Description of Targeted SOA Open Standards Technical Products
• How the Technical Products Fit Together
• SOA Core Concepts
• Open Standards Work on SOA Governance
• Guidance and Usage of Technical Products
• Summary
• References
• Acknowledgements
• About the Authors
• Legal
• SOA in the Digital Age

SOA Work Group

SOA Standards Discussion Forum

SOA Work Group Members Page

Navigating the SOA Open Standards Landscape Around Architecture – Open Standards Work on SOA Governance

SOA Governance frameworks are defined both in The Open Group SOA Governance Framework [15] and as a chapter in the OASIS Reference Architecture for SOA Foundation [6]. The OMG SOA Governance RFP development group [36] is also exploring the standardization of SOA governance. While the understanding of SOA governance provided by these works is similar, they are written from different perspectives. Each specification supports the same range of opportunity, but has provided different depths of detail for the perspectives on which they focus. The following table outlines some of the aspects of the governance specifications that had different emphasis.

SOA Governance Concepts

These works define similar concepts for SOA governance, SOA governance frameworks, and SOA governance reference models:

• SOA Governance is an enhancement of enterprise governance that recognizes the distinct concerns of SOA, particularly sharing of services/capabilities across organizational boundaries, that ensures continued alignment of business goals and SOA solutions. It covers the definitions of standards, guidelines, policies, and metrics for current SOA processes which are monitored with compliance processes.
• SOA Governance Framework includes organizational, technology, and process governance customized for an organization.
• SOA Governance Reference Model (The Open Group) and Generic Model for Governance (OASIS) establish the core concepts of SOA governance and the relationships between them.

Many of these core concepts are core to governance in general and not specific to SOA. As a result of different perspectives, there is different emphasis, focus, and detail in the reference models. The core concepts are very similar in both reference models and are summarized and compared in this section:

• EA Governance – We agree that IT, EA, and SOA governance influence each other. We agree that if an EA is available, then it should provide a foundation for governance; if no EA work has been done, then much of that work will become part of the SOA and SOA governance work.
• People – We agree that SOA governance involves roles including stakeholders, where the stakeholders may include organizations, boards, and other groupings that facilitate defining and assigning the responsibilities of governance.
• Technology – We agree that it includes technology for enabling SOA governance. We agree that SOA governance should provide guidance to and ensure that SOA IT infrastructure used as part of SOA is used according to policies, rules, and regulations. We agree that SOA and SOA governance influence IT infrastructure and IT governance.
• Guiding Principles – We agree that The Open Group guiding principles are roughly the same as the OASIS policies, and provide a means for aligning business and SOA objectives and influencing how SOA governance is defined and deployed.
• Roles – We agree that roles and responsibilities should be considered as part of an organization’s SOA and that participants in SOA include stakeholders, leadership, and governance bodies.
• Governing Processes – We agree that it must be possible to assess compliance and respond appropriately, where the response may be recognition/benefits for exemplary compliance, dispensation where flexibility enables accounting for local conditions, or penalties where compliance targets are missed. The actions of governance must also be communicated to the stakeholders. The governing processes are enabled by the implementation of:
  
  Checkpoints – We agree that checkpoints – identified stop points to check for governance compliance – can be used to enable governance of SOA solutions.
  
  Metrics – We agree that metrics should be identified and collected to support compliance and monitoring. We agree that metrics should be available to relevant stakeholders.
  
  Artifacts – We agree that governance is supported by artifacts which include service descriptions, policies, and documentation on the governance regimen and governing processes.
• Governed Processes – We agree that the target of SOA governance includes services, solutions, technology, and processes. We agree that SOA solutions and lifecycles should be governed; however, OASIS does not get into the details of doing this.
• Vitality – We agree that SOA governance is an ongoing process that should have a feedback loop to keep it current and aligned with long-term goals for SOA in the organization. We agree that plan, define, implement, and monitor stages occur iteratively as part of the ongoing process of governance and to ensure vitality.