Some of the key challenges are:

• The correct identification of a business service with appropriate granularity and reuse potential
• Achieving the objective of semantic interoperability by standardizing on canonical data models for service interface
• Ensuring uniformity in SOA implementations across project groups by enforcing best practices, standards, and guidelines
• Overcoming the mistrust and hesitation of service providers and consumers
• Building a common vocabulary for sharing service information across different business units or departments
• Breaking the barriers of the traditional organizational culture and behavior to ensure ongoing participation by service providers and consumers
• Inducing discipline in decision making

The only way to adopt SOA successfully is to address these challenges first. These challenges impose the need for SOA governance. Some of the key objectives (see Figure 1) of SOA governance should be to:

• Introduce discipline while carrying out various processes related to the service lifecycle (Service identification-Service operation) by applying appropriate policies
• Create a culture of openness and cooperation by encouraging participants through rewards, incentives, and recognition programs
• Ensure effective collaboration by instilling trust and confidence
• Control decision-making by setting up organizational structures with appropriate responsibilities and accountability

SOA Governance
Until now, governance has been perceived as a luxury during the pilot phases. It is often underestimated as a mechanism to publish and discover business services by means of the registry tool. As SOA adoption moves from the pilot stage to the payoff mode, it's imperative to rethink SOA governance. Governance is required from day one, the cost of establishing governance late in SOA journey is much higher than if you adopt it early on.

The core of any governance is to ensure a desirable outcome in its discipline; the same applies to SOA as well. Business services are the primary artifacts in SOA and need governance to ensure high-quality enterprise-wide reusable/shared assets (business services) are being developed to meet the goal of business agility.

Effective SOA governance is what will separate leaders from dawdlers. Governance is a MUST in the overall SOA strategy and will form the base for adopting SOA in an organized manner. The very first step in establishing effective governance is to define a Governance Model. This process involves identifying and defining various artifacts related to goals, principles, policies, processes, models, metrics, and role responsibilities. Implementing a Governance Model by choosing the right technologies and tools would be the next step.

Governance Model Overview
The key areas of a Governance Model are depicted in Figure 2

Goals and Principles
Setting up the goals is the first step; shorter time-to-market, cost saving, and process flexibility are among the key objectives of a SOA. Aligning with business needs, goals need to be defined in concise, clear, and measurable terms. Then define a strategy such as focusing on specific domains or functional areas with high service reuse potential and ROI. For example, the customer service domain - targeting consolidation of customer-related business services spread across various LOBs. Well-defined goals and accompanying strategies will help to articulate a SOA vision clearly.

Defining the fundamental set of SOA principles is necessary to establish the common consensus as to how SOA should be used while developing enterprise SOA solutions.

Some of the basic SOA principles are:

• A business service should have a coarse-grained interface
• A business service should be exposed using a technology-agnostic interface and protocol
• A business service should adhere to enterprise-wide technology and semantic interoperability standards
• A business service should be autonomous. Any changes to its implementation technology, runtime environment, or location should not impact the service consumer
• The Interaction between a service consumer and a service provider must follow a document-oriented style of communication
• A business service must be discoverable by consumers belonging to other business units or LOBs
• A SOA infrastructure must provision for protection of the sensitive information exchanged between consumer and provider

Policies
Policies are central to governance. Start with identifying the core set of processes to be governed. Though the policies can be applied at various levels such as business, architecture, service, and technology, we will limit our discussion to business services

Some of the key challenges in the SOA space are:

• Reuse - How to ensure that business services are being developed for optimal reuse and interoperability?
• Adoption - How to ensure that business services have proper visibility, and there is a smooth and productive collaboration among LOBs
• Sustenance - How to ensure SOA sustains in the long run

In view of thes challenges, core processes have to be identified in the areas of service lifecycle, collaboration, and sustenance. Governing these processes would require identifying the control points within them and applying appropriate policies to control the outcome. The challenge here is to define policies prudently; they should not be too strict or too lenient. They should be reasonable enough to make their adoption smooth and acceptable. Figure 3 shows the sample abstract of processes and control points within processes to which policies can be applied.