SOA Governance - SOA Software

By: Society Of Composers, Authors & Music Publishers Of Canada  09-12-2011
Keywords: Enterprise Architecture, Integrated Soa Governance

Many large organizations are reducing costs, improving agility and reducing risk with enterprise SOA programs.  In order for SOA initiatives to succeed they need to follow sound Enterprise Architecture practices.  Companies realizing the most success are those that have built an Integrated SOA Governance infrastructure that governs a wide range of assets and artifacts through their entire lifecycle.

Integrated SOA Governance helps enterprises:

  • Ensure that services they identify, design and build are relevant and consumable across all distributed and mainframe platforms like Microsoft, SAP and IBM.
  • Make services they expose from applications running on any platform visible to and compliant with enterprise policies defined, enforced and audited across other platforms
  • Promote, ensure and formalize consistent alignment between demand from service consumers and the supply of services through Consumer Contract Provisioning.

In a nutshell SOA Governance is about making sure that the enterprise builds the right things, builds them right, and makes sure that what it has built is behaving right.  This breaks down into distinct areas; Planning Governance is about making sure that you are building the right things, Development Governance is about making sure you’re building them right, and Operational Governance is about ensuring that what you’ve built is behaving right. 

Integrated SOA governance ensures the applicability, integrity and usability of a wide range of assets through all their lifecycle stages from asset identification through deprecation.  The full lifecycle is split into planning governance, lifecycle governance, and operational governance, with a cross-cutting policy governance theme.

    Integrated SOA Governance promotes the core SOA governance best practices of:

    • Governance Automation - lifecycle management workflow to implement building permit process, integrated provisioning and lifecycle management, and inter-departmental contract management and negotiation
    • Uniform Policy Management - uniform lifecycle and policy governance across existing platform investments
    • Meta-data Federation - seamless, heterogeneous SOA Governance, security and management integration with no requirement to introduce additional platforms to support the required architecture
    • Service Virtualization - performance and reliability, standards support for governance automation (UDDIv3, WS-MEX), standards-based closed-loop governance system
    • Trust and Management Mediation - Interoperability across disparate partners and platforms, trust enablement and trust mediation complementing threat prevention systems
    • Continuous Compliance and Validation - consistent policy implementation and enforcement across all stages of the lifecycle, preserving the fidelity of the governance models, structures and mechanisms
    • Change Impact Mitigation - provides change management and impact analysis processes integrated with the governance workflow to ensure that changes to services or other assets don’t cause major outages
    • Consumer Contract Provisioning - provides offer, request, negotiation and approval workflows for service access, capacity, SLA and policy contracts

    Leading industry analysts like Gartner recognize the importance of deep integration between the different governance solutions and tools to provide a comprehensive integrated SOA governance solution.

    Policy Manager and Repository Manager provide a comprehensive registry/repository solution for SOA asset lifecycle management.  Using this solution architects, developers, security administrators, and operations managers can define and govern policies that are applied to services throughout the appropriate stages of their lifecycle.  These policies are automatically implemented and enforced by SOA Software’s industry-leading Service Manager, and other standards-based SOA runtime products.  Service Manager generates usage, performance and policy compliance metrics that it delivers back to Policy Manager so that it can audit that its policies are being enforced in a closed-loop process. 

    The alternative to a closed-loop solution is a set of stand-alone applications for governance, management and security.  These solutions may offer loose integration, but we have yet to identify a single organization that has successfully integrated stand-alone solutions in a production environment. 

    On one hand, stand-alone run-time solutions don’t deliver higher value design-time, or governance capabilities.  They require central policy management, don’t offer developer or architect services, and have no understanding of the relationship between a provider and a consumer.

    On the other hand, design-time, and governance solutions can only deliver value when they are built on a runtime foundation.  They require a run-time solution to enforce policies; they need the run-time to provide statistics and metrics for demand, capacity, and value monitoring; and they also need the run-time to provide an audit trail to ensure that messages comply with defined policies.

Keywords: Enterprise Architecture, Integrated Soa Governance

Contact Society Of Composers, Authors & Music Publishers Of Canada


Print this page

Other products and services from Society Of Composers, Authors & Music Publishers Of Canada


Repository Manager - SDA Mapping and Discovery

With Smart Controls™,organizations can easily control the service production and consumption process from requirement definition to development.Service consumption processes can be defined to control access to sensitive artifacts until approval is granted, minimizing developer access to rogue, and untraceable services.


Standards Support - SOA Software

Configuration of the WS-RM capabilities is done via WS-RM policy assertions specifying the behavior of the exchange.Supported Namespaces. Both XSLT 1.0 and 1.1 style sheets are supported by the Service Manager XSLT engine. Non SOAP messages (aka XML-over-HTTP or plain-old XML ) can also be routed.


Portfolio Manager – Industry’s first SOA Portfolio Management product

Unplanned SOA Programs will fail because project-specific services will not be flexible enough to support generalized reuse, and without early success, application development teams won’t see the potential value in working to move to SOA and the organizational culture will not evolve as needed to support a successful SOA program.


Product Overview - Comprehensive SOA Infrastructure

Portfolio Manager, Repository Manager, Policy Manager, and Service Manager together deliver an Integrated SOA Governance automation solution that ensures that companies build the right services, build services right, and run services right. SOA Software’s,,, and combine to form a comprehensive Integrated SOA Governance Automation solution, with providing a governable Mainframe SOA platform.


Service Manager - SOA Policy Management and Governance

SOA Software offers delegates for Java applications and .NET, and packages the delegate in a wide range of forms with simple, non-invasive deployment options for most common service platforms and containers, including ESBs and business process management tools.


Policy Manager - comprehensive closed-loop SOA Governance

These contracts are created through a negotiation process, supported by ad-hoc collaboration between vested constituents and can be enforced by a standards-based SOA run-time security and management solution like Service Manager. Policy Manager™ is a comprehensive SOA Policy Governance Automation solution offering unique governance processand collaboration capabilities to instill consistency and accountability and encourage desired behavior.


SOLA Mainframe - SOA Software

On top of this, SOLA’s built in monitoring, logging and auditing capabilities, as well as its standards based architecture combine to make SOLA fully governable by external governance products like SOA Software's Policy Manager. SOLA provides customers with a fast and easy process to expose mainframe applications as secure Web Services, and allows mainframe applications to consume Web Services.