Keys To Successful Governance With Soa3674

Welcome
to Transformation and Innovation 2007

The Business Transformation Conference
Dr Mohamad Afshar Ben Moreland

Sr. Director, Product Management Director, Foundation Services
Oracle Corporation The Hartford
SessionTitle:
Keys to Successful Governance with SOA
May 22-24, 2007 1

The Business Transformation Conference Washington Dulles Hilton
<Insert Picture Here>
Peter Weill
Professor, MIT
“Specifying the decision rights and

accountability framework to
encourage desirable behavior in the
use of IT.”
May 22-24, 2007 2

leadership and organisational
structures
Delivery and
ofprocesses
value to that
the
ensure that the organisation’s
Organizational IT
structures
business and mitigation of
sustains and
and extends thethat ensure
processes
risk: Not about
mitigation making specific
through
organisation’s strategies and
organizations
accountability IT sustains
IT decisions
in the (management
objectives
and
enterprise;extends
does
driventhe
that),
IT Governance by but rather
Institute
organizations
strategic alignment strategy
determines which
Establish chains of responsibility
and objectives
individuals and roles with
authority and communication to
the company
empower people (decision rights)
systematically make and
And establish
contribute to those measurement
Governance and
is about getting
decisions. policypeople
controltomechanisms
do the rightto
thing at
enable people
the rightto carry
time out right way
in the
their roles and responsibilities
May 22-24, 2007 3

Marks of Good IT Governance With SOA
Differentiated Business Strategies Enabled by SOA

Business Objectives for Evaluating SOA Investments
Executives Engaged and Can Describe Arrangements
Stable with Few Changes Year to Year
Well-Defined Formal IT Exception Processes
Multiple Formal Communications Methods to Engage
Business Leaders
May 22-24, 2007 4

Where Do You Stand?
? SOA by Accident SOA By Design

IT Plan Non Existent or Not IT Plans Aligned with Business
Aligned with Business Plan Plans and Initiatives
IT Reactive to Business SOA Strategy that is
Initiatives Communicated Widely
No SOA Strategy Well-Defined Business Benefits
No SOA Roadmap Sought from SOA Strategy
Silos of SOA SOA Roadmap Aligned to
Deliver on Business and SOA
Strategy
May 22-24, 2007 5

Governance is Key to Delivering on SOA by Design
Business Strategy
Business Plan
Governance with SOA
Delivery With Control &

Reduced Risk
SOA Roadmap
SOA Strategy
EA Strategy
May 22-24, 2007 6

Constituents of a SOA Roadmap
SOA Strategy
Buy-in from Business
Leverage Projects to Build Infrastructure
SOA Benefits Expected
Business Services
Portfolio Plan
SOA Roadmap Planning Helps
Which Services, When
Avoid Duplicated Effort, Realize
Risk Identification SOA Benefits Earlier and
and Mitigation Support Improved Ability to
Against them Deliver Projects to SOA
Source of Risk
How to Lessen Impact Risk Profile For
Projects
SOA Requires Capability
Planning
Capability Development
to Improve Ability
to Deliver on SOA Project Prioritized Projects
SOA Requires Competence In Project Portfolio
in a Range of Areas Leverage Services Portfolio
Maximize Reuse
Align with Platform Availability
May 22-24, 2007 7

Essence of Governance with SOA
Policies
(What)
Decisions Processes
(Who) (How)
GOVERNANCE with SOA ADDRESSES

•What decisions must be made for effective management
•Who should make those decisions and who has input rights?
•How will the decisions be formed and enacted
May 22-24, 2007 8

Key Leverage Points for SOA Governance |
Prevalent View
Financial
People Service Funding Model
Portfolio
Roles & Responsibilities Service Usage Fees Projects
EA Group Platform Funding Business Services
Service & Process Owners Applications
Service Ownership Capacity Planning

Projects /
Service Service Lifecycle Gov DRIVEN BY Enforce Service Levels Operations
EXECUTIVES
Lifecycle Shared Artifacts Enforce Policies
Strategic SOA Platform Reference Architectures

Data Ownership Architectural Standards
Enforce Platform Decisions
Shared Foundation Srvcs Data Standards Blueprints & Patterns
Technology Data Quality

Architecture
Information
May 22-24, 2007 9

Key Leverage Points for SOA Governance |
Full Picture
Financial
People Service Funding Model
Portfolio
Service Lifecycle Gov DRIVEN BY Enforce Service Levels

Projects EXECUTIVES Operations
Shared Artifacts Enforce Policies

Data Ownership Architectural Standards
Enforce Platform Decisions
Technology Data Quality

Architecture
Information
May 22-24, 2007 10

Financial
SOA may require governance of new policies and
procedures around SOA Funding and Chargebacks
Distribution of Budget
– Funding the SOA Journey and Programs
Allocation and Funding of SOA Software License, Hardware
– Based on Priorities
SOA Center of Excellence Funding
– Allocating cost of SMEs
– Covering costs of outside consulting
Defining the Service Usage Fee Model
– Chargebacks for shared services usage
• Foundational, architectural services such as Error
Handling, Notification, etc.
• Business Services built by projects such as Customer
Lookup, Item Validation, etc.
– Allocating support costs (operations, enhancement, bug fix)
of shared services
May 22-24, 2007 11

Portfolio
Successful SOA Governance requires alignment of
the IT Portfolio with the SOA Strategy and Roadmap
Application Portfolio Planning

– Ensure application lifecycles (upgrades, enhancements,
maintenance, sunset) are consistent with the SOA Strategy
Infrastructure and Technology Portfolio Planning
– Ensure hardware and software agendas are consistent
with the SOA Strategy
Project Portfolio Management
– Create projects to align applications and infrastructure to
the milestones and goals of the SOA Roadmap
Services Portfolio Planning
– Business Services Portfolio
– Foundational/Technical Services Portfolio
May 22-24, 2007 12

People
SOA is not only a Technology Shift. Policies governing
employees must be included in SOA Governance
Clarity Around Roles and Responsibilities Enable and Support People Making the
– Process Ownership – NEW Change
– Service Ownership – NEW - Organize around the SOA Vision
– Architecture • Knowledge Centers – SOA CoEs
– Development Approach - NEW • Enterprise Architecture Group
– Testing Approach • Cross Project Governance Board
– Operations • Foster Innovation and Creativity
– Training – Demonstrate Leadership
• Affirm Executive Buy in and
Support
• Monitor progress
• Provide Rewards/Incentives
May 22-24, 2007 13

Projects
Policies, processes and decisions must guide the projects
designed to deliver on the SOA Vision
Project Prioritization
– Align with Strategy/Roadmap
Ongoing Service Ownership and Management
Consistency in Service Implementation
– Design, Code Reviews
Create, Store, Find Shared Artifacts
Utilization Shared Services
Service Lifecycle Governance
Business Process Lifecycle Governance
May 22-24, 2007 14

Service Lifecycle
Proper Service Lifecycle Governance is a critical component of SOA
success. Without this, you may have services and SOA technology, but you
will not realize benefits of an enterprise Service Oriented Architecture
Service Identification and Design

– Services Identification Framework
– Service Interface Design
– Approving a Service
Service Development
– Consistency in Service Implementation
– Building for Reuse
Service Deployment
– Publishing a Service
Service Operations
– Policies Relating to Services - Security
– Service Change Requests
– Service Versioning
– Service Retirement/Sunset
May 22-24, 2007 15

Architecture
SOA Architecture provides the foundation to ensure consistent,
shareable services
Standards Compliance
– WSDLs WS-I Compliance
– Architecture Assessments
– Review & Change Processes
Reference Architecture(s)
Guidelines
– Service Interface Design
– What to Repeat (patterns)
– What to Share (reuse)
Blueprints
– Multi-Channel
Patterns
– Data Integration
Architecture Documents
– Goals, Use Cases, Views, Standards
May 22-24, 2007 16

Technology
Technology must be identified, sourced and managed like any
other component of SOA - It is not a one-time “fire-and-forget”
decision
Select technical technical solutions that
adhere to industry standards
Platforms and Infrastructures should Evolve
– Aligned with Service Portfolio Plan
and SOA Roadmap
Build Consensus to Migrate to an SOA
Platform
Enforce Platform Decision Across IT Teams
Manage Timing and Implementation of SOA
Platform Enhancements
Design and Build Shared Foundation
Services as Part of SOA Infrastructure
May 22-24, 2007 17

Operations
Operations of an SOA could be different than standard IT operations.
Changes to existing, or even new policies may be needed to govern
Operations for a SOA
Develop an Operational Model for Services

Formalize Capacity Monitoring and Planning
Control Service Execution
– Define/Enforce Service Levels
– Define/Enforce Runtime Policies
(Security, Access, Logging, Billing)
SOA Infrastructure Monitoring and Management
Polices for Review and Handling of Exceptions
and Violations
May 22-24, 2007 18

Information
Unless data quality and interoperability issues are addressed,
SOA apps will rest on top of a very weak foundation.
Establish Data Ownership and Stewardship Model:

– Define Roles & Responsibilities for Data
Consumers and Produces
– Set Data Standards
Build a Data Services Architecture
Mandate Data Access:
– Schemas for Exchanging Core Enterprise Data
– Services as Single Sources of Truth Key Enterprise
Entities
– Policies for Access Control
Policies for Resolving Data Conflicts to Improve
Data Quality
Policies for Ensuring Quality of Service
Performance Tuning of Data Services for Multiple
Application Scenarios
May 22-24, 2007 19

6 Steps to Successful SOA Governance
1. Define Goals and Strategies
2. Define Standards, Policies, Procedures

Around Financial, Portfolio, Project, Service, etc
6. Refine and Go to the Next

Level of SOA Maturity
These 6 steps allow a company
to incrementally develop 3. Define Metrics
and mature their overall SOA
and thus business goals
5. Analyze and Improve

Existing Processes 4. Put Governance
Mechanisms in Place
May 22-24, 2007 20

Goals & Strategies
Business and IT Goals

SOA Strategy
Existing Capabilities
SOA Roadmap
Journey Management
May 22-24, 2007 21

Create Standards, Policies & Processes
Governance Enterprise
Board Architects
Executives
Communicate
Business Analysts
Create
Manage Developers
Feedback & Monitor Architects
Policies
IT Managers
Issues:
•Decision Rights
•Input Rights Administrators
•Exception Management
May 22-24, 2007 22

Define Metrics for Success
Why Measure ?
– Ensure Business Goals
– Deliver SOA Strategy
What to Measure ?
– standards, compliance, # of projects adhering to processes, #
of reference architectures, usability of reference architectures,
# of exceptions, # of services created, # of reusable services,
service reuse metrics, etc
How to Measure ?
– What can be automated?
– What can be easily captured?
May 22-24, 2007 23

Put Governance Mechanisms in Place
1. Decision, Policies, Processes
Financial
Service Funding Model
People Portfolio
Service Lifecycle Gov DRIVEN BY Enforce Service Levels

Projects EXECUTIVES Operations
Shared Artifacts Enforce Policies
Data Ownership
Enforce Platform Decisions Architectural Standards
Technology Data Quality Architecture
Information
May 22-24, 2007 24

Put Governance Mechanisms in Place
2. Mechanisms
Vision for Governance Endorsed by Executives
– Force Behavioral Change
– Ensure Participation of Appropriate People
Awareness
– Communication & Collaboration
– Center of Excellence
Roles and Responsibilities
– Financial, Portfolio, People, Architecture, Projects, Technology, etc
– Education Strategies
Processes (Automated)
– Capture and Report on Metrics
Administration, Monitoring and Enforcement
– Exceptions Handling Mechanisms
– Upward Communication when Policies are not followed
May 22-24, 2007 25

Analyze and Improve
Metrics on Governance Process Itself

Metrics on Progress of Goals and Roadmap
– How Often are People Going off the Path?
– Do they Tell us When they do?
– Do we need to change restrictive policies?
– Do we need to have stricter enforcement?
What do you do with the Information?
Make Decisions
Create Feedback Loop
May 22-24, 2007 27

Refine and Go to the Next Maturity Level
SOA Strategies, Goals, Objectives Met for this

SOA Maturity Level level
Refine SOA Strategies, Goals, Objectives for
Current Maturity Level
Create New SOA Strategies, Goals, Objectives for
next SOA Maturity Level
May 22-24, 2007 28

May 22-24, 2007 29
May 22-24, 2007 30
The Hartford Financial Services Group, Inc.
Founded in 1810
One of the largest investment and insurance companies in
the United States.
Fortune 100 company
30,000 employees
Two Companies:
– Hartford P&C – Auto, Home, Business insurance
– Hartford Life – investment plans, Life insurance, Group benefits
May 22-24, 2007 31

Step 1: Goals & Strategies – Level 1
Business Goals
– Reduce TCO
– Speed To Market
– Ease of Doing Business
SOA Roadmap
– Project-based (WSM & UDDI Registry selected)
Governance
– “Do No Harm”
May 22-24, 2007 32

Step 2: Create Standards, Policies & Processes –
Level 1
Standards
- SOAP 1.1, XML 1.0, UDDI 2.0, WSDL 1.1
First SOA initiatives were project-based  SOA governance was at

the project (LOB) level
Governance processes created to assess projects against

Reference Architecture (Application)
Aligned LOB architects and project scoring
Created IT Roadmaps and Blueprints
PCAC formed
May 22-24, 2007 33

Step 3: Define Metrics – Level 1
At SOA MM level 1, The Hartford didn’t have any explicit

metrics other than project-based metrics
Discussions around SOA metrics began
No reusability at this point
May 22-24, 2007 34

Step 4: Put Governance Mechanisms in Place –
Level 1
PCAC put in place to score all projects against

Reference Architecture primarily and LOB Roadmap
and Blueprint if they existed
Scoring was a learning exercise at level 1
Assessment process being defined
May 22-24, 2007 35

Step 5: Analyze and Improve – Level 1
Analyzed where we were against business goals

Findings:
– Architecture standards applied inconsistently across LOBs
– Projects going forward that were not moving the overall architecture
in the right direction.
– Initial services deployed showed promise of re-usability with the one
LOB
Are you moving forward or closer to your goals?

– The eB&T organization decided:
• Centralize the enterprise architects and SOA practice (Foundation
Services group)
• Begin to push back on negatively scored projects
• Continue with the SOA initiatives (still project based) due to early
success (primarily insight into SEMCI application)
May 22-24, 2007 36

Step 1: Goals & Strategies – Level 2
Business Goals (same):

– Reduce TCO
– Speed To Market
– Ease of Doing Business
SOA Roadmap
– Project-based (WS-addressing, WS-Security, Central EA
organization)
– Align LOB project decisions with architecture recommendations
Governance
– Score projects to influence business decisions
– Track all projects assessed and not assessed
– Track all projects with and without “architects”
May 22-24, 2007 37

Step 2: Create Standards, Policies & Processes –
Level 2
Standards (added)
- WS-Addressing, WS-Security, Reference Architecture 2.0
Governance processes improved to assess projects against the

Reference Architecture (SOA based) based on CIOs feedback
Project assessments more mature

Enterprise Architecture group formed under CTO (also new)
SOA governance through EA Foundation Services group, but still
project-based
May 22-24, 2007 38

Step 3: Define Metrics – Level 2
# of services (course-grained vs fine-grained)
Service Sharability, Component Reusability
# of projects assessed and not assessed

# of projects with assigned “architects” and without architects
Cost savings on projects based on architecture assessment and re-

use
May 22-24, 2007 39

Step 4: Put Governance Mechanisms in Place –
Level 2
Central EA organization (ASC) for IT Governance
Projects scored and evaluated to “+”, “0”, “-”
Projects assessed as short term adequate, near-long term
adequate and long term adequate
CIOs agree to “tax” if negatively scored project pushed
through to delivery
SAD course developed and delivered to all architects
Service Policies
- WS-Addressing and “contract ID” required for all services
May 22-24, 2007 40

Step 5: Analyze and Improve – Level 2
Analyzed where we were against business goals.

Findings:
– Architecture standards applied consistently across LOBs
– Some projects still being pushed forward with negative scores, but
now high level discussions and justification at executive level
– Reusability in certain LOBs very high, others low
– Still not addressing “Ease of doing business”
– TCO lowered through SOA efficiencies in maintenance
Are you moving forward or closer to your goals?

– The eB&T organization decided:
• 5 year business & IT roadmap developed
• Foundational projects
• Need better metrics
May 22-24, 2007 41

SOA Governance - Level 3
Portfolio transformation program identifying high value business

services
Standards committee and Services committee formed to formalize
standards maturity and P&C SOA policies and procedures
Service criteria and processes defined
Large number of new metrics with constant feedback from CIOs
No projects may be considered without EA involvement
Need SOA Governance automation to scale
May 22-24, 2007 42

Summary
• Increasing SOA Maturity Only

Achievable through SOA
Governance
• SOA Governance Requires More
than Technology
• Build on Existing IT Governance
Mechanisms
• Executive Buy-In Vital to Catalyze
Change Required for SOA
• Complexity of SOA Governance
Proportional to Company Size
May 22-24, 2007 43

Thank
You
Dr Mohamad Afshar Ben Moreland
Sr. Director, Product Management Director, Foundation Services
Oracle Corporation The Hartford
Contact Information:
Mohamad.afshar@oracle.com
Benjamin.Moreland@theHartford.com
May 22-24, 2007 44


Keys To Successful Governance With Soa3674

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Keys To Successful Governance With Soa3674

Uploaded by

Copyright:

Available Formats

Welcome

to Transformation and Innovation 2007

Dr Mohamad Afshar Ben Moreland

May 22-24, 2007 1

“Specifying the decision rights and

May 22-24, 2007 2

May 22-24, 2007 3

Differentiated Business Strategies Enabled by SOA

May 22-24, 2007 4

? SOA by Accident SOA By Design

May 22-24, 2007 5

Governance with SOA

Delivery With Control &

May 22-24, 2007 6

May 22-24, 2007 7

GOVERNANCE with SOA ADDRESSES

May 22-24, 2007 8

EA Group Platform Funding Business Services

Service & Process Owners Applications

Service Ownership Capacity Planning

Strategic SOA Platform Reference Architectures

Shared Foundation Srvcs Data Standards Blueprints & Patterns

Technology Data Quality

May 22-24, 2007 9

EA Group Platform Funding Business Services

Service & Process Owners Applications

Service Ownership Capacity Planning

Service Lifecycle Gov DRIVEN BY Enforce Service Levels

Strategic SOA Platform Reference Architectures

Shared Foundation Srvcs Data Standards Blueprints & Patterns

Technology Data Quality

May 22-24, 2007 10

May 22-24, 2007 11

Application Portfolio Planning

May 22-24, 2007 12

May 22-24, 2007 13

May 22-24, 2007 14

Service Identification and Design

May 22-24, 2007 15

May 22-24, 2007 16

May 22-24, 2007 17

Develop an Operational Model for Services

May 22-24, 2007 18

Establish Data Ownership and Stewardship Model:

May 22-24, 2007 19

1. Define Goals and Strategies

2. Define Standards, Policies, Procedures

6. Refine and Go to the Next

5. Analyze and Improve

May 22-24, 2007 20

Business and IT Goals

May 22-24, 2007 21

Feedback & Monitor Architects

May 22-24, 2007 22

May 22-24, 2007 23

EA Group Platform Funding Business Services

Service & Process Owners Applications

Service Ownership Capacity Planning

Service Lifecycle Gov DRIVEN BY Enforce Service Levels

Strategic SOA Platform Reference Architectures

Shared Foundation Srvcs Data Standards Blueprints & Patterns

Technology Data Quality Architecture

May 22-24, 2007 24