Over the past few months I have been involved in looking into the SOA a lot and researching different processes, methods, products etc. One of the most important aspects to come out of this work has been the importance of Governance.

I’ve broken this down into a couple main areas,
- Registry
- Policy Management

Registry
This refers to the UDDI registry where it is possible to find the list of available services. It’s all very going off and creating a bunch of services but if you can’t fund them the re-use becomes zero!! There are different ways of doing this and some places will use a simple spreadsheet to record what services are available, while others will utilise specific products.

Systinet, www.systinet.com, have about 80% of the market on the registry front. The system is embedded in many other applications such as IONA, Oracle, BEA, Tibco, etc. The most valuable part of the product suite is the registry, they do offer other things such as policy management but this is currently very limited.

Policy Management
This area is about how to enforce policies on the SOA services to ensure they meet the various standards out there. As part of the research work I have been looking at one of the leaders in the market in this area Weblayers, www.weblayers.com, who have done a lot of work regarding standard policies. One of the main advantages of working with Weblayers is that they have about 200 policies that you can immediately introduce into an organisation to help improve things. They are pushing this at the SOA market but in fact the tool is certainly suitable as a general code policy checker as it can validate source code and documents as well!

A very quick and brief overview here, but Governance is an incredibly important aspect of SOA which is often ignored until too late. Some up front thought and the benefits can pay off much sooner.