Adopting SOA is a lot like gardening. It takes time, skill, a lot of hard work, and the process can be messy and even a bit frustrating at times. I know you've probably heard tons of different analogies that attempt to put SOA and governance into everyday terms and I'm sure that growing the SOA 'garden' through governance won?t be the last.

There is uniform agreement that SOA holds great promise as a strategy for improving business agility, better aligning IT and the business, and increasing overall IT efficiency. Developing an SOA strategy has become a key issue for most large enterprises: CTOs in a 2007 McKinsey survey ranked SOA as their top strategic item.

Not all services are created equal. It would be great if implementing SOA were simply a matter of applying a standard design pattern to all services. Once IT had identified and codified an optimal design standard, services could be stamped out in assembly-line fashion until the IT landscape had been transformed. Unfortunately, we don't live in a cookie-cutter service Utopia.

SOA Software announced that it has certified the Neuron ESB from Neudesic as a Governed Service Platform. Certified Governed Service Platform status means that customers can be confident that their platforms won't compromise the fidelity of the governance systems and structures defined in an enterprise SOA program. The certification process ensures that Governed Service Platforms can implement and enforce governance policies proving reporting data to enable a closed-loop audit process.

SOA Software announced that it has certified IBM WebSphere Process Server and WebSphere Enterprise Service Bus as Governed Service Platforms. This allows customers to use WebSphere Process Server and WebSphere ESB to implement and enforce governance policies for enterprise services providing reporting data to enable a closed-loop audit process as part of their enterprise SOA.

Service-oriented architectures have now become the norm for IT to deliver value to their respective businesses. A SOA-based approach promises an environment of agility, loosely coupled integration, and a composition-based approach, all of which results in faster adaptability to the demands of the business, lower operational costs, and the increased 'pluggability' of standards-based applications.

If governance were a house, you would be left with the options of either building it from the ground-up or attempting to haul a complete house in on a large truck. While the latter is possible, it is fraught with difficulty. The house does not lend itself well to transport. It may become damaged during the move. It may not fit on your lot or connect smoothly to your utilities, requiring modifications to be made on the spot.

While organizational business units and departments are in a hurry to embrace Service Oriented Architecture (SOA), without a proper control or governance of SOA adoption, the organizations are at risk of building unmanaged SOA environments that result in chaos and failure. The success of SOA largely depends on a robust governance mechanism. As a first step, organizations must start by defining a Governance Model addressing various challenges surrounding SOA space.

Governance is the tail that wags the SOA dog. An organization that deploys Web Services without a solid governance program is headed for serious trouble in terms of reliability, security, and cost. While governance is a necessity for any IT endeavor, the open and potentially chaotic nature of SOA makes governance either a showstopper or a magic bullet for success, depending on how it's approached. This article will look at SOA governance from both a technological and business perspective, highlighting the need for a complete governance model - a closed loop that spans design time to runtime, policy definition, enforcement, and audit.