As SOA projects move from pilot implementations to larger division and enterprisewide IT initiatives, the need for an effective approach to SOA organization and governance (O&G) also increases. In fact, SOA O&G can be the biggest determinant of SOA success. Because of this, forward-looking IT leaders are increasing their direct involvement in order to address fundamental challenges facing their organizations as they move ahead with SOA. These leaders have dispensed with the aura of mystery around SOA O&G, taking a pragmatic approach that establishes boundaries for their organizations to operate within, and providing patterns for success that others can follow.\n\nA recent SOA survey by International Data Group revealed that more than half of all enterprises say organization and governance is the top barrier they face in adopting SOA. This is understandable, as the issues to be addressed are substantial, and touch almost every aspect of the software development lifecycle (SDLC). In addition, over time, divisional IT organizations have been optimized to align with divisional initiatives, yet often SOA yields greater benefits for the enterprise. The nature of some of the best IT initiatives for SOA\u2014such as cross-divisional up-selling and consolidated customer service\u2014makes getting ahead of the O&G issues a top priority for many enterprises today, not an optional activity to be assigned to subcommittees. "Without strong governance, nearly any SOA project will ultimately fail,\u201d says Mike McCoy, director of enterprise architecture for Accredited Home Lenders (AHL), a residential mortgage lender based in San Diego, Calif., with more than $500 million in annual revenue. AHL currently uses an SOA as the foundation for numerous applications, such as processing \u201cspecial handling\u201d loans and integrating core underwriting and funding systems. \n\nWhat Worries CIOs About SOA Organization and Governance?Most organizations already have some form of IT governance in place. Even so, SOA creates new challenges in terms of the service lifecycle, technology standards and team roles. The bottom line: Enterprisewide SOA can easily fail unless governance issues are addressed early in the adoption process.This means organizations need to adopt governance that supports, within the criteria unique to each business, the agility that an SOA promises. Experts say that CIOs who are not embracing strong SOA governance are holding back for the following reasons: \n\n\n\nTiming. The most common misconception is about when to deal with SOA organization and governance. Many feel they don\u2019t need to address it up front, but believe it can wait until later. This can plant the seeds of problems that will grow as SOA rolls out across the enterprise. \n\nLack of understanding and best practices. Companies don\u2019t always understand what SOA organization and governance is, and why it\u2019s different from a traditional organizational structure and IT governance plan. Many enterprises struggle to implement best practices that ensure the realization of SOA benefits. \n\nFear of change. Adopting SOA requires a cultural shift in the way people work together, new skill sets and role definitions. As such, CIOs have to consider the cultural effects of change on people, process and methodology. The larger the company, the more siloed its business units tend to become, making change that much more challenging. Strong governance, however, can help ease the pain of change. \n\nLack of SOA expertise. Many CIOs worry that their company lacks the skill sets and experience it takes to implement an SOA, and transforming an entire IT staff into SOA experts overnight is not a realistic option. \n\nNot the CIO\u2019s responsibility. It\u2019s not uncommon for SOA teams to be in place at the divisional level\u2014siloed\u2014without active engagement in business strategy. Typically, the lack of service-level agreements between central IT and other IT groups diminishes information and process sharing. This communication blackout can lead to an improperly specified SOA, or worse, even more siloed, small-scope SOA initiatives that yield greatly reduced benefits for the enterprise. CIOs need to ensure that SOA is an enterprisewide initiative and drive that message home with all constituents.Taking the Lead on Organization and Governance Amid these perceived challenges, there are actions CIOs can take to improve their odds of success. It comes down to adopting the following best practices: \n\n\n\nGet personally involved, early. The \u201cbenevolent dictator\u201d approach can be employed judiciously to catalyze change and bring decisions on new rules, roles and responsibilities to a clear conclusion. The reality in most organizations is that IT teams won\u2019t work out those critical success factors among themselves, as the \u201cturf\u201d issues to be addressed are beyond the responsibility of the individuals developing the new processes. CIOs who directly insert themselves in these decisions early in the process can compress the time required to make some key decisions, accelerating their organization\u2019s SOA adoption. \n\nPrioritize the SOA benefits. As SOA has moved into the mainstream of IT strategy, the potential benefits have been hyped beyond what\u2019s realistically possible. Forcing the IT leadership team to prioritize the benefits the enterprise and the divisions will achieve by adopting an SOA approach is a foundational exercise that many find beneficial. \n\nEstablish the boundaries. Foundational organization and architecture guidelines need to be debated and agreed upon at the top. The implications of simple guidelines such as \u201cdata is owned by the enterprise\u201d are far-reaching, and set the boundaries that smaller sub-teams can address in detail. \n\nDevelop a conceptual SOA organization. The organizational models surrounding shared development approaches are finite, and while the titles may be updated for SOA, many CIOs will recognize the prescribed roles. Developing and privately syndicating \u201cstraw\u201d organizational models has proven to be an effective way to surface the issues among the leadership team with minimal territorial behavior, which can then be modified if real-world trade-offs need to be considered. \n\nAddress four core processes first. Not all software development processes need to be addressed immediately, and in fact, addressing too much too early can be detrimental to success. Successful organizations have begun to address the following four core processes, leaving the rest of the software development lifecycle processes for later in their SOA maturity: \n\n\n\nSOA architectural management. A structured process for any proposed changes to be reviewed and implemented in the enterprise SOA reference architecture.\n\nSOA project management. As part of the existing project investment decision process, organizations are adding an SOA process determining a project\u2019s alignment with the SOA road map in order to emphasize IT projects best leveraging existing services or with the best potential of creating new services with a high degree of reuse.\n\nSOA alignment\/ As an adjunct to existing SDLC processes, companies are adding formal design and architectural reviews at key control points in order to ensure alignment with key SOA architectural guidelines and business objectives.\n\nSOA infrastructure management. Version control for existing published services and new services that will be introduced. \n\nEase culture shock. Many companies have adopted a project-by-project approach to implementing SOA, realizing benefits as they go. These companies have found that implementing effective SOA O&G is a similar process. While the full implementation of the new SOA processes may require significant changes, implementing these changes all at once can overwhelm any benefits that may be realized from initial SOA projects. An effective approach to rollout is to let the number of services actually deployed in production set the pace, allowing the O&G changes to be implemented in phases. Early in the process, \u201cvirtual\u201d roles and committees can be an effective way to get started, all of which can be introduced without major organizational change.\n\nPut some bite in the process. \u201cBecause SOA governance is key, you\u2019ll want to establish an oversight\/review committee with real teeth,\u201d AHL\u2019s McCoy says. \u201cMake this a priority, not an afterthought.\u201d Early in the process, the committee may be used primarily for facilitating communication, but over time the \u201cteeth\u201d of the committee need to be felt, as the core processes begin to be implemented, and adherence needs to be enforced. \n\nUse the right kind of external help. Broad organizational change efforts can equal a \u201clicense to consult\u201d for many vendors, and cause any budget-conscious CIO to avoid using outside assistance. But external resources, unburdened by organizational politics, can be uniquely useful for building consensus on priorities, leveraging examples from the industry, defining new roles and responsibilities, and building an O&G implementation plan. You can achieve these critical steps using as few as two to three external advisers, provided the right internal executive team gets directly engaged from the beginning. SOA organization and governance doesn\u2019t require the army of consultants that some would prescribe. Addressing SOA governance is an effort that requires time and tenacity to pay off. \u201cChange threatens some people, and it won\u2019t happen overnight so you\u2019ll have to keep plugging away,\u201d says McCoy. But by getting personally involved early in the key decisions, and by taking a pragmatic approach to implementing the O&G changes, you can set your organization up for success as service-oriented architecture becomes more widely adopted throughout the enterprise. \n\n\n\nBruce Graham is the senior vice president for the worldwide consulting and SOA practice at BEA Systems.