If governance were a house, you would be left with the options of either building it from the ground-up or attempting to haul a complete house in on a large truck. While the latter is possible, it is fraught with difficulty. The house does not lend itself well to transport. It may become damaged during the move. It may not fit on your lot or connect smoothly to your utilities, requiring modifications to be made on the spot. The former option, building the entire house on site, certainly has its challenges (proper design, accurate implementation, quality assurance), but the risks are much lower and there is opportunity to adapt as it is built (move walls, change windows and doors, etc.). Generally, organizations should choose this option. They should choose to start small and build incrementally.

Incremental Governance
While no formal governance stages have been defined by any industry group, many organizations experience an evolution similar to the one identified in Figure 1.

Phase 1: Provide informal, ad-hoc oversight by Subject Matter Experts (SMEs)
Phase 2: Formalize oversight through workflow, standard documentation, and identification of applicable standards
Phase 3: Establish best practices, select and promote common design patterns around architecture and service layering
Phase 4: Drive enterprise alignment between business and technology teams along end-to-end business processes

How these incremental governance phases are manifested will vary from enterprise to enterprise. For some it may emphasize infrastructure investments. Other governance strategies are more focused on techniques and methodologies, while others will involve more committees and organizational changes. Regardless of what form the governance takes, the key is to start small and build incrementally.

Adopting Governance
Governance adoption should follow a simple, pragmatic approach. Overriding goals during the governance adoption process should be risk mitigation and increasing operational predictability to reduce risk. The following simple steps are recommended:

• Define a governance roadmap with objective, measurable milestones
• Identify technology and organization changes required for each stage
• Clearly identify and document business value that is applicable at each stage

That last recommendation is the step that is most often missed. So often organizations will put a plan of action in place without any understanding of what benefit the business will gain from each iteration or each level of maturity. This is crucial to ensuring that your SOA is relevant, your governance is sufficient without being overkill, and ultimately is core to achieving a return on your service-oriented investment.

Less Is More
In the process of adopting governance incrementally, it is important that you avoid the tendency to implement excessive, heavyweight governance. On the opposite extreme, you should take care to also avoid implementing governance that is nothing more than a formality and a rubber stamp of approval. Governance shouldn’t be implemented as one or more powerless committees, or as a heavyweight bureaucracy. I call this balanced approach – “lean governance.”

Lean governance represents a mindset in which governance is applied as needed. Implement only as much governance as is needed and constantly monitor the environment in order to tweak the degree of guidance and oversight. Governance should be focused, lean, and ever-present. Early in the adoption of SOA, governance should be minimal. It could be as simple as a requirement to support certain standards and maintain service contracts for each service. Over time, the governance policies, processes, and procedures, as well as the corresponding infrastructure can be built incrementally along-side the maturing of the service-oriented enterprise. Finally, this governance should be applied throughout the project life cycle. Best practices identify three governance gates: design-time, change-time, and runtime. These three gates serve as check points to ensure that service design, development, and runtime behavior are consistent with enterprise goals and stated best practices.

Summary
In my experience, governance is crucial to any significant organizational change and service orientation is no different. I don’t believe that governance has to be at the extremes (powerless committees vs. heavyweight bureaucracy), but instead can and should be focused, lean, and ever-present. Initially you don’t need very much governance, and it may involve more of an emphasis on infrastructure or techniques and methodologies. Regardless of how it is manifested, governance should be planned from the start, matured incrementally, and it should provide context for the entire project and program life cycle.