> Archive > Issue XXXIII: October 2009 > Enterprise SOA Governance in a Product Organization
Stuart Kerrigan

Stuart Kerrigan


Stuart Kerrigan is a Principal Engineer at Ericsson Ireland were his main focus areas include Enterprise Architecture, Enterprise Service-oriented Architecture, SOA Governance, Software Product Lines and Business Transformation.

Stuart has over 13 years industry experience in enterprise application development and software architecture predominantly in the telecommunications industry in the area of service and network management for tier 1 service providers.

Stuart has held several positions within Ericsson (previously Marconi Communications PLC) Data-Networks Division Network Management including Head of Strategy and Solutions, CTO and chief architect.

He holds an MBA from University College Dublin and a Bachelor of Science from Dublin City University.


rss  subscribe to this author

Richard van Schelven

Richard van Schelven


Richard van Schelven is a Senior Consultant at DNV-CIBIT in the Netherlands. His main focus area is enterprise service-oriented architecture and governance.

Richard has over 20 years experience in software architecture, enterprise application development in computer networking and telecommunications, specifically in the area of service and network management for tier 1 service providers.

In his previous position as principal engineer within Ericsson (Marconi Communications PLC) Data-Networks Division Network Management, he acted as a Service-Oriented consultant, advising and evangelizing on all aspects of service-orientation for the development of Operation Support Systems.


rss  subscribe to this author


Enterprise SOA Governance in a Product Organization

Published: October, 2009 • SOA Magazine Issue XXXIII

Abstract: Transforming an organization and leveraging the possibilities of a service-oriented enterprise approach is a huge challenge. Notwithstanding the organizational impact, businesses find themselves moving away from monolithic applications and start to deal more with ubiquitous services which has huge consequences on IT organizations. Thankfully, there exists an array of literature, websites, articles and books by IT-practitioners dedicated to this subject. Unfortunately, these resources mostly deal with it from one perspective which is that of the procuring of organizations. i.e. organizations that utilize IT capabilities to deliver on business goals. We believe the business transformation of procuring organizations towards service-oriented a has a profound effect on the vendors' organizations. i.e. those who supply them with software products. But few of these sources are giving advice on what vendors should or could do to address the issues or how vendors may also gain substantial benefit from an enterprise service-oriented approach.

This article looks to deal with one of those aspects - governance; and will do so from the vendor's perspective. Arguably one of the most important aspects of being successful with the endeavour of realizing a successful enterprise service-oriented architecture (ESOA) lies with governance. This is the first of several articles that will look to give some insight into the importance of governance in the context of ESOA and a vendor organization. In this particular article, the general issues of product governance are explored, and in that context the impact service-orientation will have on the vendor organization. In doing so it will look to highlight some of the similarities and differences between IT Governance and Product Portfolio Governance and introduce new governance areas for the vendor company.


When dealing with enterprise service-oriented architecture (ESOA), there are a plethora of books, articles, websites and advice for IT practitioners. These are all valuable resources on the road to service-orientation but unfortunately, most of these knowledge bases do not deal with it from a vendor's perspective. They deal with it from the procuring organizations perspective. i.e. they look at it from the perspective of the organizations that are looking to execute or are in the process of executing an ESOA roadmap. For the vendor who wishes to sell products and professional services into such organisations there is little solace in the fact that they must wave through all the current ESOA information and try to align it back to their product lifecycle and development processes.

This paper looks to deal with the service-orientation aspect from the vendor's perspective and will do so by looking at one aspect of its adoption for the vendor organization, namely Governance. One of the core tenets of a successful ESOA rollout is the presence of an appropriate governance model. Several resources [REF-01, REF-02, REF-03] exist to try and aid the IT organization towards its adoption of service-orientation with respect to governance. These various resources highlight the issues with existing IT Governance models when it comes to adopting ESOA, and provide some guidance for such. They at least provide you with enough information to incorporate those aspects deemed important into your own organization's environment.

Similarly, Product Management is nothing new to a vendor organization and there exists a body of research and ample experience that allows a vendor to adopt a sufficient governance model for its product portfolio. Unfortunately though for the vendor organization, with the wave of adoption of service-orientation and the introduction of services, their existing product governance models will need an overhaul. These new models will require a mix of IT/SOA Governance and traditional product governance in order to succeed. The necessity therefore is to integrate the extra governance requirements introduced by service-orientation into the product life cycle management processes and policies of the vendor organization.


Governance relates to consistent management, cohesive policies, processes and decision-rights for a given area of responsibility. Within the area of IT the following definition can be put forward:

"...the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives." - IT Governance Institute

The above definition is too restrictive for an ESOA and thus the following can be put forward:

"Framework in program management methodology ensuring alignment of processes and services with business strategy and resulting in evolution to a service-oriented enterprise" - ESOA, Lawler, Barber [REF-04]

This definition is fine for an organization implementing ESOA. But what about the vendor who is implementing a product for which they are looking to sell into those organizations that are implementing an ESOA? We therefore need to work with a governance definition in the context of a vendors' organization who embraces service-oriented principles to build solutions/products/services for ESOA enterprises. This gives rise to the following definition:

"The system by which the current and future use of the product portfolio is directed and controlled involving the evaluation and directing of plans for development of products or services to support the long-term viability of the organization and monitoring this use to achieve and extend the organization's strategies and objectives."

From this definition we can derive that governance looks to address the following major areas:

  • Decision-making responsibilities. Who is responsible for directing and controlling the portfolio?
  • Measuring and monitoring. Without proper measurement and monitoring process in place, how does the organization know that the portfolio is delivering on its objectives? What measurement criteria should be used?
  • Portfolio management. A portfolio consists of multiple products or services, all of which have a certain lifespan. During its lifecycle decisions need to be made around feature enhancements, retiring features, product decommissioning and so on. Product governance needs to address these issues.

Figure 1 illustrates governance in the context of the vendor. On the left hand side we have today's scenario where corporate and product governance are aligned but service-orientation is not really taken into consideration. Traditionally product managers were concerned with the big functional silos of the application and have been rather slow to pick up on the potential of a service-oriented environment. As such, ESOA product initiatives tended to be driven mainly by research and development as SOA was seen as a technical concern. This has had the affect that product based ESOA governance was for the most part hidden in research and development and thus there was little alignment between the governance models.

Figure 1: Product & ESOA Governance

As we can see from the right-hand side of the figure - in the future the vendor's customers' governance models will align to address their service-oriented enterprise needs, and this will place a strong requirement on the vendors that supply those customers to align their product portfolios with an ESOA product approach. With the advent of ESOA and the service-oriented enterprise, the future enterprise vendors' products will therefore be very much based on services. The concept of a product as it is known today morphs to a point were the services that make up the product(s) become as important as the product itself and thus requires equal status in the governance model. This now places a constraint on the vendor, as in the future, corporate, product and ESOA governance should work as one, driving innovation in both products and services.

Product Portfolio Governance

Given the amount of literature that deals with governance from an IT perspective and the impact of service-orientation on IT Governance, we can take the lessons learnt and apply them to product portfolio governance. Fortunately, enterprise service governance and product portfolio governance are not miles apart. At least at a very conceptual level similar concerns are being addressed.

Figure 2 illustrates a possible generic IT Governance Model that ensures the alignment of IT and corporate strategy, by for example, prioritizing the right projects, those that will give the appropriate return on investment (ROI). Similar to what one would expect from a vendor's product life cycle management process, the IT Governance model presented consists of an Architecture Council, Project Office, Demand / Account Management, Project / Solution Management and governance processes for strategy, portfolio and finance management.

Figure 2: Generic IT Governance Model

A vendor's Product Governance, as with IT Governance, is concerned with:

  • Structure. Who makes the decisions and what are the roles and responsibilities?
  • Process. How are (investment) decisions made? What are the decision-making processes for proposing investments, reviewing investments, approving investments and prioritizing investments?
  • How are results and decisions monitored, measured, and communicated?

Figure 3: Generic Product Governance Model

Figure 3 illustrates a generic product governance model. The perspective for product governance is somewhat different to that of IT governance, although many of the constructs are similar.

With the introduction of ESOA yet another level of complexity is added that needs to be managed, for both IT and vendor organizations. When dealing with products, you are dealing with larger blocks of functionality - however, when dealing with services; smaller blocks of functionality (in the form of software services) now exist. For the vendor organization this will have a profound effect. Instead of dealing with 10's or 100's of products, the vendor organization now has to deal with 100's or 1000's of services. As such the many of the new governance areas introduced for IT when dealing with ESOA, will also have to be incorporated into the vendors' product portfolio management. As that IT Governance model morphs in Figure 2 to accommodate ESOA, the Product Governance Model in Figure 3 also morphs.

With the advent of services, the added level of complexity requires solid portfolio management of those services. Poor service portfolio management will inevitable lead to a rise in complexity, making the building of solutions and / or product compositions and the ability to address customer problems more difficult, and ultimately lead to the exact opposite of what ESOA should bring to a vendor organization. Such a scenario would inevitably lead to increased costs, increased time-to-market, and poor quality - possibly placing the vendor into such a precarious position that it may struggle to recover.

One of the main drivers for ESOA on the IT side is the potential to reduce costs by reusing services. The same is also true from the vendor's perspective. ESOA offers the opportunity for reuse across the vendor's product portfolio [REF-05]. Previous experience of attempting to do this has taught us some valuable lessons. Reuse is hard, or more so, reuse that will have an impact on the overall reduction of project cost is hard. It requires governance and management. In order to ensure reuse, policies need to be put in place to ensure the appropriate incentives, funding, consistent design of the services etc, without which service reuse across the product portfolio becomes impossible.

Organizational Impact Areas

ESOA product governance involves defining the organizational issues, the governance processes and procedures and the necessary policies required to manage services and infrastructure throughout the product lifecycle. Figure 4 shows ESOA product governance's impact areas on the organization and in particular, product management. Again this not to dissimilar to IT Organizations impacts [REF-06].

Figure 4: ESOA Governance Impact Areas

Without executing on an ESOA, most of these activities still take place. However, performing an ESOA approach adds certain activities and also impacts on the other activities mentioned in Figure 4. Taken together, these activities are essential for achieving both the organization's objectives and the successful implementation of ESOA within the product/service portfolio.

ESOA introduces several new product governance areas that are required to deal with the services aspect of the vendor portfolio:

  • Service Portfolio Management
  • Service Life Cycle Management
  • Architecture

In some ways, Service Portfolio Management and Service Lifecycle Management are direct mirrors of what exists for traditional product management - only in this case we are dealing with services. However, several layers of complexity are added. The introduction of services requires that stakeholders take a different perspective on how projects are determined and managed. The product manager must not only consider the product as his fundamental asset, but now the service becomes a fundamental asset to the product manager. Questions of service funding and ownership must be addressed and new roles introduced for the management of the service portfolio itself.

Architecture plays a key role in this context. Dealing with service-orientation, vendors have to consider the architecture of services themselves, the composition of services, the collection of related services and the context of the enterprise [REF-07]. Vendors need assurance that their ESOA is based on the following characteristics:

  • Business driven. The architecture needs to be aligned with the business. Product Marketing is driving the services that need to be developed.
  • Enterprise centric. The scope of the architecture is a meaningful segment of the targeted enterprise, allowing the potential to identify reuse and hence composition of services enabling service product lines.
  • Composition centric. The architecture supports the mechanics of continuous service composition. This will enable vendors to adopt a service product line approach [REF-05]. On all the different levels of architecture (service, composition and collection) governance is needed to protect the consistency of the service product line.

Furthermore the lifecycle aspects of the services must now be taken into consideration, as well as, how this affects product decisions. Similarly the lifecycle aspects of the products must be taken into consideration and how they affect the lifecycle of the services. In fact, as products and services become synonyms with each other, Service Life Cycle Management should occur within the overall context of the Product Lifecycle Management. Again this raises the question of ownership.

Service Portfolio Management and Service Life Cycle Management will be dealt with in more detail in future articles.


The business transformation of enterprises towards service-oriented organizations has a profound effect on the vendors who deliver products to make such organizations successful. These vendors also need to embrace ESOA as their customers face a future where their products may no longer fit into their customer's environment, and are more of a hindrance or bottleneck working against their customers business transformation initiatives. In order for vendors to succeed on that endeavour, it is our belief that they must change their view on the concept of a product and overhaul their current product portfolio management best practices and incorporate ESOA best practices into their best practices to face the challenges and reap the benefits.

As the nature of the products change to address the ESOA needs of the procuring organizations, the impact on the product line organization of the vendor is likely to be significant. New roles and practices must be taken into consideration and incorporated. Aspects such as product and service ownership, funding, lifecycle management and reuse require thought. In order to be successful in supplying the future enterprises with products, governance will be a vital ingredient, and without a proper governance model in place to address the added complexities of dealing in services, it could spell disaster to many vendor organizations.


[REF-01] Service Oriented Architecture Governance for the Service Driven Enterprise. Eric. A. Marks. Wiley & Sons. 2008.

[REF-02] SOA Governance. The key to successful SOA adoption in your organization. Todd Biske. PACKT Publishing. 2008

[REF-03] SOA Governance. Achieving and Sustaining Business and IT Agility. William A. Brown, et all. IBM Press. 2009.

[REF-04] Service-Oriented Architecture - SOA Strategy, Methodology, and Technology. James P. Lawler, H. Howell-Barber. Auerbach Publications

[REF-05] Defining Business Services in the Telecommunications Industry. SOA Magazine Issue XXIII: October-November 2008

[REF-06] SOA for Profit. Martin van den Berg et all. IBM SOGETI. 2007.

[REF-07] SOA Design Patterns. Thomas Erl et all. Prentice Hall 2009.