> Archive > Issue LII: July 2011 > Driving SOA Governance - Part III: Organizational Aspects
Leo Shuster

Leo Shuster


Leo Shuster is responsible for SOA strategy and execution at National City Bank.

He has over 15 years of IT experience and throughout his career, has performed a variety of roles including group manager, team lead, project manager, architect, and developer.

His experience spans a number of industries but over the past 7 years, he has been focused on the financial services sector.

Mr. Shuster holds a Masters degree in Computer Science and Engineering from Case Western Reserve University and an MBA from Cleveland State University.

He has presented on SOA and related topics for groups of all sizes at such events as the Gartner summits and the Enterprise Architecture Executive Council.

He regularly blogs about advanced software architecture issues at and he can be reached at


rss  subscribe to this author


Driving SOA Governance - Part III: Organizational Aspects

Published: July 15, 2011 • Service Technology Magazine Issue LII PDF

This is the second part of a multi-part article series. The first two parts are published at Driving SOA Governance - Part I and Driving SOA Governance: Operational Considerations - Part II.


While the technology platform plays a significant part in SOA governance adoption, addressing organizational aspects of SOA governance is even more important. Building the correct structures, establishing the correct roles, and setting-up effective communication mechanisms are all necessary components for success.

No matter how tightly the technology is integrated throughout the entire project and service lifecycles, human beings establish, support, and execute the governance processes. Governance is aimed to incentivize the right behavior and discourage the wrong kind. It is largely a process aimed to influence people in the organization.

The technology makes it easy to execute governance processes. However, a counterbalance is needed should people decide to sidestep governance mechanisms. This happens quite frequently for a variety of reasons. Therefore, noncompliance should be expected and proactively addressed. The best way to achieve full governance compliance and adoption is to establish effective organizational structures and incentives aimed at driving the expected behavior. Paired with the integrated SOA governance system, this should eliminate any loopholes in the established SOA governance processes.

Organizational Incentives

As mentioned before, governance is about creating a system of incentives and penalties to influence the right behavior. This is also known as a carrot and stick approach. In many cases, governance cannot be effective without existence of both elements simultaneously. While there are many examples of self governing teams, organizations that do the right things on their own with little formal governance mechanisms in place, and successes based on intrinsic motivation of team members, formal governance processes should nevertheless be established in order to produce repeatable results regardless of the teams and individuals involved.

Most people and teams cannot be swayed in the right direction simply by establishing valuable incentives. While some people will be excited about working with new technologies, acquiring new skills, and increasing their marketability, others will not. These incentives alone do not offer repercussions for not following the established rules. At the same time, only punishing the wrongdoers without offering any rewards does not incentivize anyone to do things right and lowers organizational morale. Both the carrot and a stick must exist for any governance mechanism to be effective.

SOA governance should adopt the same approach. At a high level, it should establish a set of specific, attainable goals for each IT group and track adherence to them on a consistent basis. Specific SOA metrics can be used as a way to determine progress towards these goals. Examples of SOA governance goals can include:

  • service reuse target
  • service creation amount
  • cost savings
  • ROI
  • platform consolidation
  • development efficiency

The best way to incentivize the organization to meet SOA governance objectives is to establish formal goals, by which each IT group will be evaluated throughout the year. The goals must be attached to the performance objectives of each group’s leadership team. This makes mid-year and annual evaluations specific and meaningful. Inability to attain any of the SOA governance goals must be reflected in the overall performance evaluation not only for the IT group but also for the whole leadership team. Negative results could yield budget reductions or similar tangible impacts. For the IT managers, the inability to meet specific targets should result in less favorable performance reviews. Alternatively, meeting or exceeding the goals can result in increases in budget and staff, bonuses, promotions, special recognitions, etc.

The bottom line is that a set of effective incentives and punitive measures should be developed and enforced in such a way that IT groups and their leadership teams strive to reach the established goals. At the same time, not meeting these goals brings tangible negative effects. A process to tie the metrics, objectives, and performance evaluations together should be created and continually executed. A high level view of this process along with the organizational constructs it would affect is shown in Figure 1.

Figure 1 – The process of establishing SOA-related incentives ties formal objectives, metrics collection, and performance evaluation together.

The formal goals should come down from the CIO and the entire senior management team. Metrics collected during normal SOA operations should provide a gauge of how each team is doing in meeting its specific objectives. These metrics will serve as a base for formal performance evaluations of IT groups, managers, and senior leaders. Furthermore, if the CIO is serious about driving SOA adoption across the entire enterprise, he should include some SOA targets into his objectives and communicate them to the business leaders including the CEO.

The whole IT organization must understand the importance of SOA governance goals and develop a strong desire to attain them. A consistent support of this direction by IT leadership in the form of formal objectives should influence everyone’s behavior. However, without a system of tangible rewards and penalties, the approach cannot be fully effective.

Financial Considerations

Money is often the best influencing tool. It can drive behavior one way or another - when the funds are granted or withdrawn. This approach can be used for increasing SOA adoption. Making more funds available when SOA targets are met will push the teams towards trying harder to achieve necessary results. On the flip side, taking the funds away as a punitive measure for not reaching certain goals can serve as a great incentive for the IT leaders to ensure their teams are on board. Often, financial repercussions of not achieving SOA objectives hits closest to home.

There are many ways to establish financial incentives for meeting or failing to reach SOA targets. Table 1 depicts various alternatives that can be used to drive appropriate behavior. Note that all of the approaches listed target IT teams, not individuals.

service reuse target
service creation amount
development efficiency
  • increasing headcount
  • increasing discretionary project funding
  • increasing training budget
  • increasing bonus pool
  • assigning team members to more important/visible initiatives
  • formal recognition
  • individual promotions
  • decreasing headcount
  • decreasing discretionary project funding
  • decreasing bonus pool
  • assigning team members to less important / visible initiatives
  • potential demotions or reprimands
cost savings
  • retaining a portion of savings or benefits achieved
  • increasing bonus payouts
  • reducing budgets by amount of savings or ROI not achieved
  • decreasing bonus payouts
platform consolidation
  • increasing infrastructure budget
  • giving priority to new technology initiatives within the team
  • decreasing infrastructure budget
  • de-prioritizing technology initiatives within the team

Table 1 – Financial incentives and penalties encouraging SOA adoption.

Financial awards can also be calculated based on the ROI achieved by each team that are independently determined or verified by a separate finance group. Since ROI typically translates into tangible benefits for IT, business or both, results attained can signify each team’s contribution. ROI, cost savings, or any other quantifiable benefits can be treated as a pool of money, a portion of which can be redistributed back to each team as profit sharing. The actual calculations of how much profit would be shared across the teams would vary with each organization but, in general, it should be a percentage of the team’s results against the target. This would create an additional incentive to find or generate as much monetary benefit as possible since the teams would expect to receive some portion of it back.

Competition is yet another factor that can encourage increased SOA adoption. For a few services, allow separate teams to create different versions of the same service. The success of each implementation would be measured by the amount of consumers, total volume, total cost of ownership, and overall ROI. The best performing service would be awarded through the means listed in Table 4, and the team would be encouraged to create additional services. At the end, this kind of free market system would drive out the weaker services and teams while establishing a solid foundation for encouraging reuse, driving adoption across organization, and building a strong culture of innovation.


A variety of SOA metrics can play a key role in SOA adoption. Metrics are a measuring stick for SOA progress. Collecting and communicating them provides a clear picture of where the organization is at any point of time. By the same token, highlighting positive progress or negative trends can help increase SOA adoption.


If all the relevant metrics are defined, a detailed plan can be devised to capture them. The key is to setup an easy and repeatable process since it will have to be continually executed. Also, keep in mind that the data being collected will be used not only for metrics calculation, but also for reporting purposes. Thus, setting up a capture and storage mechanism with both of these goals in mind will help minimize process changes and future efforts.

There are numerous ways to collect the raw data needed for SOA metrics creation. Some service management products offer the ability to keep track of the number of service calls being made, who calls each service, and other service performance information. The Registry/Repository tools can help keeping track of how many services exist and how many are under development. Incident management software can be used to obtain information about service related tickets, defects, and associated resolution statistics. Procurement information can help understand the current and past software licensing and hardware costs. General time reporting software can be leveraged to determine the time and associated cost related to service design, development, testing, refactoring, and integration. The real trick to doing this effectively is to setup the appropriate reporting buckets, so that individuals working on a variety of service delivery tasks can charge their time accordingly.

ETL (Extract - Transform - Load) tools can be used to retrieve data from a variety of sources and bring it all together in a single location. Alternatively, of course, if any of these systems are service enabled, data can be aggregated and manipulated in real time through service interfaces. An administrator in charge of this process can manipulate the data once the load is complete and add any other information that is necessary to provide accurate and timely reporting. A comprehensive view of this process is provided in Figure 2.

Figure 2 – The automated SOA metrics collection process brings data from a variety of sources into a single repository.

Of course, a manual process for keeping track of all this information can also be established. However, relying on the existing software products to produce the necessary information represents a more reliable and transparent approach since it provides a greater validity to the end results.


Once metrics are collected, they need to be distributed to all the SOA program stakeholders. Depending on the organization, these can be IT managers and executives, business executives, and partners. It is imperative to the success of the SOA program that clear and transparent communication takes place to demonstrate the progress made and value created. Business and IT executives sponsoring the program need to understand how the funds are being spent and what benefits they help to achieve. It is also important that metrics are verifiable and are based on trustworthy data sources. This ensures transparency and adds validity to the information being communicated.

Metrics need to be published on a regular basis. Determine the best period of time - monthly, quarterly, annually, etc. to provide regular updates and set the expectations accordingly. Establish a consistent format and try not to vary it too frequently, so that your audience knows exactly what is being communicated. Different delivery mechanisms should be provided to accommodate a wide variety of distribution channels.

Providing different types of reports may be necessary for different target audience. IT executives, for example, may receive more granular data than business executives. Additionally, reports generated to communicate progress may be different from those aimed to demonstrate compliance with specific goals.

Since metrics can be used not only as a communication mechanism but also as a tool for influencing behavior, specific reports should be created. A comprehensive set of reports should be made available and widely publicized. Access to these reports may be secured depending on the sensitivity of data or corporate policies.

Establishing a centralized SOA metrics dashboard or portal is important. Anyone from the SOA program stakeholders to the developers can view the metrics and assess the program’s progress, SOA adoption rate, and overall maturity. Sophisticated reporting tools can be employed to allow users to drill into specific metrics and understand the underlying data. The ideal future state for SOA metrics reporting should incorporate sophisticated reporting tools, automated real-time data collection, executive dashboards, and a maturity meter.

Communication Plan

Metrics are not the only element of the SOA governance program that need to be publicized. As with any enterprise initiative that has the potential to impact how work is delivered, what is expected from everyone, what mechanisms are impacted, and what process changes occur, SOA governance aspects have to be clearly and consistently communicated throughout the enterprise. A comprehensive communication plan needs to be designed and implemented.

The goal of the communication plan is to achieve the following objectives:

  • describe the purpose of SOA governance
  • define SOA governance and its benefits
  • define SOA governance mechanisms and processes
  • explain how SOA governance relates to each IT role
  • communicate current efforts and next steps

Most importantly, consistently delivered communications focusing on SOA governance helps the organization stay focused, keep the initiative at the forefront, and reinforce the initial message. The interaction with the teams across IT and business should also provide a convenient forum to solicit feedback, improve the program, and answer any questions.

The communication plan focusing on SOA governance and its adoption across the enterprise should contain the following elements:

  • purpose of SOA governance
  • SOA governance benefits
  • SOA governance components
  • rollout plan
  • SOA governance technology
  • roles and responsibilities
  • funding mechanisms
  • integration with the existing SDLC(s)
  • schedule of talks and target audience for each

The typical sequence of events should look something like this:

  1. create a communication approach and publicize it.
  2. Schedule a kick off event.
  3. Schedule a set of meetings with a variety of groups to explain SOA governance in more detail and make discussions more personal.
  4. Keep communicating with key teams through a previously agreed upon forum.
  5. Publish reports and metrics on consistent basis.
  6. Solicit feedback from all the teams participating in SOA governance.

Keep in mind that the communication has to be constant and consistent. The message will not sink in without persistent reminders. Consistency of the message will reinforce the knowledge and help the governed population follow the processes with fewer concerns, increase efficiency, and drive up adoption.

Training & Mentoring

No governance mechanism can be successful without a deep understanding of what it does, what it tries to achieve, and why it is necessary by the entire organization. While the communication plan is very important to achieve this, continued training and mentoring of staff playing key roles in the process will amplify the amount of advocates, improve compliance, and increase adoption. Each participant must not only be highly educated about his/her responsibilities but also be fully sold on the benefits, so that they come across as positive and credible. Continued involvement, education, and mentoring help achieve these goals.

SOA governance training can be achieved through the following avenues:

  • educational seminars
  • online classes
  • recurring town hall sessions
  • conferences
  • webcasts

While refresher or introductory courses should always be offered, recurring or special events should introduce new materials and promote advances made in the SOA governance space. They should keep everyone interested in what is going on and provide valuable insights into what future plans hold. These events should also provide a good opportunity to solicit feedback from the people participating in the governance processes as to what really works, what does not, and where improvements should be made.

Online collaboration tools should play a large role in the communication loop. They should be used to encourage feedback, keep communication flowing freely, make announcements, promote educational events, collaborate with the stakeholders, build communities, and understand the governance impact on the organization as a whole. This can be achieved through a variety of means:

  • collaborative portals
  • Wikis
  • blogs
  • discussion boards
  • newsletters
  • help line (e-mail, chat, phone)
  • social networking sites

Individual relationships should be exploited to advance the SOA governance cause. Mentoring opportunities should be encouraged and may even be included into formal objectives for the members of the SGPO. Mentoring can cover any and all aspects of the SOA governance program. No area should be excluded.

The more people know, the better they will execute the processes, educate others, and advocate on your behalf. A well-educated population is a well behaved population. In many ways, education and mentoring are yet additional ways of increasing SOA governance adoption throughout the organization.


Following the successful rollout of the integrated SOA governance platform, SGPO decides to concentrate on the organizational aspects of SOA governance. It convinces the CIO to formalize his SOA adoption goals and hold everyone within the IT organization accountable to achieving them. The CIO agrees and publishes the list of specific targets that each IT group had to meet. This includes service reuse amount, service creation amount, cost savings, and developer efficiency. These goals are written into each departmental CIO’s annual objectives and they distribute them accordingly to their teams.

As the SGPO already collects a number of metrics related to every aspect of SOA operations, it has agreed to create specific reports showing each group’s adherence to the CIO objectives. The reports would be sent to each group’s manager and objectively demonstrate the degree to which specific objectives have been met.

In order to streamline its metrics collection and reporting, SGPO decides to automate the entire process. Until now, all of the metrics have been collected manually, stored in the access database, and reports run manually. The new process would establish a central relational database that contains all the raw data. A number of ETL processes would collect all the relevant data from the primary data sources. This includes:

  • run-time governance platform: service consumers and service consumption data
  • Registry/Repository: service catalog, reuse opportunities
  • time reporting software: service delivery time and cost

To ensure full compliance with the stated objectives, the CIO established a specific set of incentives and penalties that would be incurred. In case of exceeding expectations, each team including managers and individual team members would receive a bonus equal to 1% of quantifiable benefits achieved above the stated goals or $10,000, whichever is less. In case of not meeting the expectations, the entire team bonus pool would be reduced by the amount directly proportional to the percentage of noncompliance. Special circumstances would be eligible for appeal.

Above and beyond the formal incentives to promote SOA governance adoption across the organization, the SGPO has started a comprehensive communication campaign. While some communication activities have already taken place, this new effort is a much more thorough one. SGPO has established a series of town hall events aimed at introducing the changes to the SOA governance processes, a new website describing all the governance processes in depth, and a discussion forum encouraging interactive discussions around any SOA governance topic. Additionally, the SGPO members have started attending each IT department’s staff meetings to understand everyone’s needs and provide a better way to solicit feedback or discuss changes to the existing processes. The SGPO encourages its members to identify mentoring opportunities throughout the organization and follow through on them. As a result, each SGPO team member has 2-3 people they are actively mentoring.


Governance is about creating a system of incentives and penalties to influence the right behavior. The best way to incentivize the organization to meet SOA governance objectives is to establish formal goals, by which each IT group will be evaluated throughout the year. Financial incentives or penalties can be used to achieve desired outcomes.

Capturing metrics in a consistent and automated fashion increases their credibility and transparency. Metrics need to be communicated in order to demonstrate the progress made, showcase value created, determine adherence to program goals, and influence the desired behavior.

SOA governance aspects have to be clearly and consistently communicated throughout the enterprise. Education and mentoring offer additional ways of increasing SOA governance adoption.