Executive Briefings

Bad Technical Implementations and Lack of Governance Increase Risks of Failure in SOA Projects

Organizations that embark on service-oriented architecture (SOA) initiatives aimed at enterprise wide deployment must pay equal attention to technical and governance issues. Gartner today said that although the risks of SOA project failure are initially associated with bad technical implementations, risks of failure due to insufficient governance are becoming increasingly significant, as SOA scope expands.

"Actual implementations are showing that SOA requires more investment in service design governance and application integration best practice than current levels in most organisations," said Paolo.

Malinverno, research vice-president at Gartner. "At the beginning, risks of project failures are small but as the SOA project develops the risk curve increases. For this reason, organisations should never think of SOA without establishing a set of governance processes around service definition, implementation and maintenance." However, enthusiasm for SOA and its anticipated benefits results in some companies taking risky shortcuts in establishing robust governance, service development disciplines and staffing. Gartner predicts that by 2010, less than 25 percent of large companies will have the sufficient technical and organisational skills necessary to deliver enterprise wide SOA.

"Technical risks should not be under estimated either," said Massimo Pezzini, vice-president and distinguished analyst at Gartner. "The ease of use of modern SOA enabling tools hides the technical complexity of implementing a reliable SOA technology platform, but developing an enterprise-wide reliable, scalable, high performance, secure and manageable SOA infrastructure requires a level of technical command that few organisations have been able to develop."

According to Gartner these are the areas where mistakes are being made by IT operations and application managers when planning SOA implementations. Gartner's 'hit list' of the most common technological errors includes:
1. Underestimating the technical complexity of a large-scale SOA
2. Bad selection of application infrastructure components (ESB, orchestration and adapters)
3. Insufficient validation of the SOA enabling technical infrastructure implementation (for example, no proof of concept and no stress tests)
4. SOA infrastructure, services and consumer applications are insufficiently instrumented for security/management/troubleshooting
5. Too-coarse/too-fine service granularity
6. Insufficient/not up-to-date documentation

Gartner's 'hit list' of the most common organizational errors includes:
1. Overlooking governance
2. Thinking an SOA project should be organised just like any other application development (AD) project3. Not anticipating service number explosions in a maturing SOA
4. Giving up on an integration competency center or SOA center of excellence
5. Outsourcing architects (or not having them at all)

"In order to avoid the most common technical implementation mistakes, we recommend that organizations design their SOA technical infrastructure on the basis of their real functional and nonfunctional (e.g., performance, availability and security) requirements and not on the basis of theoretic models. Selecting proven and referenced SOA infrastructure products is also vital," said Mr Pezzini. Organizations must also architect their SOA infrastructure so that it can be easily monitored and provide all the information required to debug SOA applications. "Finally testing is critical and at least 25 percent of the effort in a SOA project should be dedicated to this activity," he added.

From an organizational point of view, there is no "one size fits all" approach governance. "Too little or too much governance will kill an SOA project, companies need just enough governance," Mr Malinverno said. When looking at their governance arrangements, organizations need to ensure that their governance arrangements are not too sophisticated and disproportional to their company size, organization and culture. They also need to realise that they can not do without an integration competency centrr (ICC) or SOA center of excellence (CoE).
http://www.gartner.com

Organizations that embark on service-oriented architecture (SOA) initiatives aimed at enterprise wide deployment must pay equal attention to technical and governance issues. Gartner today said that although the risks of SOA project failure are initially associated with bad technical implementations, risks of failure due to insufficient governance are becoming increasingly significant, as SOA scope expands.

"Actual implementations are showing that SOA requires more investment in service design governance and application integration best practice than current levels in most organisations," said Paolo.

Malinverno, research vice-president at Gartner. "At the beginning, risks of project failures are small but as the SOA project develops the risk curve increases. For this reason, organisations should never think of SOA without establishing a set of governance processes around service definition, implementation and maintenance." However, enthusiasm for SOA and its anticipated benefits results in some companies taking risky shortcuts in establishing robust governance, service development disciplines and staffing. Gartner predicts that by 2010, less than 25 percent of large companies will have the sufficient technical and organisational skills necessary to deliver enterprise wide SOA.

"Technical risks should not be under estimated either," said Massimo Pezzini, vice-president and distinguished analyst at Gartner. "The ease of use of modern SOA enabling tools hides the technical complexity of implementing a reliable SOA technology platform, but developing an enterprise-wide reliable, scalable, high performance, secure and manageable SOA infrastructure requires a level of technical command that few organisations have been able to develop."

According to Gartner these are the areas where mistakes are being made by IT operations and application managers when planning SOA implementations. Gartner's 'hit list' of the most common technological errors includes:
1. Underestimating the technical complexity of a large-scale SOA
2. Bad selection of application infrastructure components (ESB, orchestration and adapters)
3. Insufficient validation of the SOA enabling technical infrastructure implementation (for example, no proof of concept and no stress tests)
4. SOA infrastructure, services and consumer applications are insufficiently instrumented for security/management/troubleshooting
5. Too-coarse/too-fine service granularity
6. Insufficient/not up-to-date documentation

Gartner's 'hit list' of the most common organizational errors includes:
1. Overlooking governance
2. Thinking an SOA project should be organised just like any other application development (AD) project3. Not anticipating service number explosions in a maturing SOA
4. Giving up on an integration competency center or SOA center of excellence
5. Outsourcing architects (or not having them at all)

"In order to avoid the most common technical implementation mistakes, we recommend that organizations design their SOA technical infrastructure on the basis of their real functional and nonfunctional (e.g., performance, availability and security) requirements and not on the basis of theoretic models. Selecting proven and referenced SOA infrastructure products is also vital," said Mr Pezzini. Organizations must also architect their SOA infrastructure so that it can be easily monitored and provide all the information required to debug SOA applications. "Finally testing is critical and at least 25 percent of the effort in a SOA project should be dedicated to this activity," he added.

From an organizational point of view, there is no "one size fits all" approach governance. "Too little or too much governance will kill an SOA project, companies need just enough governance," Mr Malinverno said. When looking at their governance arrangements, organizations need to ensure that their governance arrangements are not too sophisticated and disproportional to their company size, organization and culture. They also need to realise that they can not do without an integration competency centrr (ICC) or SOA center of excellence (CoE).
http://www.gartner.com