W H I T E P AP E R

A S t u d y i n C r i t i c a l S u c c e s s F a c t o r s f o r S O A Sponsored by: Hewlett-Packard

Sandra Rogers September 2008

S U C C E S S I N AN S O A W O R L D

S t r i v i n g f o r S u c c e s s

There are many ways to assess whether an IT or business initiative is successful. In today's highly complex and competitive world, expectations run high for the delivery of discrete results across a variety of dimensions, including financial performance, business opportunity and impact, risk mitigation, better customer service, and so forth. More than ever, IT projects and solutions are underwritten for and aimed at very specific, measurable business goals. Thus, enterprises have over time built out many silos of applications and systems that, while addressing particular needs, often cannot be leveraged or combined effectively to address new or cross-cutting business concerns and may depend on specialized skill sets. These systems and their underlying infrastructures are no longer able to keep pace with business demand and, along with other objectives tied to furthering efficiency and innovation, are contributing heavily to the keen interest in adopting Service-oriented architecture (SOA).

According to IDC research, many IT professionals embarking on SOA programs typically envision their primary benefit to be code and service reuse, whereas those having already implemented SOA to some degree often report the most important capabilities obtained as overall flexibility and ability to respond with solutions faster to market. It is interesting that the former objective is more tactical and technically focused, and the latter more about strategic alignment and support for overall business pursuits. Therefore, approaches taken while adopting SOA may vary and be more or less constrained by individual perceptions. SOA may also be measured along a potentially diverse span of expectations. Nothing is assured, however. Preparing for both short- and long-term success across a continuum of requisites is critical to driving initial and much-needed ongoing support.

This IDC study investigates the importance of certain factors and explicit activities that contribute to successful SOA initiatives. Field research was specifically designed to capture and provide insight into actionable steps one can take toward achieving success based on real-world examples and advice from organizations that have effectively instituted SOA. Findings from this research were compiled and analyzed and a success factor framework created to help guide individuals in the strategic planning and implementation of a results-oriented SOA-based initiative.

Glo

bal H

eadq

uarte

rs: 5

Spe

en S

treet

Fra

min

gham

, MA

0170

1 U

SA

P.

508.

872.

8200

F

.508

.935

.401

5

ww

w.id

c.co

m

Organizations now seek to create more adaptable IT environments that can better withstand change, offer more flexible sourcing options, and more readily support unforeseen conditions.

2 #214146 ©2008 IDC

W h a t M a k e s S O A U n i q u e ?

SOA is an approach that no two organizations implement identically. This is especially true given that most enterprises have a unique IT topology and differentiating business attributes. Therefore, what constitutes the overall architecture, specific services, and resulting composite solutions will vary. However, one must look beyond certain physical manifestations and more toward how to drive a cohesive and collaborative effort. Also, while there may be some similarities in advice given for other types of large business and IT initiatives, SOA exposes and magnifies certain needs.

SOA initiatives are typically longer-term strategic endeavors where benefits are cumulative and thus the need to drive consistency and protocols is essential. An enterprise-scale SOA program can involve a far greater number of individuals and activities than a traditional development project, and its highly shared foundation raises to prominence activities focused on managing service interactions and relationships.

While SOA initiatives certainly require varied degrees of technology change, key challenges identified and overcome by most successful enterprises often have less to do with technology and much more to do with nurturing the cooperation and behavior of individuals and the organization as a whole. These initiatives require, as well as inspire, greater collaboration and more of a communal or social network�like atmosphere, yet they also must operate under a watchful eye.

S O A I N I T I AT I V E S : B R E AK I N G T H E C O D E

W h a t D e f i n e s a S u c c e s s f u l S O A I n i t i a t i v e ?

Our studies have shown that individuals from various roles in an organization often have different perceptions regarding what SOA represents, how they rate adoption and maturity levels with respect to their SOA-based endeavors, and how they measure and perceive success. Thus, the specific goals, experiences, and perspectives of a CIO may be somewhat different from those of a chief architect and then again of someone in the development ranks or on a quality team.

For example, chief architects are often most focused on establishing an SOA program and expanding its pervasive use. Driving more participation will lead to greater value and warrant investing in the underlying infrastructure to support services that interoperate across varied scenarios and boundaries. Instituting standardization will better enable system compatibility, manageability, and compliance, and the better one can align services with business constructs, the more likely one is able to support and respond to ongoing enterprise needs and promote greater understanding between IT and business factions. Yet, for a developer, SOA success may mean something different, perhaps the ability to achieve one's project on time or how easy it is to attend to one's tasks on a day-to-day basis. Meanwhile, operations staff may be more concerned about guaranteeing service security, availability, and reliability, along with managing the impact on underlying systems.

SOA is not a discrete "project" that is taken on and completed in a set period of time, but an overarching initiative and perspective to be embraced.

©2008 IDC #214146 3

From a business perspective, it's all about results that affect the bottom line. This translates to a variety of dimensions, such as enabling capabilities to:

! Access appropriate information for decisions and business activities on demand

! React to customer and partner needs more rapidly

! Collaborate among peers and team members more effectively

! Better unify operations in the advent of a merger or acquisition

! Ensure that information and activities adhere to regulations

! Drive more efficient, integrated processes

! Improve overall efficiency and reduce cost of business and IT operations

Some IT professionals may believe that specific business stakeholders do not need to be aware that SOA is fueling such accomplishments. However, IDC has found that successful organizations discover that it really does matter on multiple fronts, helping to better communicate and thus define business services and processes, and to glean the right level of participation and financial support.

K e y A s p e c t s o f S O A I n i t i a t i v e s

Those pursuing SOA endeavors must make the leap from focusing on individual development projects to deploying a holistic program that coordinates activities and builds capabilities as services designed with the enterprise in mind. While discrete projects still have their place, they must be managed within the greater context. Defining, funding, and measuring projects will also likely need to change as organizations focus on the development and long-term management of services that support a variety of applications and stakeholders. Essentially, for broad SOA adoption, most existing IT processes will need to be amended to some degree.

Organization and Program Management

Many individuals when first considering SOA tend to focus on technology; for example, adopting an enterprise service bus (ESB), designing interfaces and service messages, or supporting specific standards. While technology decisions do matter, often overlooked is that at its heart an SOA represents a business program and not a mere suite of technologies. While SOA may be targeted at making IT assets more effective, it is an overarching discipline that relies on the input and utilization of services by varied constituents. Therefore, SOA is as much about setting into motion the processes and policies for individuals and systems to follow as it is about implementing technology. It requires some up-front planning and management on an ongoing basis.

SOA is as much about setting into motion the processes and policies for individuals and systems to follow as it is about implementing technology.

4 #214146 ©2008 IDC

Enterprise Architecture and Enabling Technology

Many organizations embarking on SOA develop a reference architecture that outlines discrete capabilities and supporting technologies. Some chief architects IDC interviewed having successfully implemented SOA tend to deemphasize their focus on mandating the use of discrete products and highlight the criticality of determining overarching patterns and policies that uphold the architecture and define how and where technologies must support them.

Although a technical reference architecture can be defined, it is usually instantiated project by project. Some organizations may need to allow for some level of variation as long as standards and protocols are maintained. While the concept of utilizing standards is still critical, some organizations may opt to standardize on particular offerings to ease certain issues of vendor interoperability and obtain certain benefits tied to this type of consolidation. For the most part, however, enterprises implementing technology for SOA opt for a more multivendor, best-of-breed approach. In a recent IDC poll, more than half of the respondents indicated this as their preferred approach for purchasing and deploying SOA solutions.

Indeed, this support for ongoing heterogeneity is one of the major draws for adopting SOA. The ability to interface and engage with the many varied components in a dynamic way is an important defining facet of such environments and highlights the need to design an infrastructure that can manage an expanding network of interactions and the flexible composition of services. From an individual service as well as from a holistic system perspective, services need to be defined, created, discovered, qualified, implemented, accessed, tracked, and managed across development and runtime environments � not just from an SOA-specific context but in relation to the overall IT environment and solution base.

C h a l l e n g e s t o A c h i e v i n g S O A S u c c e s s

Chief architects, CIOs, and other leaders driving SOA initiatives often find themselves in the role of chief evangelist and politician. They must navigate and effect change on multiple levels, encouraging new organizational structures and processes be set to support these goals. Change does not happen overnight, so fortitude and patience are required.

The more decentralized the overall environment, the more transparent, governed, and automated certain functions must become to gain utmost value and effectiveness. Handling certain dimensions manually may work while in a proof of concept (POC) and early stages of adoption; however, some challenges may arise when attempting to scale out and build greater participation. Greater coordination between service providers and consumers needs to be nurtured. Many organizations in our study become, as one interviewee noted, "a victim of success," as key stakeholders start to ramp up service development and use before any real foundation is laid.

When establishing an SOA program, garnering participation and instantiating trust, gaining support in the face of time-crunched delivery goals, navigating funding and budgetary considerations, and addressing the availability and level of overall skills and experience all can indeed be challenging. Multiple IDC studies indicate the top challenge to adopting SOA to be finding and acquiring skills for SOA. And according to our most recent poll, the next most noted challenge is in setting up an SOA governance structure. This finding in part reflects a maturing of overall SOA market adoption trends and aspirations to build out more enterprise-scale initiatives.

SOA embodies a business architecture as well as impacts many facets of application, information, and infrastructure systems. It also traverses silos of computing domains, raising to the forefront the need to coordinate overarching concerns.

Multiple IDC studies concur that the most critical factors for successful SOA initiatives are less related to technology and more related to the ability of people to adapt to and embrace all the needed concepts and procedures.

©2008 IDC #214146 5

When Web services first gained popularity, there was great anxiety regarding security issues; however, since then, the IT industry has been hard at work addressing these concerns, and security is now much less of an issue if proper measures are taken. The scalability of SOA infrastructure and overall architectural constructs is another issue that vendors continue to address with advances in product performance and further educating clients on best practices in assembling more complex processing patterns.

Most enterprises that have embarked on SOA do find significant value and continue to increase their overall SOA efforts. Maintaining proper expectations is crucial, however. Nearly half of the respondents to a recent IDC study expect a return on their investments to take over a year or more. Thus, it is imperative to always maintain a longer-term perspective. Reaching goals of reuse and sharing of system elements takes time, as does attaining experience in designing services and interfaces effectively. Most important, a robust understanding of the business should be infused into the overall architecture and services deployed. Without such alignment, it becomes hard to measure what SOA has contributed and strategize on where and how to best leverage it in the future.

S O A S U C C E S S F A C T O R F R AM E W O R K

As mentioned previously, this research project studied organizations that have successfully deployed SOA. Based on their experience, we summarized into a single framework the most important factors driving their success, along with associated activities and enabling technologies that positively influence these factors.

P u t t i n g t h e F r a m e w o r k i n C o n t e x t

This summary of critical success factors, placed within the context of a framework, is not designed to provide a financial or business model explicitly for measuring value or success, as such efforts should be performed in a more customized manner. Further, this framework is not a maturity model or readiness assessment mechanism, although it is highly complementary to such tools as an aid in strategy and planning.

The framework is meant to highlight those activities found in our study that were particularly important in driving successful SOA initiatives. Thus, while some standard elements of an SOA initiative may be called out, it is not meant to be an exhaustive review of every single element, activity, and supporting technology that could present itself as part of an SOA environment or initiative. There can be multiple facets to an individual element, such as the topic of funding, that could warrant a much more intensive review and synthesis than is designed to be covered in this particular analysis. As well, each element may contribute at a different rate of intensity to the success of an initiative, varying by organization and scenario.

M e t h o d o l o g y

A qualitative-based research study, using semistructured interviews based on an interview guideline, was performed during the first half of 2008. These interviews were specifically designed to identify those factors most critical to the success of the organization's SOA initiative, along with pertinent information on IT organization and business structures, IT environment and solutions, business and technical drivers and challenges, and other vital dimensions. This manner of research allowed for the ability to delve as needed into relevant

6 #214146 ©2008 IDC

subjects in context to the interviewee's organization and experience and not predispose the findings to preconceived factors. This study was designed not to delve deep into technical patterns and issues but to identify and analyze concerns that have a more strategic impact on the success of SOA initiatives.

Study participants were recruited from United States� and Europe-based organizations that have implemented enterprise SOA programs, with representation across various sizes and industries. Industries represented in the study included finance, telecommunications, utilities, retail, and technology. Representatives interviewed were a combination of CIOs, chief architects, and other IT management professionals, typically with enterprisewide responsibility. Experience with SOA programs in these organizations ranged from 2.5 years to over 8 years.

D o m a i n s , S u c c e s s F a c t o r s , a n d A c t i v i t i e s

While there may be countless factors and activities that can contribute to the successful implementation of an enterprise-scale SOA initiative, this framework identifies those "success factors" deemed most relevant to our study subjects (see Tables 1�7 and Table A in Appendix A for the framework itself). These factors are categorized into "domains" for discussion purposes. For each critical success factor, we identify one or more key goals or activities as examples of actionable steps that can be taken.

In the interest of condensing the framework for readability and discussion purposes, we have not specifically called out all relationships. Therefore, a critical success factor may impact multiple domains, and a specific activity may contribute to multiple success factors. Specific conditions may also exist that influence an individual enterprise's approach to and effectiveness in addressing certain activities. Such dimensions as organizational dynamics or level of skilled resources are thus among many dimensions to be further considered.

E n a b l i n g T e c h n o l o g i e s a n d S e r v i c e s

Most reference architectures for SOA span almost every dimension of infrastructure and enabling technology, as SOA indeed affects a full computing environment, not one particular solution or toolset. IDC tracks a variety of capabilities and supporting technologies for an SOA environment. These include facets of service mediation, monitoring, policy and operational management, identity and security, registries and repositories, development and composition tools, life-cycle management, quality and testing tools, orchestration and business process automation, data services technologies, and more.

Interviews with key representatives driving their organizations' SOA programs typically highlight where certain matters should have been addressed sooner or where too much attention was paid too early, often to particular dimensions of technology, when addressing other activities may have been much more helpful. It is important to note that some of the organizations studied that have successfully adopted and advanced their enterprise SOA programs began their initiatives years ago. In some of these cases, certain technologies may not have been available or as advanced as they are now, having some influence on specific tactics taken. On the other hand, these organizations may have already implemented and addressed a good portion of technology-related issues while building out their core SOA infrastructure and thus might not raise these as concerns at this particular point in time. Therefore, this framework does not delve deep into technology requirements for an SOA; however, it does highlight where technologies enable particular success factors for the overall SOA initiative.

This framework does not delve deep into technology requirements for an SOA; however, it does highlight where technologies enable particular success factors for the overall SOA initiative.

©2008 IDC #214146 7

L A R G E S T I M P A C T S O N S O A S U C C E S S : F R A M E W O R K H I G H L I G H T S

While there are a variety of ways to organize the critical success factors, activities, and supporting technologies identified in this research that support these endeavors, we have aggregated these elements within the following domains:

# Business alignment

# Organizational change management

# Communications

# Trust

# Architecture

# Scale and sustainability

# Governance

Each of these domains, and many of the associated critical success factors and activities, impact one another, stressing the importance of planning for and addressing all of these concerns in a synergistic fashion. For example, a strong governance program takes into consideration effective communications and helps ensure that the overall initiative is scalable and sustainable by developing strong guidelines, processes, and procedures. Also, by enforcing certain governance practices, organizations can more readily establish and maintain an environment of trust.

Reinforcing this notion of synergy, aligning business goals with every step taken is another cross-dimensional attribute. In turn, some organizations are applying SOA techniques to advance how they bring products and services to market with more configurable and streamlined definitions and boundaries. These efforts all require effective organizational change management disciplines and communication practices to gain proper support, input, and follow-through.

The following sections present each domain, highlighting an example or two of critical success factors, supporting activities, and technology enablers found to contribute highly in driving success in those specific domains. These and other factors are then summarized into associated tables for each domain and when aggregated compose the framework as a whole.

B u s i n e s s A l i g n m e n t

Those individuals shepherding their organizations' SOA ventures do recognize that these are truly business endeavors; however, most reported that SOA still is most often perceived by others in their organizations as a technical initiative, especially at the onset. Even so, these key influencers understand that overall SOA success requires better business alignment, shared consensus, and deeper levels of participation and as such are particularly focused on driving those dynamics.

The most pertinent aspects of establishing a successful SOA initiative involve strong business and IT leadership and management disciplines.

8 #214146 ©2008 IDC

Most of our research subjects identified business support and involvement to be a critical success factor. Some IT teams that embark on SOA just keep the whole thing as an undercover operation and do not believe that trying to sell and make the business aware of SOA is important, as long as they are implementing it behind the scenes. IDC has discovered, however, that the more educated and involved business stakeholders are early on in the process � whether in determining what services are needed, defining and outlining business processes, or agreeing to specific ownership and funding models � the more aligned the outcomes are, and the greater the perceived success of the overall SOA initiative. Additionally, with greater business support come greater levels of cooperation and synergy.

Securing executive management support is a given for any key cross-enterprise initiative. Showcasing and publicizing senior management involvement and commitment, and communicating background for the significant decisions and actions being undertaken, is important. But it is also imperative that this support expands beyond words. This may include addressing complex issues, such as aligning incentives, addressing funding models, helping secure resources, and other such variables.

Almost as critical as aligning funding is selecting the right individuals with proper insight as well as influence in their respective divisions to become involved. These participants need to be able to step beyond their own individual perspectives and grasp the dynamic nature of SOA and its impact on the enterprise as a whole. Some organizations find that if those impassioned individuals driving the SOA initiative leave the organization, then progress is frequently stifled and often for a significant period of time. It is critical to retain and support these leaders as well as quickly drive broader interest and experience.

Table 1 highlights some of the key success factors, activities, and enabling technologies that can positively influence attaining business alignment for SOA initiatives.

T A B L E 1

K e y S O A P r o g r am S u c c e s s F a c t o r s : B U S I N E S S A L I G N M E N T

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Focus on enterprise business goals and strategies

Perform regular business analysis reviews and identify which business processes and elements to address

Outline "as is" and "to be" service and business process capability models

Portfolio analysis tools Provide traceability to the business model

Define processes and services in business terms and at the appropriate level(s) of detail

Provide a coherent taxonomy of business services and processes

SOA registry/repository, architecture tools

Create and reinforce a common vocabulary between IT and business; improve businesses' understanding of SOA concepts

Adopt services incrementally while building toward strategic road map

Target common information-centric services first

Data services technologies

Ensure continued relevance, utilization, and reuse of what is designed and maintained

©2008 IDC #214146 9

T A B L E 1

K e y S O A P r o g r am S u c c e s s F a c t o r s : B U S I N E S S A L I G N M E N T

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Business support and involvement

Showcase executive management sponsorship, support, and involvement (and for some organizations, mandate)

Align SOA activities with business goals

Reinforce cooperation and overall buy-in; drive urgency for change

Involve key business stakeholders in the analysis and design process

Have IT and business stakeholders meet regularly

Modeling, project mgt Improve probability business objectives are met

Identify SOA business champion(s)

Involve those individuals with influence and a keen understanding of the business

Capture critical insight into business parameters

Value measurement Develop methods to measure return on investment and effort in relation to business goals

Set proper short- and long-term business expectations

SOA monitoring and mgt, business intelligence

Obtain/provide clarity about outcomes; ensure focus on priorities

Highlight what each individual can gain and expect to change

Better manage expectations

Showcase early and ongoing benefits

SOA mgt Strengthen commitment and buy-in

Align funding model Obtain enterprise funding where possible; able to proactively fund shared program and technologies

Implement metrics on services usage and value

SOA monitoring and mgt

Drive adoption, activity, and cooperation; allocate costs appropriately

Source: IDC, 2008

O r g a n i z a t i o n a l C h a n g e M a n a g e m e n t

Key to the success of any SOA initiative is addressing human and organizational factors, including the culture and the methods of how the organization operates. It is typical human behavior to resist change and rely upon known and established practices, especially when job responsibilities, business performance metrics and incentives, and information or process ownership may be at stake.

Among some of the most critical success factors for addressing organizational change in an SOA initiative is that of empowering individuals with the skills and education necessary to participate and make the most of the overall program and environment. Beyond working with specific techniques and technologies, this can also include advancing the abilities of IT staff to look beyond technical parameters and embrace much-needed business-oriented service

10 #214146 ©2008 IDC

perspectives. Some organizations may find they need to adjust certain roles and department structures, driving skills alignment and potential for growth and advancement. Business users may also need special education, more specifically around the business case, benefits, and challenges of this approach and methods to capture process and service requirements.

According to our interviews of successful organizations, many develop a core group of SOA architects and experts who, at early stages, work directly with the various business analyst, development, quality, and operational teams, mentoring and ensuring that projects adhere to proper policies and architectural tenets. Once these teams have had some experience, they are better prepared to address subsequent projects independently. This type of personalized attention also promotes a tremendous amount of goodwill and understanding between enterprise architects and the development teams. All gain tremendous insights into what works well given specific conditions, reinforcing the development and propagation of best practices.

When possible, successful organizations automate best practices so they can apply resources to higher-value tasks. Best practices may be automated in a number of ways; for example, autocoding compliant Web services, integrating repository solutions with development tooling, or ensuring services have tests associated with them before advancing to the next development stages via policies within service life-cycle management software. Policy management software can further define and help validate that standards such as WS-I compliance or naming standards are adhered to automatically, saving significant effort and cost downstream.

Table 2 highlights some of the key success factors, activities, and enabling technologies that can positively influence organizational change management endeavors for SOA initiatives.

T A B L E 2

K e y S O A P r o g r am S u c c e s s F a c t o r s : O R G A N I Z A T I O N A L C H A N G E M A N A G E M E N T

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Resource alignment Build and sustain a culture that embodies an enterprisewide view

Adapt traditional IT and business organization structures and models to embody services approach

Provides clear message of commitment to SOA; drives greater business alignment

Recruit and retain key personnel or "champion" spearheading adoption

Train, coach, manage, execute, and enforce best practices

Recognition/incentive program

Showcase and recognize popular services, value gained, contribution, and measurement

Expose metrics on service usage; use recognition program for "carrot" approach

SOA monitoring Drive increased participation; recognize and reinforce best practices; increase morale at a time of change

©2008 IDC #214146 11

T A B L E 2

K e y S O A P r o g r am S u c c e s s F a c t o r s : O R G A N I Z A T I O N A L C H A N G E M A N A G E M E N T

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Skills and education Create and evolve education program; provide tools and training for both IT and business stakeholders

Training � at different levels and stages of evolution of SOA program and adoption maturity; key stakeholders, internal and external, must be identified

Nurture understanding of the nuances of SOA

Propagate understanding and best practices

Invite interested parties to lunch and learn

Have enterprise arch work side by side with distributed biz, dev, and app arch on projects as needed

Provide advice and empower individuals with knowledge to properly drive SOA forward

Automate best practices where possible

SOA policy mgt, SOA life-cycle mgt, SOA contract mgt

Ease adoption and reinforce consistency and quality

Source: IDC, 2008

C o m m u n i c a t i o n s

Strong communications and driving common understanding between parties certainly improve most any activity or initiative. This is especially true when an organization is changing procedures and addressing activities that cross organizational boundaries. SOA initiatives inherently fit those criteria. While SOA promotes the concept of loose coupling and services created to be independent of any specific implementation, in reality, by combining services, a host of logical dependencies occur. The ability for a consuming party to rely on a service requires utmost trust that the service will be delivered as promised. Building up that level of trust is key to eliciting greater participation. Enhanced levels of transparency, access, and communications about services and related business and system aspects can help pave the way.

One of the most critical success factors in driving strong communications across the SOA community is establishing an infrastructure to gather and expose all the pertinent information and assets to be shared, providing the right level of visibility and discoverability into available services, with definitions, policies, and conditions of service delivery and engagement. Information into the history and quality of a service's performance, understanding who is responsible for the service, receiving alerts when there are anticipated changes and revisions to a service, and more help build greater confidence in the shared service model overall. There are a series of products that support service visibility, consumption, and description. The most common technologies involved are SOA registries and repositories, portals, wikis, and other collaboration and knowledge management tools.

12 #214146 ©2008 IDC

Table 3 highlights some of the key success factors, activities, and enabling technologies that can positively influence an effective communications strategy to support SOA initiatives.

T A B L E 3

K e y S O A P r o g r am S u c c e s s F a c t o r s : C O M M U N I C A T I O N S

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Advocacy Set up live group and personalized 1:1 meetings to educate and promote SOA program

Articulate meaning of SOA and its benefits in a simple and concise manner

Improve clarity

Socialize concepts and procedures before formalizing � avoid "mandate" unless required

Meet separately with key and influential personnel at early stages of campaign

Glean greater acceptance and participation

Awareness Create and maintain a central knowledge base "portal" to aggregate and disseminate information and help coordinate activities for the overall program, with documentation, status, metrics, and services information

Develop views (i.e., dashboards and reports) for specific roles and interests

Collaborative and business intelligence software technologies, portals, search, wikis; SOA repository, SOA life-cycle mgt, SOA monitoring and mgt

Strengthen and expand "network" of service providers and consumers

Ensure stakeholders are well-informed and involved on a continual basis

Invite interested parties to "lunch and learn" sessions

Maintain long-term focus, participation, and knowledge

Visibility and discovery Provide a means for providers and consumers of services to search for and negotiate implementation and use of services

Provide easy access and interactive system to services, documentation, and resources; service catalog management

SOA registry/repository, portal, search

Reinforce service development and reuse

Formalize a mechanism to arrange for service negotiations, SLAs, and approval processes, etc.

Automate activities and information flow between service providers and consumers

SOA policy mgt, SOA contract mgt, SOA mgt

Simplify process to find and negotiate terms of services; drive greater use of service; gain efficiencies/time; define responsibilities and avoid potential conflict

Progress reporting Provide monitoring and feedback on progress of program

Advertise and evangelize results

Groupware, project mgt

Improve and reinforce SOA disciplines

Obtain regular feedback from key stakeholders on needs and experiences

Source: IDC, 2008

©2008 IDC #214146 13

T r u s t

Creating an atmosphere of trust is crucial to nurturing any type of shared and collaborative environment. Organizations and individual service providers must ensure those leveraging services are authorized to do so and under approved circumstances. However, once these basics are addressed, it really all boils down to overall quality of service to build acceptance and to encourage service users to engage and depend on services provided by others.

In a traditional development paradigm, trust is not nearly as important, as individuals and teams actively try to contain as much of the solution as possible � and relying on external sources is typically seen as a risk factor. Conversely, with SOA, reusing existing services is encouraged and seen as an enabler for increased standardization and improved time-to-market performance.

In any environment, addressing and validating technical functionality, availability, and performance remain critical. For SOA, upholding policies; accommodating the complexities of multistep, long-running processes; and navigating logical dependencies and semantic relationships require added diligence and activities to address. While there are operational tactics to help track and manage some of these dimensions once in production, proactively auditing services and solutions at various stages of development helps organizations mitigate risk, design more effective systems, and garner that very important trust factor. In addition, strong processes for reducing time to resolution of issues encountered in production, operational reporting on actual results, and proactive testing are effective ways to measurably improve quality of service and showcase results, helping build trust and inspiring greater service consumption and reuse.

One quality assurance (QA) professional interviewed in our study highlighted the need to engage QA personnel and activities much earlier in the service development process. These activities include participation in service planning, notification of service development schedules, and visibility into anticipated consumption patterns. This requires that the QA, development, and architecture organizations collaborate in ways they never have before � working together, for example, on establishing QA procedures; defining quality metrics required to move from one life-cycle stage to another; and creating a common understanding about the business impact and risks associated with different services and applications. Many organizations aspire to provide automated service test capabilities to developers to speed up and help build in quality earlier to help them iterate and simulate varied service and business process configurations.

Table 4 highlights some of the key success factors, activities, and enabling technologies that can positively influence building a more trusted environment for SOA initiatives.

14 #214146 ©2008 IDC

T A B L E 4

K e y S O A P r o g r am S u c c e s s F a c t o r s : T R U S T

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Performance, availability, and reliability of services managed to SLAs and contracts

Define and configure contract and SLA variables

Provide more granular visibility and service behavior management

SOA monitoring and mgt, SOA policy mgt, SOA contract mgt

Drive greater service use and quality

Document service history and metrics

Portal, SOA repository, SOA mgt

Build trust in services for use/reuse

Security Provide a secure and trusted IT environment

Centrally provide and support common/uniform security services enterprisewide

SOA security Protect services from unauthorized access or misuse

Establish an enterprisewide identity management (authentication) strategy

Identity rights mgt software

Enable access to stakeholders; ability to extend services and environment

Quality Verify standards and policies are being implemented

Integrate testing policies and resources early and automatically throughout life cycle

SOA policy mgt, test mgt, service test

Risk mitigation; ensure compliance; reduce defects and subsequent costs due to rework

Prepare to accommodate and validate composite solutions and business processes

Understand and perform dependency analysis and composite testing

Dependency analysis/ SOA repository, functional and performance test mgt, service and business process testing

Reduce potential defects and process bottlenecks

Source: IDC, 2008

A r c h i t e c t u r e

Many individuals get distracted with services-based application architecture techniques versus thinking of the holistic enterprise computing environment. Pursuing SOA implies a focus on overall enterprise concerns and strategies and the needs of multiple applications and stakeholders. The role of EA continues to grow in importance as organizations look to best capitalize on all their investments, create more harmonized views of information and cross-domain processes, and ensure corporatewide fiscal and regulatory compliance.

Businesses have struggled for years with issues of integration, interoperability, and overall complexity in building and maintaining systems. Although concepts and practices of EA persist, most organizations have amassed a cadre of fragmented systems and computing silos, not necessarily adhering to key tenets and standards set forth. Due to many business and economic forces, large enterprises are now buckling under the weight and cost in trying to sustain this situation. The tide is shifting, though, as a result of

©2008 IDC #214146 15

organizations' efforts to standardize and ease how developers and other personnel support common architecture and communication protocols via tooling and infrastructure. There is also such demand to interact and leverage the Internet to its fullest, prompting the design of more formal strategies.

Most organizations are thus looking to find the right balance of structure to create and maintain consistency while still allowing for agility, and they have found this balance through the use of SOA. Many of our SOA success study participants advised against getting hung up on industry debates and stalling movement while waiting for all standards to be fleshed out. It is, however, critical to determine which enterprise and industry-specific standards an organization should uniformly follow at any given point of time and evolve these as necessary. Because the future is difficult to predict, and because standard interfaces are typically longer-lived than proprietary interfaces, many of our study organizations are adopting open standards when possible. This reduces the chance of vendor lock-in as new products are introduced and new technology approaches are devised.

Providing guidance and support by developing a well-designed and tested reference architecture and corporate practices for applying SOA constructs for solutions is critical. Per one organization interviewed, developing a standard approach imparts tremendous consistency and leverage and eliminates up-front consternation on how to proceed with any given project. Sometimes, by instituting an enterprise reference architecture across the organization, the centralized architecture team may also take on a stewardship role for common infrastructure and services.

Table 5 highlights some of the key success factors, activities, and enabling technologies that can positively influence a strong architecture for SOA initiatives.

T A B L E 5

K e y S O A P r o g r am S u c c e s s F a c t o r s : A R C H I T E C T U R E

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Institutionalize enterprise SOA reference architecture

Define SOA architecture principles and IT technology standards

Develop architecture program prior to procuring and implementing infrastructure and supporting technologies

Architecture modeling and analysis tools

Avoid vendor dependencies, mitigate risks, allow necessary distributed and federated flexibilities to drive participation while maintaining compatibility

Update existing IT processes and standards considering SOA

Prototype physical reference architecture, standard interfaces and schemas, processing patterns; adjust as needed

Undertake strong proof of concept to prove out architecture and technologies

All SOA-related infrastructure and technologies

Show successful application of architecture and technologies to enhance buy-in

16 #214146 ©2008 IDC

T A B L E 5

K e y S O A P r o g r am S u c c e s s F a c t o r s : A R C H I T E C T U R E

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Disseminate knowledge via definitions, documentation, and guidance

Ensure understanding and adoption by decentralized resources and teams with personalized assistance from EA experts

Drive consistency and compliance

Standards Determine and document enterprise standards and protocols

Aspire to adopt more open standards�based frameworks and technologies and prepare to accommodate alternative scenarios as needed

SOA policy mgt Promote greater consistency, interoperability, management, and future portability

Autoconfigure code during development and institute quality control measures

Integrated SOA life-cycle mgt, SOA policy mgt, and service test mgt

Simplify and ensure compliance of key standards

Focus on support of standards and governance rather than mandate explicit technologies

Allow distributed teams some flexibility as long as tested to be compatible

Implement cross-enterprise services mgt discipline

Apply consistent, centralized oversight throughout environment

Provide and support common uniform monitoring, measurement, and management services enterprisewide

Scalable, performant, nonintrusive technology

Avoid rogue services; ease burden on distributed development teams; reinforce consistency, security, and quality

Source: IDC, 2008

S c a l e a n d S u s t a i n a b i l i t y

It is critical to ensure that whatever systems are implemented can be sustained over time and that they be able to interface with other types and generations of technology. Ideally, an enterprise should create a strong foundation that can accommodate not only current but also future demands. Many organizations that launch SOA programs find they reach a critical juncture when a greater volume of services, varied usage models, and more complex solutions emerge. More automation and control from an overall program point of view is then needed. However, some organizations experience significant problems when even an individual service experiences unexpected activity and demand, stressing application processes and underlying infrastructure.

©2008 IDC #214146 17

It is critical to prepare for larger-scale deployments from the very beginning along multiple dimensions � from an underlying technology perspective; from a service, process, and solution design perspective; and from an overall SOA environment and governance perspective. Developing a full systems architecture and infrastructure strategy that can accommodate distributed and federated workloads and newer technical capabilities such as virtualization is essential. Properly estimating and addressing the impact that SOA may levy on each component of the environment, whether servers or data sources, authentication and encryption patterns, or session management and caching strategies, should be part of overall procedures. To point, one enterprise in our SOA success study indicated that it could not have supported the level of activity demanded by its large customer base if it weren't for supporting its services and infrastructure with virtualization software. This tactic not only helped keep up with peak demands but also added another layer of security into the mix.

Another key point is that many organizations starting out with SOA do not implement the technology or procedures for governance in a scalable fashion and then midstream need to add particular automated capabilities for service life-cycle, policy, and operational management. In hindsight, most enterprises admit that it took some time to discover this issue and strongly advise others to not fall into that same pattern and to plan for the extended and growing network of participants in the SOA environment, both human and technology based.

Table 6 highlights some of the key success factors, activities, and enabling technologies that can positively influence the ability to scale and sustain strong SOA initiatives.

T A B L E 6

K e y S O A P r o g r am S u c c e s s F a c t o r s : S C A LE A N D S U S T A I N A B I L I T Y

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

SOA program scalability

Plan for long-term and enterprisewide SOA; however, develop program to support incremental adoption and implementation

Centralize EA but disseminate knowledge for implementation; prepare for federated/distributed participation

SOA life-cycle mgt; SOA policy mgt, SOA contract mgt

Plan for unknown and variable conditions; build in proper flexibility for long-term success

Develop strategic service portfolio

SOA registry/ repository, portfolio mgt

Improve alignment with business and IT priorities

Technical scalability Ensure selection/use of robust infrastructure capable of handling more intense and distributed demand

Capacity management

SOA mgt, virtualization technologies, XML optimization, performance mgt; data caching tools

Ensure environment able to support exponential growth and multiple message and interaction types (asynch and synch)

18 #214146 ©2008 IDC

T A B L E 6

K e y S O A P r o g r am S u c c e s s F a c t o r s : S C A LE A N D S U S T A I N A B I L I T Y

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Ensure infrastructure and processing patterns can accommodate federated and distributed processing models

SOA mgt, ESB, SOA policy mgt

Service granularity Services and processes are to be defined in business language and at the appropriate detail

Start with more atomic and independent services and evolve when prepared to accommodate composite services, processes, and logical dependencies

SOA repository, portfolio mgt

Improve flexibility and auditability

Source: IDC, 2008

G o v e r n a n c e

SOA governance goes well beyond providing guidance on how to build compliant services. It should ensure that the integrity of the overall architecture and supporting IT environment is upheld to technical and business directives. This covers many activities, from instituting a reference architecture, to structuring policies and procedures, to establishing roles and responsibilities, and more. Service portfolios, priorities, and relationships should be charted, with mechanisms to uniformly classify and manage services and associated artifacts throughout their life cycle.

There are many tools and automated techniques that can facilitate governance � in particular, the use of service registries and repositories; life-cycle automation; and contract, policy, and service management engines. These technologies can help organizations manage pertinent metadata, such as that used for the discovery, consumption, and operations of services. At the onset of many SOA-based initiatives, organizations frequently put into place development practices and policies and work to influence individuals into following specific standards. However, as the program expands, unless there is more automation and integration throughout to ensure adherence and thoroughness, some organizations find themselves creating redundant and noncompliant services, or expending too many resources manually checking service compliance, and thus reducing overall value of the initiative.

One of the tactics of successful adopters is integrating specific SOA governance procedures early on into existing IT governance processes, thus helping ease the transition and work toward introducing additional steps over time as they evolve.

©2008 IDC #214146 19

One enterprise in our study required information regarding services provisioning and consumption be submitted in order to requisition the necessary infrastructure and hardware for any given project. Thus, a procedure that was already in place took on additional dimensions to accommodate and reinforce the use of services. Another firm worked to automate the development of standard Web services code to proactively ensure compliance and ease the burden on those new to developing services.

What is certain is that nearly all those interviewed in our study reported that if they could do one thing differently, they would have started a stronger and more automated SOA governance program earlier. A few participants highlighted that time spent debating and evaluating SOA technologies could have been much better used in defining standards, policies, and best practices, and then subsequently ensuring that any infrastructure selected would accommodate these concerns. Reinforcing this point, one organization remarked, "As soon as we had a single service that we cared about, we should have deployed automated governance with basic policy and contract management. This would have clarified the relationship between the service provider and service user and prevented multiple escalations."

Table 7 highlights some of the key success factors, activities, and enabling technologies that can positively influence building out a solid governance program to support an enterprise SOA initiative.

T A B L E 7

K e y S O A P r o g r am S u c c e s s F a c t o r s : G O V E R N A N C E

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Develop strong SOA governance program at early stages of initiative

Create consistency from day 1 with proper services design, development, implementation, and life-cycle management policies

Prepare for advancements in service volume and complexity

SOA registry/ repository, SOA policy mgt, SOA life-cycle mgt, SOA contract mgt, business intelligence

Reinforce standards and proper procedures; avoid fragmentation of results

Actively engage key stakeholders in helping set direction and solicit input; presell before instituting

Refine practices and reinforce acceptance

Integrate SOA and overall IT governance processes

Inject change into existing procedures versus creating anew; nonintrusive technology approach � try not to disrupt existing procedures and activities � integrate in as much as possible

Improve acceptance and ease cooperation; avoid roadblocks that could compromise ongoing projects

20 #214146 ©2008 IDC

T A B L E 7

K e y S O A P r o g r am S u c c e s s F a c t o r s : G O V E R N A N C E

Critical Success Factor

Key Practice

Supporting Activity

Supporting Technology

Impact/ Benefit

Development practices and policies

Focus on architecture, standardization, and protocols; nonintrusive technology approach � try not to disrupt existing procedures and activities � integrate in as much as possible

Simplify and categorize project types, submission and approval considerations

Development tools, project mgt, SOA life-cycle mgt

Automate adherence to protocols via development and other technologies

SOA policy mgt, development tools, ESB, and other SOA infrastructure

Design policies Create and adhere to standards and naming conventions

Services catalog, SOA registry/repository (integrated with) SOA life-cycle mgt, SOA portfolio mgt, SOA policy mgt

Promote consistency and service quality

Define and assign key roles and responsibilities

Identify and distribute ownership and responsibility to business and IT stakeholders

Consider ownership and responsibilities for enterprise and domain-centric services, processes, and information/data

SOA registry/ repository, SOA life-cycle mgt

Drive distributed ownership and accountability

Develop an accountability framework

Resource alignment and clarity of expectations signal commitment of senior mgt

Develop and engage proper individuals in an SOA "Center of Excellence" (COE) program

Drive best practices and expertise

Establish review committee(s) for ongoing decisions and management of priorities, approvals, and changes

Priorities and approvals set based on business goals and policies; put into place resolution procedures

SOA life-cycle mgt Avoid conflicts and drive efficiencies

SOA and service life-cycle mgt

Involve all stakeholders in the life cycle in an integrated fashion

Provide workflow-based system

SOA life-cycle mgt, BPM

Improve consistency and compliance

Define processes to address change mgt and versioning of services

Automate service change management practices; support dependency analysis

SOA life-cycle mgt, ALM, config mgt, SOA repository

Maintain compliance and properly manage any dependencies

Runtime practices and policies

Nonintrusive technology approach � integrate into existing procedures and activities as much as possible

Provide automated operational infrastructure integrated with common policy implementation and management tools

SOA mgt, SOA policy mgt, ESB, and/or other policy enforcement mechanisms

Provide more consistent and comprehensive processing across the environment

Source: IDC, 2008

©2008 IDC #214146 21

S O A: L E AR N I N G F R O M E X P E R I E N C E

W h e r e t o B e g i n a n d H o w t o B r o a d e n t h e S O A F o o t p r i n t

Those not yet adopting SOA often highlight challenges in effectively identifying business cases and prioritizing the pursuit of an SOA initiative vis-à-vis other activities. Most individuals in our study pointed out that SOA is more often than not considered an IT agenda by others and that it truly needs to be embraced by the business. They also indicated that often to jump-start an enterprise initiative, zeroing in on specific business projects to prove out the approach and show value is critical.

Regarding starting an SOA initiative, our study participants offered some of the lessons they have learned, including:

! Target a specific pain point that can impact more than one application or business unit

! Engage strong individuals with influence and political finesse to drive the initiative

! Communicate and educate on all fronts

S e r v i c e s a n d M o r e S e r v i c e s

Many organizations start their SOA efforts by creating infrastructure or technology services, such as security, monitoring, and auditing functions. These types of services help free up business application programmers to address more added-value activities and also drive consistency to enterprise protocols and create an environment that is much more efficient when changes occur. As a side value, it helps reinforce more reuse of services in general by supporting a more secure and governed environment. Other common targets for services are common information views, reinforcing consistency and simplifying the overall environment. Creating a foundation of data services such as this can thus provide a huge benefit.

Regardless of type and variety of services, the need to manage them from concept to implementation and then through to retirement is important. Based on our studies, organizations that put off using some form of service registry and/or repository often indicated they wish they had done so from the onset. By tracking services, they can best promote and utilize services and ensure that policies and technical relationships are established and maintained in a more automated fashion.

Other key points identified in this study include:

! Organizations often find that once their SOA initiatives start to ramp up, many services created are found to be noncompliant with established standards and protocols. Merely expecting adherence to policy and implementing manual efforts to monitor services are not enough. Design and governance policies should be established as early as possible and implemented in an automated fashion through tools and infrastructure.

! Security and consumer authentication is a critical point to include in the message header for services. While some organizations didn't opt to make this an initial requirement, they have found this to be an important dimension that requires rework.

22 #214146 ©2008 IDC

B e n e f i t s C r e a t e d f r o m S O A I n i t i a t i v e s

According to the interviewees for this particular SOA success study and other IDC primary research, enterprises are finding good value from their SOA efforts. A recent survey of individuals involved in or planning SOA implementations indicated that more organizations are satisfied than dissatisfied with their initiatives. However, taking a realistic view of how long it will take to ramp up and reap benefits is critical and certainly can help toward setting proper expectations. A majority of respondents to that same survey anticipate a return on their investments in 13�24 months, and nearly a third expect returns sooner. Yet, value is often gleaned immediately and in multiple ways.

Some of the major benefits highlighted during IDC's interviews for this SOA success factor study include:

! Faster time to market with solutions

! Agility to address changing business requirements

! Ability to roll out new types of capabilities, products and services, and business channels, especially leveraging the dynamic and global nature of Web-based, dynamic, and real-time systems

! Better customer and partner relations and ease of doing business

! Cost savings due to reduced efforts, number of systems, and infrastructure

! Promoting consistency in information and experience

W o r d s o f A d v i c e

In collecting words of advice from our study participants, we noted the following takeaways:

! Define and enforce policies and protocols as early as possible. Lay a foundation with more automated techniques such as services repositories, policy management engines, and services management and monitoring.

! Presell and lobby proposed policies. Gaining key individuals' buy-in early through such efforts makes for smoother acceptance and transition.

! Training is critical. As stated by one of our study participants, "The training aspect is easily looked past, and if you don't have people who understand basic concepts and terms, and the difference between a traditional application and a group of services, you're not going to build an SOA."

! Put more effort into business modeling. Many of these early movers that have seen success with SOA have reached a point where a more holistic assessment of the business needs to take place, which involves mapping out key business structures, assets, and processes in a cohesive and comprehensive form.

! Don't put off governance. It is important to agree on and enforce corporate and IT policies and standards to avoid rework and fragmentation.

©2008 IDC #214146 23

! Apply techniques for performance optimization and validation. Many discovered the need for approaches to address expanding demand and performance requirements.

! Take the time to assess available products. Although it is enticing to move to an incumbent provider for one's SOA technology, some offerings may not be robust or mature enough, or may be more difficult than others to utilize effectively.

! Use less IT speak and more business terminology. This applies everywhere, from naming services to aligning overall SOA program priorities.

! Focus on architecture. According to one chief architect, "Web services does not equal SOA. You have to really focus on architecture � not just the technology and standards. If not, you just may have a better EAI or service integration with better interfaces, but not SOA."

! Don't fixate on specific technology. Many executives in our study noted how easy it is to first focus too much on technology, such as selecting and standardizing on, even mandating use of, a specific product. Most, however, warn others to place their efforts on setting organizational standards and policies and to avoid vendor selection debates. Some large organizations, due to their distributed nature, may need to allow participants the ability to implement their own technology options. Standards and policies set forth must ensure the necessary interoperability, processing, and management of service regardless of any explicit implementation. Then, subsequently, proof of concepts can be designed to test out a specific solution to see if it meets criteria and can scale as needed.

! Prepare for process. More complex service orchestration and process endeavors have been typically addressed by these organizations after setting into place a foundation for SOA. A few study participants pointed out the importance of up-front planning to accommodate this activity within architectural and governance structures.

C H AL L E N G E S A N D O P P O R T U N I T I E S , AN D I M P L I C AT I O N S F O R F U T U R E R E S E AR C H

Although from diverse organizations, most of the individuals interviewed for this particular study were from IT management and enterprise architecture roles. Due to the broad reach and impact of enterprise SOA-based initiatives, and as experience in the marketplace unfolds, collecting insight from the many participants and stakeholders across the enterprise will help further derive finer understanding of best practices and determinants of success. While organizations often make strategic decisions to adopt SOA more broadly, most implement SOA in incremental phases. This does influence patterns of adoption, and thus resulting outcomes. Understanding not only what steps are taken but the order in which they are pursued and how that impacts success is another dimension to examine further. Thus, IDC recognizes the need for continuous research in this dynamically evolving space and to further develop the success factors framework.

24 #214146 ©2008 IDC

Each organization must assess and develop its SOA strategy geared to its own distinct set of structural, behavioral, and business conditions. However, IDC has discovered that some institutions that believe themselves to be so unique often overlook that there are several common goals and challenges across the marketplace at large, and therefore valuable knowledge to be gleaned from others.

Many organizations are looking to take advantage of new, emerging technologies, such as Web 2.0 or cloud computing, and to leverage third-party services and on-demand, software-as-a-service (SaaS) solutions. These all are enabled and optimized by SOA albeit under the guise of different names and complexions. Thus, preparation for this inevitable direction for computing in the years ahead is advised.

IT vendors are, however, at risk of deterring enterprises from deploying SOA by making technology acquisition and implementation options too complex. Vendors should continue to work toward easing the transition to this new architecture by ensuring greater interoperability and support for specific standards and protocols, by designing various options for licenses and engagements that can scale as needed, and by evolving solutions to accommodate SOA-based patterns of computing alongside other design and deployment paradigms. Above all, vendors should continue to expose and educate on specific best practices and ways to become successful in SOA endeavors.

T H E E X P AN D I N G S E R V I C E - O R I E N T E D R E AL M

Understanding that SOA is really a strategy with both business and technical facets is important to always keep in mind. Focusing on organizational goals, processes, structures, and behavioral dynamics is critical. Doing so has effectively set apart those that have successfully introduced SOA and aligned IT with business needs.

Adopting SOA-based techniques does not necessarily require a whole system overhaul � some existing systems can be leveraged and the environment built out incrementally as needed. Those organizations that have already deployed SOA are now placing pressure on others in their industries based on the new capabilities and differentiation they now can exercise through greater automation and faster response and processing time frames. Therefore, it behooves most organizations to examine their overall enterprise architecture strategies and become better aware of all the techniques and options for technologies at their disposal. Also, those that may have evaluated SOA and specific technologies years ago may be surprised to learn about the advancements that have taken place.

One can plan strategically but still move tactically, propagating the creation and utilization of services and SOA practices step by step. However, discipline needs to be brought to the overall environment and community of stakeholders, with oversight and the implementation of a base of foundational governance and infrastructure. Once established, the environment can grow as needed and more effort can be spent on driving business success through the power of this type of flexible computing paradigm.

Services orientation can come in a variety of forms; organizations should be prepared to both capitalize on and mitigate risks for adopting SOA in the large, if not now, then sometime in the very near future.

©2008 IDC #214146 25

A P P E N D I X A

Table A presents the SOA program success factors framework.

This framework is meant to provide highlights of some of the most differentiating factors and activities that contribute to a successful enterprise SOA program. It is not meant to be an extensive list of all activities involved in implementing SOA-based systems, nor is it meant to dive deep into facets of technology or architecture.

These success factors have been organized into overarching domains, and samples are provided of key supporting practices, activities, and technologies found to have a positive impact on these factors. While certain relationships between success factors, activities, technologies, and benefits have been presented, they should not be considered mutually exclusive to those particular associations, as many dimensions impact one another. In addition, some technologies listed in the framework may not explicitly be prefaced with the term "services" or "SOA" in the interest of readability; however, do assume specific SOA and services capabilities exist.

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Business alignment

Focus on enterprise business goals and strategies

Perform regular business analysis reviews and identify which business processes and elements to address

Outline "as is" and "to be" service and business process capability models

Portfolio analysis tools Provide traceability to the business model

Define processes and services in business terms and at the appropriate level(s) of detail

Provide a coherent taxonomy of business services and processes

SOA registry/repository, architecture tools

Create and reinforce a common vocabulary between IT and business; improve businesses' understanding of SOA concepts

Adopt services incrementally while building toward strategic road map

Target common information-centric services first

Data services technologies Ensure continued relevance, utilization, and reuse of what is designed and maintained

Business support and involvement

Showcase executive management sponsorship, support, and involvement (and for some organizations, mandate)

Align SOA activities with business goals

Reinforce cooperation and overall buy-in; drive urgency for change

26 #214146 ©2008 IDC

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Involve key business

stakeholders in the analysis and design process

Have IT and business stakeholders meet regularly

Modeling, project mgt Improve probability business objectives are met

Identify SOA business champion(s)

Involve those individuals with influence and a keen understanding of the business

Capture critical insight into business parameters

Value measurement Develop methods to measure return on investment and effort in relation to business goals

Set proper short- and long-term business expectations

SOA monitoring and mgt, business intelligence

Obtain/provide clarity about outcomes; ensure focus on priorities

Highlight what each individual can gain and expect to change

Better manage expectations

Showcase early and ongoing benefits

SOA mgt Strengthen commitment and buy-in

Align funding model Obtain enterprise funding where possible; able to proactively fund shared program and technologies

Implement metrics on services usage and value

SOA monitoring and mgt Drive adoption, activity, and cooperation; allocate costs appropriately

Organizational change management

Resource alignment Build and sustain a culture that embodies an enterprisewide view

Adapt traditional IT and business organization structures and models to embody services approach

Provides clear message of commitment to SOA; drives greater business alignment

Recruit and retain key personnel or "champion" spearheading adoption

Train, coach, manage, execute, and enforce best practices

Recognition/incentive program

Showcase and recognize popular services, value gained, contribution, and measurement

Expose metrics on service usage; use recognition program for "carrot" approach

SOA monitoring Drive increased participation; recognize and reinforce best practices; increase morale at a time of change

©2008 IDC #214146 27

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Skills and education Create and evolve

education program; provide tools and training for both IT and business stakeholders

Training � at different levels and stages of evolution of SOA program and adoption maturity; key stakeholders, internal and external, must be identified

Nurture understanding of the nuances of SOA

Propagate understanding and best practices

Invite interested parties to lunch and learn

Have enterprise arch work side by side with distributed biz, dev, and app arch on projects as needed

Provide advice and empower individuals with knowledge to properly drive SOA forward

Automate best practices where possible

SOA policy mgt, SOA life-cycle mgt, SOA contract mgt

Ease adoption and reinforce consistency and quality

Communications Advocacy Set up live group and

personalized 1:1 meetings to educate and promote SOA program

Articulate meaning of SOA and its benefits in a simple and concise manner

Improve clarity

Socialize concepts and procedures before formalizing � avoid "mandate" unless required

Meet separately with key and influential personnel at early stages of campaign

Glean greater acceptance and participation

Awareness Create and maintain a central knowledge base "portal" to aggregate and disseminate information and help coordinate activities for the overall program, with documentation, status, metrics, and services information

Develop views (i.e., dashboards and reports) for specific roles and interests

Collaborative and business intelligence software technologies, portals, search, wikis; SOA repository, SOA life-cycle mgt, SOA monitoring and mgt

Strengthen and expand "network" of service providers and consumers

Ensure stakeholders are well-informed and involved on a continual basis

Invite interested parties to "lunch and learn" sessions

Maintain long-term focus, participation, and knowledge

28 #214146 ©2008 IDC

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Visibility and discovery Provide a means for

providers and consumers of services to search for and negotiate implementation and use of services

Provide easy access and interactive system to services, documentation, and resources; service catalog management

SOA registry/repository, portal, search

Reinforce service development and reuse

Formalize a mechanism to arrange for service negotiations, SLAs, and approval processes, etc.

Automate activities and information flow between service providers and consumers

SOA policy mgt, SOA contract mgt, SOA mgt

Simplify process to find and negotiate terms of services; drive greater use of service; gain efficiencies/time; define responsibilities and avoid potential conflict

Progress reporting Provide monitoring and feedback on progress of program

Advertise and evangelize results

Groupware, project mgt Improve and reinforce SOA disciplines

Obtain regular feedback from key stakeholders on needs and experiences

Trust Performance, availability, and

reliability of services managed to SLAs and contracts

Define and configure contract and SLA variables

Provide more granular visibility and service behavior management

SOA monitoring and mgt, SOA policy mgt, SOA contract mgt

Drive greater service use and quality

Document service history and metrics

Portal, SOA repository, SOA mgt

Build trust in services for use/reuse

Security Provide a secure and trusted IT environment

Centrally provide and support common/uniform security services enterprisewide

SOA security Protect services from unauthorized access or misuse

Establish an enterprisewide identity management (authentication) strategy

Identity rights mgt software Enable access to stakeholders; ability to extend services and environment

Quality Verify standards and policies are being implemented

Integrate testing policies and resources early and automatically throughout life cycle

SOA policy mgt, test mgt, service test

Risk mitigation; ensure compliance; reduce defects and subsequent costs due to rework

©2008 IDC #214146 29

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Prepare to accommodate

and validate composite solutions and business processes

Understand and perform dependency analysis and composite testing

Dependency analysis/SOA repository, functional and performance test mgt, service and business process testing

Reduce potential defects and process bottlenecks

Architecture Institutionalize enterprise

SOA reference architecture Define SOA architecture principles and IT technology standards

Develop architecture program prior to procuring and implementing infrastructure and supporting technologies

Architecture modeling and analysis tools

Avoid vendor dependencies, mitigate risks, allow necessary distributed and federated flexibilities to drive participation while maintaining compatibility

Update existing IT processes and standards considering SOA

Prototype physical reference architecture, standard interfaces and schemas, processing patterns; adjust as needed

Undertake strong proof of concept to prove out architecture and technologies

All SOA-related infrastructure and technologies

Show successful application of architecture and technologies to enhance buy-in

Disseminate knowledge via definitions, documentation, and guidance

Ensure understanding and adoption by decentralized resources and teams with personalized assistance from EA experts

Drive consistency and compliance

Standards Determine and document enterprise standards and protocols

Aspire to adopt more open standards�based frameworks and technologies and prepare to accommodate alternative scenarios as needed

SOA policy mgt Promote greater consistency, interoperability, management, and future portability

Autoconfigure code during development and institute quality control measures

Integrated SOA life-cycle mgt, SOA policy mgt, and service test mgt

Simplify and ensure compliance of key standards

30 #214146 ©2008 IDC

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Focus on support of

standards and governance rather than mandate explicit technologies

Allow distributed teams some flexibility as long as tested to be compatible

Implement cross-enterprise services mgt discipline

Apply consistent, centralized oversight throughout environment

Provide and support common uniform monitoring, measurement, and management services enterprisewide

Scalable, performant, nonintrusive technology

Avoid rogue services; ease burden on distributed development teams; reinforce consistency, security, and quality

Scale and sustainability

SOA program scalability Plan for long-term and enterprisewide SOA; however, develop program to support incremental adoption and implementation

Centralize EA but disseminate knowledge for implementation; prepare for federated/distributed participation

SOA life-cycle mgt; SOA policy mgt, SOA contract mgt

Plan for unknown and variable conditions; build in proper flexibility for long-term success

Develop strategic service portfolio

SOA registry/repository, portfolio mgt

Improve alignment with business and IT priorities

Technical scalability Ensure selection/use of robust infrastructure capable of handling more intense and distributed demand

Capacity management

SOA mgt, virtualization technologies, XML optimization, performance mgt; data caching tools

Ensure environment able to support exponential growth and multiple message and interaction types (asynch and synch)

Ensure infrastructure and processing patterns can accommodate federated and distributed processing models

SOA mgt, ESB, SOA policy mgt

Service granularity Services and processes are to be defined in business language and at the appropriate detail

Start with more atomic and independent services and evolve when prepared to accommodate composite services, processes, and logical dependencies

SOA repository, portfolio mgt

Improve flexibility and auditability

©2008 IDC #214146 31

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Governance Develop strong SOA

governance program at early stages of initiative

Create consistency from day 1 with proper services design, development, implementation, and life-cycle management policies

Prepare for advancements in service volume and complexity

SOA registry/repository, SOA policy mgt, SOA life-cycle mgt, SOA contract mgt, business intelligence

Reinforce standards and proper procedures; avoid fragmentation of results

Actively engage key stakeholders in helping set direction and solicit input; presell before instituting

Refine practices and reinforce acceptance

Integrate SOA and overall IT governance processes

Inject change into existing procedures versus creating anew; nonintrusive technology approach � try not to disrupt existing procedures and activities � integrate in as much as possible

Improve acceptance and ease cooperation; avoid roadblocks that could compromise ongoing projects

Development practices and policies

Focus on architecture, standardization, and protocols; nonintrusive technology approach � try not to disrupt existing procedures and activities � integrate in as much as possible

Simplify and categorize project types, submission and approval considerations

Development tools, project mgt, SOA life-cycle mgt

Automate adherence to protocols via development and other technologies

SOA policy mgt, development tools, ESB, and other SOA infrastructure

Design policies Create and adhere to standards and naming conventions

Services catalog, SOA registry/repository (integrated with) SOA life-cycle mgt, SOA portfolio mgt, SOA policy mgt

Promote consistency and service quality

32 #214146 ©2008 IDC

T A B L E A

S O A P r o g r a m S u c c e s s F a c t o r s F r am e w o r k

Key Domain Critical Success Factor Key Practice Supporting Activity Supporting Technology Impact/Benefit Define and assign key roles

and responsibilities Identify and distribute ownership and responsibility to business and IT stakeholders

Consider ownership and responsibilities for enterprise and domain-centric services, processes, and information/data

SOA registry/repository, SOA life-cycle mgt

Drive distributed ownership and accountability

Develop an accountability framework

Resource alignment and clarity of expectations signal commitment of senior mgt

Develop and engage proper individuals in an SOA "Center of Excellence" (COE) program

Drive best practices and expertise

Establish review committee(s) for ongoing decisions and management of priorities, approvals, and changes

Priorities and approvals set based on business goals and policies; put into place resolution procedures

SOA life-cycle mgt Avoid conflicts and drive efficiencies

SOA and service life-cycle mgt

Involve all stakeholders in the life cycle in an integrated fashion

Provide workflow-based system

SOA life-cycle mgt, BPM Improve consistency and compliance

Define processes to address change mgt and versioning of services

Automate service change management practices; support dependency analysis

SOA life-cycle mgt, ALM, config mgt, SOA repository

Maintain compliance and properly manage any dependencies

Runtime practices and policies

Nonintrusive technology approach � integrate into existing procedures and activities as much as possible

Provide automated operational infrastructure integrated with common policy implementation and management tools

SOA mgt, SOA policy mgt, ESB, and/or other policy enforcement mechanisms

Provide more consistent and comprehensive processing across the environment

Notes: This framework is meant to provide highlights of some of the most differentiating factors and activities that contribute to a successful enterprise SOA program. It is not meant to be an extensive list of all activities involved in implementing SOA-based systems, nor is it meant to dive deep into facets of technology or architecture.

While certain relationships between success factors, activities, technologies, and benefits have been presented, they should not be considered mutually exclusive to those particular associations, as many dimensions impact one another.

Some technologies listed in the framework may not explicitly be prefaced with the term "services" or "SOA" in the interest of readability; however, do assume specific SOA and services capabilities exist.

Source: IDC, 2008

©2008 IDC #214146 33

C o p y r i g h t N o t i c e

External Publication of IDC Information and Data � Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason.

Copyright 2008 IDC. Reproduction without written permission is completely forbidden.